Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Distinguish previous image tag from publish tag(s) #138

Closed
ekcasey opened this issue May 30, 2019 · 2 comments · Fixed by #140
Closed

Distinguish previous image tag from publish tag(s) #138

ekcasey opened this issue May 30, 2019 · 2 comments · Fixed by #140
Assignees
@jromero
Milestone
0.3.0

Comments

@ekcasey
Copy link
Member

ekcasey commented May 30, 2019
edited
Loading

Motivations:

This issue accomplishes three goals.

(1) Avoids unexpected behavior when a new image has been published to a given tag after analyzer has run, but before exporter has completed. Currently a buildpack may indicate (by leaving a layer.toml file with no corresponding directory) that it wishes to reuse a layer. However, if that layer changes due to this race condition, the layer that is reused might be different than the layer validated by the buildpack

(2) Provides an easy way to publish the same image to multiple tags (e.g. an immutable rc-17 tag and a mutable :latest tag). This is important for auditability and rollbacks when using registries like artifactory that garbage collect untagged images.

(3) Explicitly disentangles two concepts which the current lifecycle API blurs together. The previous (analyzed) image and the desired export tag.

analyzer

When I run analyzer registry.com/some/image:tag -analyzed /path/to/analyzed.toml
Then analyzer, in additional to the current behavior, writes a analyzed.toml file to the given path with the following information

[image]
  reference =  "registry.com/some/image@<image-digest>"

[metadata]
...

exporter

Given I have a file at path /path/to/analyzed.toml with the following contents

[image]
  reference =  "registry.com/some/image@<image-digest>"
[metadata]
...

When I run exporter some/image:tag some/other:tag -analyzed /path/to/analyzed.toml
Then the exporter will fetch reused layers from registry.com/some/image@<image-digest>
And the exporter will export to all tags provided

Flag details

-analyzed will be an optional flag on both analyzer and exporter and will default to ./analyzed.toml

Backwards compatibility

If exporter cannot find the analyzed.toml file it will fails (this means that a previous version on the analyzer binary cannot be used with the newest version of the exporter binary, which seems like an acceptable limitation).
@jromero jromero mentioned this issue Jun 7, 2019
Closed
@jromero jromero self-assigned this Jun 10, 2019
@djoyahoy
Copy link
Member

After a discussion with @ekcasey, we want to enforce that the run image used for each provided image tag uses the same registry as that image tag to preserve locality during export.

djoyahoy pushed a commit that referenced this issue Jun 13, 2019
@ameyer-pivotal
Write analyzed.toml
c55e2a4 
* Export to multiple tags
* Use analyzed.toml in exporter

[#138]

Signed-off-by: Andrew Meyer <ameyer@pivotal.io>
djoyahoy pushed a commit that referenced this issue Jun 13, 2019
@jromero
Write analyzed.toml
e0d8f58 
* Export to multiple tags
* Use analyzed.toml in exporter

[#138]

Signed-off-by: Javier Romero <jromero@pivotal.io>
Signed-off-by: Danny Joyce <djoyce@pivotal.io>
This was referenced Jun 21, 2019
Closed
Merged
Merged
Merged
@ekcasey
Copy link
Member Author

ekcasey commented Jul 3, 2019

NOTE:

When analyzer is run with the -daemon flag the reference that is stored in the analyzed.toml file is the image ID. In the future we would like to write this value in the daemon case to a key named image-id for naming accuracy and clarity.

@jromero jromero added this to the 0.3.0 milestone Aug 19, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jromero jromero

Labels
None yet
Projects
None yet
Milestone
0.3.0
Development

Successfully merging a pull request may close this issue.

Allow for multiple tags buildpacks/lifecycle
3 participants
@jromero @ekcasey @djoyahoy