feat(ISV-7320): create script for direct index image signing#823
Merged
Conversation
5 tasks
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #823 +/- ##
==========================================
+ Coverage 95.46% 95.52% +0.06%
==========================================
Files 65 66 +1
Lines 6441 6531 +90
==========================================
+ Hits 6149 6239 +90
Misses 292 292
Flags with carried forward coverage won't be shown. Click here to find out more.
Continue to review full report in Codecov by Harness.
🚀 New features to boost your workflow:
|
5 tasks
mmalina
reviewed
Jun 24, 2026
mmalina
reviewed
Jun 24, 2026
mmalina
reviewed
Jun 24, 2026
Adds direct_sign_index_image.py for signing FBC index images via the container-signing pipeline, handling the logic from start to finish: ConfigMap reading, reference translation, Pyxis signature filtering, batching, and InternalRequest submission. Therefore, it's meant to be called as a standalone single command from a new managed Tekton task direct-sign-index-image with no other steps needed in bash. Imports shared utilities from rh_direct_sign_image.py for signing item model, Pyxis lookups, batching, and request submission. - Two functions specific to direct-sign-index-image: translate_reference, collect_fbc_signing_items - main() orchestrates args, ConfigMap, collection, filtering, batching, and submission via get_submit_config/submit_batches - Full unit test suite (25 tests) Assisted-by: Claude Opus 4.6 Signed-off-by: Jakub Durkac <jdurkac@redhat.com>
happybhati
approved these changes
Jun 24, 2026
johnbieren
approved these changes
Jun 25, 2026
twaugh
approved these changes
Jun 25, 2026
Contributor
Production Approval Record
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
REFERENCE:
Here's a proposed new implementation of direct-sign-index-image tekton task this python util is intended to be used in: konflux-ci/release-service-catalog#2315
CHANGES:
Adds direct_sign_index_image.py for signing FBC index images via the
container-signing pipeline, handling the logic from start to finish:
ConfigMap reading, reference translation, Pyxis signature filtering,
batching, and InternalRequest submission. Therefore, it's meant to
be called as a standalone single command from a new managed Tekton
task direct-sign-index-image with no other steps needed in bash.
Imports shared utilities from rh_direct_sign_image.py for signing
item model, Pyxis lookups, batching, and request submission.
translate_reference, collect_fbc_signing_items
batching, and submission via get_submit_config/submit_batches
Assisted-by: Claude Opus 4.6
Signed-off-by: Jakub Durkac jdurkac@redhat.com