-
Notifications
You must be signed in to change notification settings - Fork 7
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
chore: refactor and improve badge verification task #249
chore: refactor and improve badge verification task #249
Conversation
This was tested locally using the following branch: https://github.com/defenseunicorns/leapfrogai/tree/1050-featuds-add-uds-badge-task-and-workflow |
Example output of the badge task: root@law-server /home/jlaw/dev/leapfrogai 1050-featuds-add-uds-badge-task-and-workflow 10s
❯ uds run badge:verify-uds-badge-api --no-progress
• Running "Verify API"
• Running "Verify that the package meets UDS badging standards"
📃 Setup Package Variables
ℹ️ Chart Path: chart
ℹ️ Group Name: package
ℹ️ Common Zarf: true
ℹ️ Package Directory: packages/api
NOTE Using config file
ℹ️ Package Name: leapfrogai-api
ℹ️ Installing kubectl-validate...
✅ kubectl-validate installed
🔍 Package Structure Validation
NOTE Using config file
ℹ️ Namespace: leapfrogai
NOTE Using config file
✅ No manifests present in common/zarf.yaml
NOTE Using config file
✅ No manifests present in zarf.yaml
NOTE Using config file
✅ At least one flavor defined in zarf.yaml
🔍 Package Testing Validation
✅ Tests folder exists and has files
🔍 Versioning Validation
NOTE Using config file
NOTE Using config file
⚠️ Version is not consistent across flavors and package
🔍 UDS Config Chart Validation
ℹ️ Validating uds-config chart...
✅ uds-config chart is valid
🔍 Exemptions Validation
NOTE Using config file
✅ No exemptions present
📃 Get the UDS Package CR
ℹ️ Retrieved UDS Package JSON for leapfrogai-api
🔍 Istio Validation
ℹ️ Endpoints: leapfrogai-api.uds.dev
❌ Endpoint leapfrogai-api.uds.dev is returning 404
NOTE Using config file
NOTE Using config file
❌ Not all pods have the istio sidecar
NOTE Using config file
✅ Peerauthentication is set to strict
✅ Network policies are defined
ℹ️ Non-IntraNamespace network policies: 3
ℹ️ Non-IntraNamespace network policies with selectors: 0
❌ Not all applicable network policies are using selectors
ℹ️ Non-IntraNamespace, non-KubeAPI network policies: 3
ℹ️ Non-IntraNamespace, non-KubeAPI network policies with ports: 0
❌ Not all applicable network policies are using ports
⚠️ Network policies with 'remoteGenerated: Anywhere' are present, review needed
🔍 Keycloak/SSO Validation
⚠️ No SSO configuration found, review needed
🔍 Monitoring Validation
ℹ️ No monitors defined in the package, checking for ServiceMonitors
NOTE Using config file
ℹ️ No ServiceMonitors defined, checking for PodMonitors
NOTE Using config file
❌ No monitors defined
❌ 5 errors found
⚠️ 3 warnings found
✔ Completed "Verify that the package meets UDS badging standards"
✔ Completed "Verify API"
root@law-server /home/jlaw/dev/leapfrogai 1050-featuds-add-uds-badge-task-and-workflow
❯ uds run badge:verify-uds-badge-vllm --no-progress
• Running "Verify vLLM"
• Running "Verify that the package meets UDS badging standards"
📃 Setup Package Variables
ℹ️ Chart Path: chart
ℹ️ Group Name: package
ℹ️ Common Zarf: false
ℹ️ Package Directory: packages/vllm
NOTE Using config file
ℹ️ Package Name: vllm
ℹ️ Installing kubectl-validate...
✅ kubectl-validate installed
🔍 Package Structure Validation
⚠️ There is no common zarf.yaml file
NOTE Using config file
ℹ️ Namespace: leapfrogai
NOTE Using config file
✅ No manifests present in zarf.yaml
NOTE Using config file
✅ At least one flavor defined in zarf.yaml
🔍 Package Testing Validation
✅ Tests folder exists and has files
🔍 Versioning Validation
NOTE Using config file
NOTE Using config file
⚠️ Version is not consistent across flavors and package
🔍 UDS Config Chart Validation
ℹ️ Validating uds-config chart...
✅ uds-config chart is valid
🔍 Exemptions Validation
NOTE Using config file
✅ No exemptions present
📃 Get the UDS Package CR
⛔ UDS Package CR does not exist for vllm
⛔ 1 failures found
⚠️ 2 warnings found
✔ Completed "Verify that the package meets UDS badging standards"
✔ Completed "Verify vLLM" |
If we think this is valuable, I also created a summarization script for multi-verification tasks: root@law-server /home/jlaw/dev/leapfrogai 1050-featuds-add-uds-badge-task-and-workflow
❯ .github/scripts/summarizeVerification.sh
-----------------------------
Package: leapfrogai-api
❌ Errors: 5
⚠️ Warnings: 3
❌ Error Descriptions:
- Endpoint leapfrogai-api.uds.dev is returning 404
- Not all pods have the istio sidecar
- Not all applicable network policies are using selectors
- Not all applicable network policies are using ports
- No monitors defined
⚠️ Warning Descriptions:
- Version is not consistent across flavors and package
- Network policies with 'remoteGenerated: Anywhere' are present, review needed
- No SSO configuration found, review needed
-----------------------------
Package: vllm
⛔ Failures: 1
⚠️ Warnings: 2
⛔ Failure Descriptions:
- UDS Package CR does not exist for vllm
⚠️ Warning Descriptions:
- There is no common zarf.yaml file
- Version is not consistent across flavors and package |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this is fine for now - this PR really points to this tool needing to be rewritten into a real language like go with more robust checks in the future
yq
andkubectl
to perform the badge verification task.PACKAGE_DIR
task variable for mono-repos with multiple UDS capes (e.g., LeapfrogAI)