Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: Added retry option and max_retries #50

Open
wants to merge 8 commits into
base: main
Choose a base branch
from
2 changes: 1 addition & 1 deletion .github/workflows/build.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -80,7 +80,7 @@ jobs:
--mount=type=bind,source="$SOCKET",target=/var/run/docker.sock \
--mount=type=bind,source=$GITHUB_OUTPUT,target=$GITHUB_OUTPUT -e GITHUB_OUTPUT \
--name=copa-action \
copa-action 'docker.io/openpolicyagent/opa:0.46.0' 'opa.0.46.0.json' '0.46.0-patched' '10m' "${{ matrix.test-type }}" 'openvex' 'output.json'
copa-action 'docker.io/openpolicyagent/opa:0.46.0' 'opa.0.46.0.json' '0.46.0-patched' '10m' "${{ matrix.test-type }}" 'openvex' 'output.json' '5'

# saving patched image to give trivy access when using a custom socket
docker -c "$CONTEXT" save -o patched.tar openpolicyagent/opa:0.46.0-patched
Expand Down
4 changes: 4 additions & 0 deletions action.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,10 @@ inputs:
default: "openvex"
custom-socket:
description: "Custom socket address if setting up containerd image store"
max_retries:
description: "Max retries on timeout error"
SaptarshiSarkar12 marked this conversation as resolved.
Show resolved Hide resolved
required: false
default: 3
outputs:
patched-image:
description: 'Image reference of patched image'
Expand Down
36 changes: 30 additions & 6 deletions entrypoint.sh
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ timeout=$4
connection_format=$5
format=$6
output_file=$7
max_retries=$8

# parse image into image name
image_no_tag=$(echo "$image" | cut -d':' -f1)
Expand Down Expand Up @@ -40,11 +41,34 @@ case "$connection_format" in
esac

# run copa to patch image
if copa patch -i "$image" -r ./data/"$report" -t "$patched_tag" $connection --timeout $timeout $output;
if [ "$max_retries" -eq 0 ]
then
patched_image="$image_no_tag:$patched_tag"
echo "patched-image=$patched_image" >> "$GITHUB_OUTPUT"
if copa patch -i "$image" -r ./data/"$report" -t "$patched_tag" "$connection" --timeout "$timeout" "$output"
then
patched_image="$image_no_tag:$patched_tag"
echo "patched-image=$patched_image" >> "$GITHUB_OUTPUT"
else
echo "Error patching image $image with copa"
exit 1
fi
else
echo "Error patching image $image with copa"
exit 1
fi
retries=0
while [ "$retries" -lt "$max_retries" ]
do
if copa patch -i "$image" -r "./data/$report" -t "$patched_tag" "$connection" --timeout "$timeout" "$output"
then
patched_image="$image_no_tag:$patched_tag"
SaptarshiSarkar12 marked this conversation as resolved.
Show resolved Hide resolved
echo "patched-image=$patched_image" >> "$GITHUB_OUTPUT"
break
else
retries=$((retries+1))
if [ "$retries" -eq "$max_retries" ]
then
echo "Error patching image $image with copa"
exit 1
else
echo "WARNING: Attempt $retries failed. Retrying..."
fi
fi
done
fi
SaptarshiSarkar12 marked this conversation as resolved.
Show resolved Hide resolved
Loading