redhat-developer · alizard0 · Mar 13, 2026 · Feb 10, 2026 · Feb 10, 2026 · Feb 10, 2026
@@ -5,6 +5,7 @@ metadata:
   name: openssf-scorecard-only
   annotations:
     openssf/scorecard-location: https://api.securityscorecards.dev/projects/github.com/alizard0/rhdh-plugins
+    exclude/metrics: openssf.maintained,openssf.code_review
 spec:
   type: service
   owner: group:development/guests

@@ -49,6 +49,13 @@ const mockOpenSSFResponse: OpenSSFResponse = {
       details: null,
       documentation: { short: '', url: '' },
     },
+    {
+      name: 'Code-Review',
+      score: 9,
+      reason: null,
+      details: null,
+      documentation: { short: '', url: '' },
+    },
   ],
 };
 

@@ -43,8 +43,6 @@ export class OpenSSFClient {
       );
     }
 
-    const data: OpenSSFResponse = await response.json();
-
-    return data;
+    return await response.json();
   }
 }
@@ -293,11 +293,51 @@ describe('PullMetricsByProviderTask', () => {
       await (task as any).pullProviderMetrics(mockProvider, mockLogger);
 
       expect(mockLogger.info).toHaveBeenNthCalledWith(
-        2,
+        4,
         `Completed metric pull for github.test_metric: processed 2 entities`,
       );
     });
 
+    it('should skip entities when exclude/metrics annotation contains the provider id', async () => {
+      const entityExcluded = {
+        apiVersion: '1.0.0',
+        kind: 'Component',
+        metadata: {
+          name: 'excluded-entity',
+          annotations: { 'exclude/metrics': 'github.test_metric' },
+        },
+      };
+      const entityIncluded = {
+        apiVersion: '1.0.0',
+        kind: 'Component',
+        metadata: { name: 'included-entity' },
+      };
+      mockCatalog.queryEntities.mockReset().mockResolvedValueOnce({
+        items: [entityExcluded, entityIncluded],
+        pageInfo: { nextCursor: undefined },
+        totalItems: 2,
+      });
+
+      const calculateMetricSpy = jest.spyOn(mockProvider, 'calculateMetric');
+      const createMetricValuesSpy = jest.spyOn(
+        mockDatabaseMetricValues,
+        'createMetricValues',
+      );
+      await (task as any).pullProviderMetrics(mockProvider, mockLogger);
+
+      expect(calculateMetricSpy).toHaveBeenCalledTimes(1);
+      expect(calculateMetricSpy).toHaveBeenCalledWith(entityIncluded);
+      expect(createMetricValuesSpy).toHaveBeenCalledTimes(1);
+      expect(createMetricValuesSpy).toHaveBeenCalledWith([
+        expect.objectContaining({
+          catalog_entity_ref: 'component:default/included-entity',
+          metric_id: 'github.test_metric',
+          value: 42,
+          status: 'success',
+        }),
+      ]);
+    });
+
     it('should throw error if pullProviderMetrics fails', async () => {
       (task as any).pullProviderMetrics = jest
         .fn()

@@ -142,6 +142,20 @@ export class PullMetricsByProviderTask implements SchedulerTask {
             let value: MetricValue | undefined;
 
             try {
+              const excludedMetrics =
+                entity.metadata.annotations?.['exclude/metrics'];
+              logger.info(
+                `Loaded excluded/metrics annotation: ${excludedMetrics}`,
+              );
+              if (excludedMetrics) {
+                const excludedMetricsList = excludedMetrics
+                  .split(',')
+                  .map(s => s.trim());
+                if (excludedMetricsList.includes(provider.getProviderId())) {
+                  logger.info(`Excluded metric: ${provider.getProviderId()}`);
+                  return undefined;
+                }
+              }
               value = await provider.calculateMetric(entity);
 
               const thresholds = mergeEntityAndProviderThresholds(
@@ -175,7 +189,7 @@ export class PullMetricsByProviderTask implements SchedulerTask {
           }),
         ).then(promises =>
           promises.reduce((acc, curr) => {
-            if (curr.status === 'fulfilled') {
+            if (curr.status === 'fulfilled' && curr.value !== undefined) {
               return [...acc, curr.value];
             }
             return acc;