Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[spike] how to feed back thamos advise to cnbi-crd? #12

Open
6 tasks
goern opened this issue Sep 21, 2022 · 6 comments
Open
6 tasks

[spike] how to feed back thamos advise to cnbi-crd? #12

goern opened this issue Sep 21, 2022 · 6 comments
Assignees
@codificat
Labels
kind/feature Categorizes issue or PR as related to a new feature. priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release. sig/devsecops Categorizes an issue or PR as relevant to SIG DevSecOps. wg/cre Issues or PRs related to the Custom Runtime Environment (fka Custom Notebook Image) ODH feature.

Comments

@goern
Copy link
Member

goern commented Sep 21, 2022
edited by harshad16
Loading

As an ODH-Admin (using the cnbi feature),
I want to see Thoth's advises on the odh-dashboard
so that I can react on them accordingly.

  • create a tekton task to get Thoth Guidance on a PipelineRun
  • propose how the result of an advise can be saved with the PipelineRun, they need to be available on the kubernetes custom resource, not as file in a workspace
  • propose how we aggregate justifications into CustomNBImage conditions

Acceptance Criteria

  • design doc based on thoth station discussion
  • comments from ODH UX
  • ADR

References

here is an example of a failed task in a tekton pipeline, that has been reconciled into a CustomNBImage objects:

status:
  conditions:
  - lastTransitionTime: "2022-09-26T12:00:26Z"
    message: 'Pipeline default/cnbi-gitrepo can''t be Run; it contains Tasks that
      don''t exist: Couldn''t retrieve Task "git-clone": clustertasks.tekton.dev "git-clone"
      not found'
    reason: CouldntGetTask
    status: "False"
    type: PipelineRunGitrepo
  phase: Failed
  pipelines:
  - name: gitrepo
    pipelineRunName: cnbi-elyra-aidevsecops-tutorial-gitrepo
    ready: "False"

thamos advise output that we could display back to the RHODS/ODH users might be all WARNINGS, for example:

            {
              "link": "https://github.com/ossf/scorecard/blob/main/docs/checks.md",
              "message": "Project does NOT cryptographically sign tags based on Security Scorecards",
              "package_name": "absl-py",
              "type": "WARNING"
            },
           {
              "link": "https://pypi.org/project/argon2-cffi/#history",
              "message": "Package 'argon2-cffi' has no recent release, last release dates back to 2021-12-11 11:47:50.012396",
              "package_name": "argon2-cffi",
              "type": "WARNING"
            },
            {
              "link": "https://github.com/ossf/scorecard/blob/main/docs/checks.md",
              "message": "Project does NOT use static source code analysis based on Security Scorecards",
              "package_name": "argon2-cffi",
              "type": "WARNING"
            },
            {
              "link": "https://github.com/ossf/scorecard/blob/main/docs/checks.md",
              "message": "Project does NOT have a set of contributors from multiple companies based on Security Scorecards",
              "package_name": "asttokens",
              "type": "WARNING"
            },

@Gkrumbach07 could you please fill in the link to the advise clustering and maybe other issues wrt here, thx!
@goern
Copy link
Member Author

goern commented Sep 22, 2022

/kind feature
/priority important-soon

@sesheta sesheta added kind/feature Categorizes issue or PR as related to a new feature. priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release. labels Sep 22, 2022
@goern goern added the sig/stack-guidance Categorizes an issue or PR as relevant to SIG Stack Guidance. label Sep 26, 2022
@codificat
Copy link
Member

/wg cnbi

@Gkrumbach07
Copy link
Member

related

@codificat
Copy link
Member

Also related: #13 about how status is being reported back to the CR and propagated to the UI

@codificat
Copy link
Member

Related: #15 (more ADRs)

@codificat
Copy link
Member

/assign

@sesheta sesheta added wg/cre Issues or PRs related to the Custom Runtime Environment (fka Custom Notebook Image) ODH feature. and removed wg/cnbi labels Nov 24, 2022
@VannTen VannTen removed their assignment Nov 27, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@codificat codificat

Labels
kind/feature Categorizes issue or PR as related to a new feature. priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release. sig/devsecops Categorizes an issue or PR as relevant to SIG DevSecOps. wg/cre Issues or PRs related to the Custom Runtime Environment (fka Custom Notebook Image) ODH feature.
Projects
Planning Board
Status: 📋 Backlog
CNBi feature
Status: 🆕 New
Milestone
No milestone
Development

No branches or pull requests
5 participants
@goern @codificat @Gkrumbach07 @VannTen @sesheta