Fix publishing EE image to RH registry

There was an API change in RH registry
hazelcast · Dec 21, 2023 · b272d39 · b272d39
1 parent e27f34e
commit b272d39
Showing 1 changed file with 8 additions and 6 deletions.
diff --git a/.github/scripts/publish-rhel.sh b/.github/scripts/publish-rhel.sh
@@ -16,7 +16,7 @@ get_image()
     fi
 
     local FILTER="filter=deleted==false;${PUBLISHED_FILTER}"
-    local INCLUDE="include=total,data.repositories.tags.name,data.scan_status,data._id"
+    local INCLUDE="include=total,data.repositories.tags.name,data.certified,data.container_grades,data._id"
 
     local RESPONSE=$( \
         curl --silent \
@@ -44,13 +44,14 @@ wait_for_container_scan()
     # Wait until the image is scanned
     for i in `seq 1 ${NOF_RETRIES}`; do
         local IMAGE=$(get_image not_published "${RHEL_PROJECT_ID}" "${VERSION}" "${RHEL_API_KEY}")
-        local SCAN_STATUS=$(echo "$IMAGE" | jq -r '.data[0].scan_status')
+        local SCAN_STATUS=$(echo "$IMAGE" | jq -r '.data[0].container_grades.status')
+        local IMAGE_CERTIFIED=$(echo "$IMAGE" | jq -r '.data[0].certified')
 
         if [[ $SCAN_STATUS == "in progress" ]]; then
             echo "Scanning in progress, waiting..."
         elif [[ $SCAN_STATUS == "null" ]];  then
             echo "Image is still not present in the registry!"
-        elif [[ $SCAN_STATUS == "passed" ]]; then
+        elif [[ $SCAN_STATUS == "completed" && "$IMAGE_CERTIFIED" == "true" ]]; then
             echo "Scan passed!" ; return 0
         else
             echo "Scan failed!" ; return 1
@@ -76,9 +77,10 @@ publish_the_image()
     local IMAGE=$(get_image not_published "${RHEL_PROJECT_ID}" "${VERSION}" "${RHEL_API_KEY}")
     local IMAGE_EXISTS=$(echo $IMAGE | jq -r '.total')
     if [[ $IMAGE_EXISTS == "1" ]]; then
-        local SCAN_STATUS=$(echo $IMAGE | jq -r '.data[0].scan_status')
-        if [[ $SCAN_STATUS != "passed" ]]; then
-            echo "Image you are trying to publish did not pass the certification test, its status is \"${SCAN_STATUS}\""
+        local SCAN_STATUS=$(echo "$IMAGE" | jq -r '.data[0].container_grades.status')
+        local IMAGE_CERTIFIED=$(echo "$IMAGE" | jq -r '.data[0].certified')
+        if [[ $SCAN_STATUS != "completed" ||  "$IMAGE_CERTIFIED" != "true" ]]; then
+            echo "Image you are trying to publish did not pass the certification test, its status is \"${SCAN_STATUS}\" and certified is \"${IMAGE_CERTIFIED}\""
             return 1
         fi
     else