Skip to content

RHINENG-26119: add support for publishing advisory update events#2224

Open
katarinazaprazna wants to merge 1 commit into
RedHatInsights:masterfrom
katarinazaprazna:evaluator-emits-advisory-events
Open

RHINENG-26119: add support for publishing advisory update events#2224
katarinazaprazna wants to merge 1 commit into
RedHatInsights:masterfrom
katarinazaprazna:evaluator-emits-advisory-events

Conversation

@katarinazaprazna

@katarinazaprazna katarinazaprazna commented Jun 4, 2026
edited by sourcery-ai Bot
Loading

Copy link
Copy Markdown
Collaborator

Summary

  • Evaluator publishes advisory delta events to patchman.advisory.update Kafka topic after each system evaluation
  • Only changed advisories (Add, Update, Remove) are included in the payload, unchanged (Keep) are filtered out
  • Feature is gated by advisory_updates pod config flag, disabled by default
  • Existing advisory writes and instant notifications are unaffected

Jira ticket: https://redhat.atlassian.net/browse/RHINENG-26119

Secure Coding Practices Checklist GitHub Link

Secure Coding Checklist

  • Input Validation
  • Output Encoding
  • Authentication and Password Management
  • Session Management
  • Access Control
  • Cryptographic Practices
  • Error Handling and Logging
  • Data Protection
  • Communication Security
  • System Configuration
  • Database Security
  • File Management
  • Memory Management
  • General Coding Practices

Summary by Sourcery

Add support for emitting advisory update events during evaluation when advisories change and the feature is enabled.

New Features:

  • Introduce advisory update Kafka events that carry changed advisory IDs per system, including workspace and timestamp metadata.

Enhancements:

  • Wire advisory update publishing into the evaluator with a feature flag and topic configuration, including Clowder topic translation and parameter printing.

Tests:

  • Add unit and integration-style tests covering advisory ID change detection, event construction, publishing behavior, and the no-delta case.

Summary by Sourcery

Add optional publishing of advisory update Kafka events during system evaluation when advisories change.

New Features:

  • Emit advisory update events with changed advisory IDs per system to a dedicated Kafka topic when feature flag is enabled.

Enhancements:

  • Wire advisory update publishing into the evaluator flow with configuration for enabling the feature and resolving the advisory update topic via Clowder.
  • Fix evaluator configuration function name and extend Kafka config printing to include the advisory update topic.

Tests:

  • Add unit tests for advisory delta detection and advisory update event construction, and integration-style tests covering publish and no-delta scenarios.

@sourcery-ai

sourcery-ai Bot commented Jun 4, 2026
edited
Loading

Copy link
Copy Markdown

Reviewer's Guide

Adds feature-gated publishing of advisory update Kafka events during evaluation, wiring new configuration, topic handling, publisher, and tests for advisory deltas while keeping existing behavior unchanged.

File-Level Changes

Change Details Files
Add feature-gated advisory update publishing into the evaluator pipeline.
  • Introduce a new pod config flag to enable advisory update events and wire it into evaluator configuration.
  • Hook advisory update publishing into evaluateAndStore, recording metrics and logging on publish errors without failing evaluation.
  • Implement advisory update configuration that instantiates a Kafka writer when the advisory update topic is configured.
 evaluator/evaluate.go
evaluator/advisory_update.go
Implement advisory delta extraction and event construction logic for advisory update events.
  • Add helper to collect only non-keep advisory IDs as the delta set.
  • Create advisory update event structs populated with account, workspace (best-effort parsing), advisory IDs, and a timestamp.
  • Add publishing logic that skips when there is no publisher, no advisories, or an empty delta, and measures publish duration.
 evaluator/advisory_update.go
Wire advisory update Kafka topic into configuration, Clowder translation, and param printing.
  • Add ADVISORY_UPDATE_TOPIC env var to evaluator deployments with the patchman.advisory.update default.
  • Include AdvisoryUpdateTopic in Clowder topic translation so the actual Kafka topic name is resolved in managed environments.
  • Extend Kafka parameter printing to include the advisory update topic for easier debugging.
 deploy/clowdapp.yaml
base/utils/config.go
Add tests covering advisory delta detection, event creation, publishing behavior, and no-delta cases.
  • Test that only changed advisories (Add/Update/Remove) are included in the delta ID list.
  • Test advisory update event construction, including workspace ID extraction and timestamp presence.
  • Add integration-style test ensuring evaluation produces advisory updates and publishes a Kafka message, and a unit test verifying no messages are sent when there is no advisory delta.
 evaluator/advisory_update_test.go
Tips and commands

Interacting with Sourcery

  • Trigger a new review: Comment @sourcery-ai review on the pull request.
  • Continue discussions: Reply directly to Sourcery's review comments.
  • Generate a GitHub issue from a review comment: Ask Sourcery to create an
    issue from a review comment by replying to it. You can also reply to a
    review comment with @sourcery-ai issue to create an issue from it.
  • Generate a pull request title: Write @sourcery-ai anywhere in the pull
    request title to generate a title at any time. You can also comment
    @sourcery-ai title on the pull request to (re-)generate the title at any time.
  • Generate a pull request summary: Write @sourcery-ai summary anywhere in
    the pull request body to generate a PR summary at any time exactly where you
    want it. You can also comment @sourcery-ai summary on the pull request to
    (re-)generate the summary at any time.
  • Generate reviewer's guide: Comment @sourcery-ai guide on the pull
    request to (re-)generate the reviewer's guide at any time.
  • Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
    pull request to resolve all Sourcery comments. Useful if you've already
    addressed all the comments and don't want to see them anymore.
  • Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
    request to dismiss all existing Sourcery reviews. Especially useful if you
    want to start fresh with a new review - don't forget to comment
    @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

  • Enable or disable review features such as the Sourcery-generated pull request
    summary, the reviewer's guide, and others.
  • Change the review language.
  • Add, remove or edit custom review instructions.
  • Adjust other review settings.

Getting Help

@katarinazaprazna katarinazaprazna force-pushed the evaluator-emits-advisory-events branch from ed405ba to 312e979 Compare June 4, 2026 02:45
@codecov-commenter

codecov-commenter commented Jun 4, 2026

Copy link
Copy Markdown

Codecov Report

❌ Patch coverage is 72.00000% with 14 lines in your changes missing coverage. Please review.
✅ Project coverage is 58.56%. Comparing base (cf25d8a) to head (312e979).

Files with missing lines Patch % Lines
evaluator/advisory_update.go 76.31% 4 Missing and 5 partials ⚠️
evaluator/evaluate.go 60.00% 3 Missing and 1 partial ⚠️
base/utils/config.go 50.00% 1 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #2224      +/-   ##
==========================================
+ Coverage   58.46%   58.56%   +0.09%     
==========================================
  Files         139      140       +1     
  Lines        8925     8973      +48     
==========================================
+ Hits         5218     5255      +37     
- Misses       3159     3166       +7     
- Partials      548      552       +4
Flag Coverage Δ
unittests 58.56% <72.00%> (+0.09%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@katarinazaprazna katarinazaprazna marked this pull request as ready for review June 8, 2026 13:39
@katarinazaprazna katarinazaprazna requested a review from a team as a code owner June 8, 2026 13:39
sourcery-ai[bot]
sourcery-ai Bot reviewed Jun 8, 2026
View reviewed changes

@sourcery-ai sourcery-ai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey - I've left some high level feedback:

  • The createAdvisoryUpdateEvent path logs a warning for every system without workspaces ("no workspaces for system"), which might be noisy in environments where workspaces are not commonly set; consider downgrading this to debug or only logging when a workspace feature flag is enabled.
  • When workspace ID parsing fails in createAdvisoryUpdateEvent, you currently emit a warning and send a zero UUID; it may be clearer to omit the workspace ID field (or keep it as a pointer/optional) so downstream consumers can distinguish between "missing" and "all-zero" values.
  • publishAdvisoryUpdates silently returns when advisoryUpdatePublisher is nil even if enableAdvisoryUpdates is true; consider logging once at startup or during configuration when the feature flag is enabled but no topic/publisher is configured to make misconfiguration easier to detect.
Prompt for AI Agents 
Please address the comments from this code review:

## Overall Comments
- The `createAdvisoryUpdateEvent` path logs a warning for every system without workspaces (`"no workspaces for system"`), which might be noisy in environments where workspaces are not commonly set; consider downgrading this to debug or only logging when a workspace feature flag is enabled.
- When workspace ID parsing fails in `createAdvisoryUpdateEvent`, you currently emit a warning and send a zero UUID; it may be clearer to omit the workspace ID field (or keep it as a pointer/optional) so downstream consumers can distinguish between "missing" and "all-zero" values.
- `publishAdvisoryUpdates` silently returns when `advisoryUpdatePublisher` is nil even if `enableAdvisoryUpdates` is true; consider logging once at startup or during configuration when the feature flag is enabled but no topic/publisher is configured to make misconfiguration easier to detect.
Sourcery is free for open source - if you like our reviews please consider sharing them ✨
Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sourcery-ai sourcery-ai[bot] sourcery-ai[bot] left review comments

@MichaelMraka MichaelMraka Awaiting requested review from MichaelMraka

@TenSt TenSt Awaiting requested review from TenSt

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@katarinazaprazna @codecov-commenter