From 415ba957e90f66a96107adbde589871a510c0184 Mon Sep 17 00:00:00 2001
From: Micah Nagel <micah.nagel@parsons.com>
Date: Tue, 23 Mar 2021 21:54:50 +0000
Subject: [PATCH] Resolve "bug: `images.txt` doesn't include manually specified
 images in `synker.yaml`"

---
 .gitlab-ci.yml              |  8 ++++++--
 scripts/package/synker.yaml | 11 ++---------
 2 files changed, 8 insertions(+), 11 deletions(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index e8fc2bc88e..751af74d71 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -322,9 +322,13 @@ package:
   script:
     - cp ./scripts/package/synker.yaml ./synker.yaml
     # Populate images list in synker config
-    # NOTE: This is stupid and hacky, use yq or something better to do this
-    - cat images.txt | sed -e 's/^/    - /' >> synker.yaml
+    - |
+      for image in $(cat images.txt); do
+        yq -i e "(.source.images |= . + \"${image}\")" "./synker.yaml"
+      done
     - synker pull -b=1
+    # Create image list from synker, overwrite since ./synker.yaml contains everything at this point
+    - yq e '.source.images | .[] | ... comments=""' "./synker.yaml" > images.txt
     # Tar up synker as well?
     - cp /usr/local/bin/synker synker.yaml /var/lib/registry/
     - tar -C /var/lib/registry -czvf $IMAGE_PKG .
diff --git a/scripts/package/synker.yaml b/scripts/package/synker.yaml
index 3461196270..78badbcacc 100644
--- a/scripts/package/synker.yaml
+++ b/scripts/package/synker.yaml
@@ -6,14 +6,12 @@ transport:
     port: 25000
     osChoice: linux
     disablePolicyChecks: true
-
 options:
   # TODO: Turn this off for now until parallel syncing is more "production" ready
   # NOTE: Finding some bugs (even with retry) in pushing images to the airgapped registry that trace back to paralell syncing
   parallelSync: false
   quiet: false
   debug: info
-
 # NOTE: destination configurations below are environment specific and should be modified to match your environment.
 destination:
   registry:
@@ -21,18 +19,15 @@ destination:
     hostname: p1-registry
     # Port of the destination registry to push to
     port: 5000
-
     #
     osChoice: linux
     disablePolicyChecks: true
-
 source:
   authFile: /root/.docker/config.json
   images:
     - registry1.dso.mil/ironbank/twistlock/defender/defender:20.12.531
     - registry1.dso.mil/ironbank/anchore/enterprise/enterprise:3.0.1
     - registry1.dso.mil/ironbank/anchore/enterpriseui/enterpriseui:3.0.1
-
     # Images used by pipeline-templates
     # NOTE: These are __not__ fully inclusive yet, see this issue for updates: https://repo1.dso.mil/platform-one/big-bang/bigbang/-/issues/145
     - registry.il2.dso.mil/platform-one/devops/pipeline-templates/pipeline-job/sonar-scanner-dotnet31:4.10
@@ -43,10 +38,8 @@ source:
     - registry.il2.dso.mil/platform-one/devops/pipeline-templates/pipeline-job/anchore:0.8.2
     - registry.il2.dso.mil/platform-one/devops/pipeline-templates/pipeline-job/test:gcc
     - registry.il2.dso.mil/platform-one/devops/pipeline-templates/pipeline-job/dependency-check611-sonar-scanner45-dotnet-31:021921
-
     # Gitlab Runner images
     - registry1.dso.mil/ironbank/gitlab/gitlab-runner/gitlab-runner:v13.2.2
     - registry.dso.mil/platform-one/big-bang/apps/developer-tools/gitlab-runner/gitlab-runner-helper:ib-v13.2.2
-
-      # Don't include until fortify is supported
-#    - registry.il2.dso.mil/platform-one/devops/pipeline-templates/pipeline-job/dotnet-fortify:20.2.0
+    # Don't include until fortify is supported
+    #- registry.il2.dso.mil/platform-one/devops/pipeline-templates/pipeline-job/dotnet-fortify:20.2.0
-- 
GitLab