Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support <version>-immutable tagged stable images #23

Merged
merged 5 commits into from
Apr 19, 2024
Merged

Support <version>-immutable tagged stable images #23

merged 5 commits into from
Apr 19, 2024

Conversation

cevich
Copy link
Member

@cevich cevich commented Apr 12, 2024

Fixes: containers/automation_images#310

There are circumstances where it's consequential to have image digests
that change constantly. Add a "flavor" of podman/buildah/skopeo image
with a unique tag, that's only ever pushed once. Update documentation.

@cevich cevich force-pushed the imutable_stable_images branch 20 times, most recently from 43cc927 to 44b3dbe Compare April 17, 2024 14:05
@cevich cevich marked this pull request as ready for review April 17, 2024 14:39
@cevich cevich requested a review from edsantiago April 17, 2024 14:40
@cevich
Copy link
Member Author

cevich commented Apr 17, 2024

@edsantiago it's probably asking a lot, so PLMK if it's asking too much for you to review this. Esp. the "Simplify image-build automation scripts" commit is quite big since it prunes out a lot of legacy crap. I did perform a few runs of CI against just that commit, and they're happy.

@cevich
Copy link
Member Author

cevich commented Apr 17, 2024

@TomSweeneyRedHat would you mind taking a look at the (short) README updates here, LMK if there are any major problems?

edsantiago
edsantiago reviewed Apr 17, 2024
View reviewed changes
.cirrus.yml Outdated Show resolved Hide resolved
@cevich
Copy link
Member Author

cevich commented Apr 18, 2024

@edsantiago NP at all if this is too much, I appreciate you're making an effort.

@cevich
Force amd64 arch for temporary build
0f7a616 
The current and prior CI VMs contain cached copies of the latest Fedora
container image for each arch.  Unfortunately the last arch pulled is
`arm64`, which results in it being the default image used by podman when
`--arch` is not specified.  Ensure this can never cause problems by
hard-coding the `amd64` arch which will always match the VM.

Signed-off-by: Chris Evich <cevich@redhat.com>
@cevich
Provide additional debugging
c7e9508 
Signed-off-by: Chris Evich <cevich@redhat.com>
@cevich
Update CI VM images
d836bdd 
Signed-off-by: Chris Evich <cevich@redhat.com>
TomSweeneyRedHat
TomSweeneyRedHat reviewed Apr 18, 2024
View reviewed changes
README.md Outdated Show resolved Hide resolved
@TomSweeneyRedHat
Copy link
Member

TomSweeneyRedHat commented Apr 18, 2024
edited
Loading

Couple doc changes for consideration or to be ignored. Your call.
LGTM otherwise.

@cevich cevich mentioned this pull request Apr 18, 2024
Merged
@cevich
Simplify image-build automation scripts
ba97f1c 
Previously the `containers_build_push.sh` script was "installed" every
time into the environment due to legacy architecture reasons.  This
is no-longer necessary, complex, confusing, and potentially fragile.
Move the scripts under the `ci` directory and arrange for them to simply
be run from there.  Update tests, documentation, comments accordingly.

Signed-off-by: Chris Evich <cevich@redhat.com>
@cevich
Support <version>-immutable tagged stable images
99c40a5 
There are circumstances where it's consequential to have image digests
that change constantly.  Add a "flavor" of podman/buildah/skopeo image
with a unique tag, that's only ever pushed once.  Update documentation.

Signed-off-by: Chris Evich <cevich@redhat.com>
@cevich
Copy link
Member Author

cevich commented Apr 18, 2024

This is ready to go, letting it sit for a day or so in case there are last minute objections/feedback.

TomSweeneyRedHat
TomSweeneyRedHat reviewed Apr 18, 2024
View reviewed changes
Copy link
Member

@TomSweeneyRedHat TomSweeneyRedHat left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@cevich cevich merged commit 6493c12 into containers:main Apr 19, 2024
17 checks passed
@cevich
Copy link
Member Author

cevich commented Apr 19, 2024

Note to me: Check next cron run and verify immutable images have been pushed. Send mail to podman list assuming images aren't overwritten on the subsequent cron run.

cevich added a commit to cevich/automation that referenced this pull request Apr 22, 2024
@cevich
Fix build-push failing on empty push list
91f640b 
Prior to containers/image_build#23 the
automation using `build-push.sh` always pushed its images.  This
obscured a bug that occurs when `fqin_names` is an empty string in
`get_manifest_tags()`.  In this case, the `grep` command will exit
non-zero, causing `push_images()` to:

```
die "Error retrieving set of manifest-list tags to push for '$FQIN'"
```

Fix this by adding an empty-string check and removing the unnecessary
`grep`.  Also, `push_images()` change `die "No FQIN(s) to be pushed."`
into a warning, since the condition should not be considered fatal.

Signed-off-by: Chris Evich <cevich@redhat.com>
@cevich cevich mentioned this pull request Apr 22, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@TomSweeneyRedHat TomSweeneyRedHat TomSweeneyRedHat left review comments

@edsantiago edsantiago edsantiago left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Daily builds of skopeoimage produce new images each time (when no changes in base image or skopeo binary)
3 participants
@cevich @TomSweeneyRedHat @edsantiago