feat: support Developer Portal ConsoleCLIDownload URLs#76
Conversation
Verification Report for SECURESIGN-4910 (commit cf83ae4)
Overall: WARNCommit traceability references the parent operator task SECURESIGN-2158 rather than the companion task SECURESIGN-4910, which was created after the PR. This is an acceptable deviation given the retroactive task creation — the Jira link between the two tasks provides bidirectional traceability. This comment was AI-generated by sdlc-workflow/verify-pr v0.8.2. |
Adversarial Council ReviewAn independent 4-agent review council was run against this PR. Findings below, ranked by priority. Confirmed Bugs
Must Fix (before merge)
Should Fix
Verification Report CorrectionsThe automated verification report posted earlier has three inaccuracies:
Backward CompatibilityThe "fully backward-compatible" claim holds for all realistic deployment scenarios (CRs have either old-format or new-format links, never both). However, the URL matching predicate was broadened from Nice to Have
This comment was generated by an adversarial review council (4 independent agents: correctness, backward compatibility, report audit, architecture). |
Council Verification — Fix Commit ReviewA follow-up council (3 agents: fix verification, goal alignment, regression risk) reviewed the fix commit Fix Status
Regression Risk: NO_RISK
Goal Alignment: ALIGNED
Remaining ItemThe Windows This comment was generated by a council verification review (3 agents: fix verification, goal alignment, regression risk assessment). |
Update the openshift strategy to handle ConsoleCLIDownload links pointing to the Red Hat Developer Portal content gateway (.tar.gz archives) in addition to the existing cli-server format (.gz files). The URL matching in cliDownloads.go now supports both /clients/<os>/ (old) and _<os>_<arch> (new) patterns. The download logic branches on URL suffix: .tar.gz uses archive extraction with binary name resolution, .gz uses the existing gunzip path. This is fully backward-compatible with older operator versions. Implements SECURESIGN-2158 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> Signed-off-by: Sachin Sampras M <sampras343@gmail.com>
- Extract cgwNameOverride, ContentGatewayName, and FindBinary to shared pkg/support/cgw.go to eliminate DRY violation between cgw and openshift strategies - Return descriptive error from ConsoleCLIDownload when no link matches the running OS/arch instead of returning empty string with nil error - Add delimiter guards to matchArch (use _<arch>. and -<arch>. patterns) for consistency with matchOS - Use url.Parse before .tar.gz suffix check to handle URLs with query parameters - Add TestStrategyErrorNoMatchingLink test covering the empty-link scenario Implements SECURESIGN-2158 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> Signed-off-by: Sachin Sampras M <sampras343@gmail.com>
Update test URLs from /cgw/RHTAS/1.4.0/ to /RHTAS/1.4.1/ to match the updated content gateway URL pattern where the /cgw/ segment was removed. Implements SECURESIGN-2158 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> Signed-off-by: Sachin Sampras M <sampras343@gmail.com>
c38ecd8 to
dc1d986
Compare
|
/agentic_review |
Code Review by Qodo
Context used 1.
|
- Fix tar path traversal: validate header.Name in UntarArchive to reject entries with ".." segments or absolute paths - Fix panic on download failure: replace panic(err) with pw.CloseWithError(err) in DownloadAndUnzip and DownloadAndUntarArchive goroutines so errors propagate cleanly instead of crashing - Add retry with exponential backoff (5 attempts) to Download for transient network failures Implements SECURESIGN-2158 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> Signed-off-by: Sachin Sampras M <sampras343@gmail.com>
The CI was creating the v1alpha1 SecureSign CR immediately after operator deployment, without waiting for the conversion webhook pod to be ready. This caused intermittent "connection refused" failures. Add a dry-run retry loop (matching the pattern used in the secure-sign-operator CI) to wait up to 5 minutes for the webhook. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> Signed-off-by: Sachin Sampras M <sampras343@gmail.com>
Summary
cliDownloads.goURL matching to support both old cli-server (/clients/<os>/) and new Developer Portal (_<os>_<arch>) URL formats.tar.gzarchive handling to the openshift strategy with binary name resolution (includingcgwNameOverrideforgitsign→gitsign_cli).gzURLs continue to work via the existingDownloadFromLinkpathCompanion to securesign/secure-sign-operator#1988 which moves ConsoleCLIDownload management from the operator controller to static OLM manifests pointing to the Red Hat Developer Portal.
Implements SECURESIGN-2158
Backward compatibility
https://<cli-server>/clients/linux/cosign-amd64.gz/linux/, downloads viaDownloadFromLink(plain .gz) — unchangedhttps://developers.redhat.com/.../cosign_linux_amd64.tar.gz_linux_, downloads viadownloadTarGz(tar.gz extraction) — new pathTest plan
TestStrategyCliServer— old cli-server format still worksTestStrategyContentGateway— new content gateway format worksTestStrategyContentGatewayNameOverride— gitsign → gitsign_cli name mapping worksTestStrategyError— nonexistent CR returns errorgo test ./pkg/...pass