Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: fail on curl errors in devkit build #1243

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

fix: fail on curl errors in devkit build #1243

wants to merge 1 commit into from

Conversation

dkoshkin
Copy link
Contributor

What problem does this PR solve?:
Previously 4xx and 5xx errors were ignored, which resulted in an invalid devkit image. This then lead to situations where the image was never rebuilt since the same image with that SHA was already in Dockerhub.

Which issue(s) does this PR fix?:

Special notes for your reviewer:

Does this PR introduce a user-facing change?:

@dkoshkin
fix: fail on curl errors in devkit build
40978b7 
Previously 4xx and 5xx errors were ignored, which resulted in an invalid devkit image.
@dkoshkin dkoshkin requested review from faiq and supershal December 20, 2024 16:59
@github-actions github-actions bot added the fix label Dec 20, 2024
dkoshkin
dkoshkin commented Dec 20, 2024
View reviewed changes
Dockerfile.devkit
Comment on lines -104 to +110
curl -o /opt/cri-tools-${CRICTL_TOOLS_VERSION}-0-fips.rpm https://packages.d2iq.com/konvoy/stable/linux/repos/el/kubernetes-v${KUBERNETES_VERSION}-nokmem/x86_64/cri-tools-${CRICTL_TOOLS_VERSION}-0.x86_64.rpm && \
curl --fail -v -o /opt/cri-tools-${CRICTL_TOOLS_VERSION}-0-fips.rpm https://packages.d2iq.com/konvoy/stable/linux/repos/el/kubernetes-v${KUBERNETES_VERSION}-fips/x86_64/cri-tools-${CRICTL_TOOLS_VERSION}-0.x86_64.rpm && \
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Previously it was was pulling the nokmem version for cri-tools. Those binaries don't get modified for FIPS and are equivalent, but still better to pull the correct one.

Dockerfile.devkit
ARG GOSS_VERSION=v0.3.23
RUN curl -L "https://github.com/goss-org/goss/releases/download/${GOSS_VERSION}/goss-linux-amd64" -o /usr/local/bin/goss-amd64
RUN chmod +rx /usr/local/bin/goss-amd64
ARG BUILDARCH
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We were inconsistently using BUILDARCH here, this goss binary is used on the remove machine where only linux-amd64 is supported.
The Dockerfile will always look for the amd64 version

konvoy-image-builder/Dockerfile

Lines 32 to 33 in 187d011

# Packer copies /usr/local/bin/goss-amd64 from this container to the remote host
COPY --from=devkit /usr/local/bin/goss-amd64 /usr/local/bin/goss-amd64

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thanks for fixing this.

supershal
supershal approved these changes Dec 20, 2024
View reviewed changes
Copy link
Collaborator

@supershal supershal left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you.

@dkoshkin dkoshkin requested a review from legacyrj December 20, 2024 17:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@supershal supershal supershal approved these changes

@faiq faiq Awaiting requested review from faiq

@legacyrj legacyrj Awaiting requested review from legacyrj

Assignees
No one assigned
Labels
fix runs-aws-tests
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@dkoshkin @supershal