To prevent changes being applied unexpectedly on a pod restart, infrastructure components should use explicitly versioned tags which are then manually deployed to the cluster.
Customize query in gerrit
|toolforge: k8s: build images with explicit git version tags||operations/cookbooks||wmcs||+6 -4|
|Resolved||taavi||T320446 The following container images did not match any of the allowed registries ([['docker-registry.tools.wmflabs.org']])|
|Resolved||taavi||T320476 do not use :latest for toolforge infrastructure components|
|Resolved||taavi||T320667 Cloud services enhancement proposal: Toolforge Kubernetes component workflow improvements|
|Resolved||taavi||T329530 Convert all Toolforge custom components to standardized Helm based deployment|
|Resolved||dcaro||T336130 Automatically build Toolforge infrastructure container images in GitLab|
|Open||None||T334399 Move Toolforge PipelineLib repositories to GitLab|
|Resolved||dcaro||T341084 [toolforge] Move all the components to the gitlab ci/cd flow|
|Open||None||T344765 Migrate striker to GitLab|
|Open||None||T334419 Set up translatewiki.net exports to push (and merge) to Wikimedia GitLab|
|Resolved||dcaro||T339198 Decision request - Toolforge component deployment flow details|
Quick fixes aside, I think this could be tied into some more general workflow improvements. In my ideal world, the container build + push itself would be automated and only the image bump would need running commands manually.