Page MenuHomePhabricator
Create Task
Maniphest T321188

[tbs] fix/improve the updating of the buildpack/tekton images in the local repo
Closed, ResolvedPublic5 Estimated Story Points
Actions

Description

Currently we have a cookbook wmcs.toolforge.buildservice.upload_images_to_repo that updates the images of lifecycle,
builder and tekton related to the given tags, but there's the distroless/base one that does not use a tag, but sha,
for which we need back the sha of the uploaded image before we can create the commit in the buildservice repo to pull
that sha, but that only happens after pushing the image.

So this task is to somehow give back a summary of what is it that you have to patch in the bulidservice repo to get the
newly updated images working.

Details

ProjectBranchLines +/-Subject
operations/cookbookswmcs+12 -3cookbooks: print out instructions on next step after updating the buildpack/tekton images in the local repository
Customize query in gerrit

Related Objects
Search...

Event Timeline

dcaro triaged this task as High priority.Oct 19 2022, 12:30 PM
dcaro created this task.
dcaro added a project: Toolforge Build Service.
dcaro added a parent task: T267374: [tbs.beta] Create a toolforge build service beta release.
dcaro moved this task from Backlog to To be Discussed on the Toolforge Build Service board.Oct 19 2022, 12:34 PM
KHernandez-WMF moved this task from To be Discussed to Discussed/Estimated on the Toolforge Build Service board.Oct 25 2022, 1:33 PM
dcaro reassigned this task from dcaro to Raymond_Ndibe.Oct 25 2022, 1:33 PM
KHernandez-WMF set the point value for this task to 5.Oct 25 2022, 1:33 PM
KHernandez-WMF moved this task from Discussed/Estimated to Iteration 03 on the Toolforge Build Service board.Oct 25 2022, 3:37 PM
KHernandez-WMF edited projects, added Toolforge Build Service (Iteration 03); removed Toolforge Build Service.
Raymond_Ndibe added a project: User-Raymond_Ndibe.Nov 3 2022, 6:11 PM
KHernandez-WMF moved this task from Iteration 03 to Iteration 04 on the Toolforge Build Service board.Nov 8 2022, 11:26 PM
KHernandez-WMF edited projects, added Toolforge Build Service (Iteration 04); removed Toolforge Build Service (Iteration 03).
Raymond_Ndibe added a subscriber: fnegri.Nov 14 2022, 3:20 PM

Hello @dcaro , playing around a bit with the cookbook cookbooks/wmcs/toolforge/buildservice/upload_images_to_repo.py with @fnegri , we found out that the hash of the updated distroless image is already being printed to the command line, and the file buildservice/deploy/base-tekton/tekton-pipelines-controller-patch.json is already embedding the docker-registry.tools.wmflabs.org/toolforge-distroless-base@sha256:eebb155bd1116e3b67e2ce43244f9c9958df0cbb75a84c231565fae2ed87c9f4 image. To update, we only need to change the hash of the image above to the current value. This task is about improving this process, but it's unclear what improvement means in this case.

  1. Are we to research and find a way to make it possible that we no longer need to manually change the hash in the buildservice repo?
  2. Or are we to make make changes to the cookbook to somehow make it clearer that the hash being printed to the commandline for the docker push command should be copied and manually added to the buildservice repo?
dcaro added a comment.Nov 14 2022, 4:02 PM
In T321188#8392807, @Raymond_Ndibe wrote:

Hello @dcaro , playing around a bit with the cookbook cookbooks/wmcs/toolforge/buildservice/upload_images_to_repo.py with @fnegri , we found out that the hash of the updated distroless image is already being printed to the command line, and the file buildservice/deploy/base-tekton/tekton-pipelines-controller-patch.json is already embedding the docker-registry.tools.wmflabs.org/toolforge-distroless-base@sha256:eebb155bd1116e3b67e2ce43244f9c9958df0cbb75a84c231565fae2ed87c9f4 image. To update, we only need to change the hash of the image above to the current value. This task is about improving this process, but it's unclear what improvement means in this case.

  1. Are we to research and find a way to make it possible that we no longer need to manually change the hash in the buildservice repo?

This is out of the original scope of the task, but if you want to try to tackle it you are welcome to :), it might get tricky as we don't really have yet anything like that.

  1. Or are we to make make changes to the cookbook to somehow make it clearer that the hash being printed to the commandline for the docker push command should be copied and manually added to the buildservice repo?

This was the original scope yep, maybe just printing a message like:

Don't forget to update the file `buildservice/deploy/base-tekton/tekton-pipelines-controller-patch.json` in the bulidservice repo with the contents:
----
<...>
docker-registry.tools.wmflabs.org/toolforge-distroless-base@sha256:<new_hash>
<...>
----

or similar

Raymond_Ndibe added a comment.Nov 14 2022, 4:06 PM

Ok I think it's clear now, thank you!

Raymond_Ndibe moved this task from Next Up to In Review on the Toolforge Build Service (Iteration 04) board.Nov 22 2022, 2:58 PM
gerritbot added a comment.Nov 22 2022, 4:58 PM

Change 859582 had a related patch set uploaded (by Raymond Ndibe; author: Raymond Ndibe):

[operations/cookbooks@wmcs] cookbooks: print out instructions on next step after updating the buildpack/tekton images in the local repo

https://gerrit.wikimedia.org/r/859582

gerritbot added a project: Patch-For-Review.Nov 22 2022, 4:58 PM
KHernandez-WMF moved this task from Iteration 04 to Iteration 05 on the Toolforge Build Service board.Nov 22 2022, 5:49 PM
KHernandez-WMF edited projects, added Toolforge Build Service (Iteration 05); removed Toolforge Build Service (Iteration 04).
KHernandez-WMF moved this task from Next Up to In Review on the Toolforge Build Service (Iteration 05) board.
Raymond_Ndibe moved this task from Backlog to In Review on the User-Raymond_Ndibe board.Nov 30 2022, 5:07 PM
dcaro moved this task from In Review to In Progress on the Toolforge Build Service (Iteration 05) board.Nov 30 2022, 5:27 PM
dcaro moved this task from In Progress to In Review on the Toolforge Build Service (Iteration 05) board.Nov 30 2022, 5:33 PM
dcaro moved this task from In Review to In Progress on the Toolforge Build Service (Iteration 05) board.
Raymond_Ndibe closed this task as Resolved.Dec 1 2022, 12:54 PM
Raymond_Ndibe moved this task from In Progress to Done on the Toolforge Build Service (Iteration 05) board.
gerritbot added a comment.Dec 5 2022, 3:08 PM

Change 859582 merged by jenkins-bot:

[operations/cookbooks@wmcs] cookbooks: print out instructions on next step after updating the buildpack/tekton images in the local repository

https://gerrit.wikimedia.org/r/859582

dcaro mentioned this in rCCKB90ec0afab305: cookbooks: print out instructions on next step after updating the.Dec 14 2022, 3:34 PM
Content licensed under Creative Commons Attribution-ShareAlike 3.0 (CC-BY-SA) unless otherwise noted; code licensed under GNU General Public License (GPL) or other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL