[WIP] test: pull node e2e image from the community staging registry#1290
Closed
dims wants to merge 1 commit into
Closed
[WIP] test: pull node e2e image from the community staging registry#1290dims wants to merge 1 commit into
dims wants to merge 1 commit into
Conversation
Contributor
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: dims The full list of commands accepted by this bot can be found here. DetailsNeeds approval from an approver in each of these files:Approvers can indicate their approval by writing |
k8s-ci-robot
added
size/S
dims
changed the title
k8s-ci-robot
added
the
do-not-merge/work-in-progress
The node e2e "NodeProblemDetector" test pulls NODE_PROBLEM_DETECTOR_IMAGE during the SynchronizedBeforeSuite image prepull. build.sh pointed this at a freshly built tag under gcr.io/node-problem-detector-staging, but that image is never pushed (the CI build runs `build-container`, not `push-container`) and the legacy node-problem-detector-staging project is now served by Artifact Registry, which refuses anonymous pulls. The prepull fails with 403 Forbidden and aborts the whole suite. This stayed hidden until the cgo build of test/e2e_node/node_problem_detector_linux.go (//go:build cgo) was re-enabled upstream, which made --focus=NodeProblemDetector select the test and run the prepull again. The untrusted presubmit/CI build cluster cannot push to the staging registry, so consume the multi-arch image already published to gcr.io/k8s-staging-npd by the node-problem-detector-push-images postsubmit. Its "master" tag tracks the latest master commit and is anonymously pullable. Also repoint NPD_STAGING_REGISTRY at the community registry so the locally built container is tagged with the current project name. Signed-off-by: Davanum Srinivas <davanum@gmail.com>
dims
force-pushed
the
fix-ci-npd-e2e-node-image
branch
from
5bf4771 to
ee3cfac
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What type of PR is this?
/kind bug
What this PR does / why we need it:
The node e2e
NodeProblemDetectortest prepullsNODE_PROBLEM_DETECTOR_IMAGE, whichbuild.shset to a freshly built tag undergcr.io/node-problem-detector-staging. That image is never pushed by CI, and the legacy project is now served by Artifact Registry which refuses anonymous pulls, so the prepull fails with403 Forbiddenand abortsci-npd-e2e-node(and thepull-npd-e2e-nodepresubmit).Consume the multi-arch image already published to the community registry by the
node-problem-detector-push-imagespostsubmit (gcr.io/k8s-staging-npd/node-problem-detector:master) instead. The untrusted build cluster can't push to the staging registry, so consuming the published image needs no new permissions.Special notes for your reviewer:
Surfaced when the cgo build of
test/e2e_node/node_problem_detector_linux.gowas re-enabled upstream, which made--focus=NodeProblemDetectorselect the test again and run the prepull.Does this PR introduce a user-facing change?