.. _verify_pulled_report_crio_module:


verify_pulled_report_crio -- Enrich pulled\_images\_report with CRI\-O pull evidence
====================================================================================

.. contents::
   :local:
   :depth: 1


Synopsis
--------

Reads the YAML produced by the env\_op\_images pulled\-images report role task.

Parses CRI\-O journal lines for :literal:`msg="Pulled image: ...@sha256:..."`.

Adds per\-row verification fields using trusted mirror domains from :literal:`summary.mirror\_rules`.

When images carry a :literal:`node` field, evidence is matched against the specific node's CRI\-O log first.  If the digest is only found on a different node the entry is counted as a cross\-node mismatch.

Log files are expected to follow the :literal:`\<node\-name\>.crio.log` naming convention produced by the role task.






Parameters
----------

  report_path (True, str, None)
    Path to :literal:`pulled\_images\_report.yaml` (input).


  output_path (True, str, None)
    Path for the enriched YAML report (output).


  log_paths (False, list, [])
    Explicit list of log files to parse (e.g. per\-node CRI\-O logs).

    Combined with files found under :emphasis:`log\_dir` when set.


  log_dir (False, str, None)
    Directory containing CRI\-O log files matching :emphasis:`log\_glob`.


  log_glob (False, str, \*.crio.log)
    Glob under :emphasis:`log\_dir`. Used only when :emphasis:`log\_dir` is set.





Notes
-----

.. note::
   - Requires PyYAML on the controller (same as other cifmw.general modules).




Examples
--------

.. code-block:: yaml+jinja

    
    - name: Enrich pulled report using fetched node logs
      cifmw.general.verify_pulled_report_crio:
        report_path: "{{ cifmw_env_op_images_pulled_report_path }}"
        log_dir: "{{ cifmw_env_op_images_crio_logs_dir }}"
        output_path: "{{ cifmw_env_op_images_verified_report_path }}"



Return Values
-------------

changed (always, bool, )
  Whether the output file was written.


trusted_mirrors (always, list, )
  Hostnames extracted from mirror rules in the report summary.


log_files (always, int, )
  Number of log files read.


entries_with_digest (always, int, )
  Image rows that had a sha256 digest in :literal:`image\_id`.


cross_node_entries (always, int, )
  Image rows where evidence was found only on a different node than where the pod ran.


nodes_with_evidence (always, list, )
  Node names that had at least one :literal:`Pulled image` log entry.





Status
------





Authors
~~~~~~~

- Nemanja Marjanovic (@nemarjan)