config: update operator payloads for v0.8.0 release #282
Conversation
portersrc
force-pushed
the
step-13-operator-bump
branch
from
3b02f36 to
a899ee6
Compare
There was a problem hiding this comment.
@portersrc, please, just take a look at the comments related to enclave-cc.
| @@ -9,7 +9,7 @@ spec: | |||
| node.kubernetes.io/worker: "" | |||
| config: | |||
| installType: bundle | |||
| payloadImage: quay.io/confidential-containers/runtime-payload-ci:enclave-cc-HW-cc-kbc-b58c59dc72a0b10ae3dd4436a206fd54a820c9f7 | |||
| payloadImage: quay.io/confidential-containers/runtime-payload-ci:enclave-cc-HW-cc-kbc-753599f76ef201968438b15f01d7b37d49cc7c5c | |||
| @@ -5,6 +5,6 @@ nameSuffix: -sgx-mode-sim | |||
|
|
|||
| images: | |||
| - name: quay.io/confidential-containers/runtime-payload-ci | |||
| newTag: enclave-cc-SIM-sample-kbc-b58c59dc72a0b10ae3dd4436a206fd54a820c9f7 | |||
| newTag: enclave-cc-SIM-sample-kbc-753599f76ef201968438b15f01d7b37d49cc7c5c | |||
There was a problem hiding this comment.
... and this one, could you use ed979ef2952d8b20c2f0abee3d32a3617d2c57bb tag?
enclave-cc merged a bump on Occlum Today, and we want to test with that image.
portersrc
force-pushed
the
step-13-operator-bump
branch
from
a899ee6 to
e07a868
Compare
I bumped it; it looks like that enclave-cc bundle is still building as of this writing though |
fidencio
force-pushed
the
step-13-operator-bump
branch
from
e07a868 to
f43b0ba
Compare
|
/test |
|
/test-s390x |
|
/test |
1 similar comment
|
/test |
portersrc
force-pushed
the
step-13-operator-bump
branch
from
5add262 to
6c272ba
Compare
|
/test |
| @@ -66,7 +66,7 @@ build_pre_install_img() { | |||
| handle_older_containerd() { | |||
| command -v containerd >/dev/null || return | |||
| local version | |||
| version=$(containerd -v | awk '{ print $3 }') | |||
| version=$(containerd -v | awk '{ print $3 }' | sed 's/^v//') | |||
There was a problem hiding this comment.
Thanks for the fix, @portersrc !
|
@portersrc any special reason to not pin the s390x payload? -> https://github.com/confidential-containers/operator/blob/main/config/samples/ccruntime/s390x/kustomization.yaml |
Oh, that's something that was overlook, I guess, nice catch! |
Also we are using the CI payload instead of |
|
@portersrc you also need to bump the hash of pre-reqs for peer-pods too Good opportunity to advertise this: #205 (perhaps someone "cof-cof Chris cof-cof" would like to take over that script). |
I think the idea is to switch to the runtime-payload bundle in step 19 after we add the release tags for kata and enclave-cc. In the past we have sometimes combined this step with that one, though, and we could do that again if people think it would save time. |
Good point @fitzthum , I forgot kata isn't tagged yet. IMHO, anything to speed up this release is welcomed, so I am okay to switch the payload on this PR to run the CI jobs one more time |
Update the operator to point to the kata containers and enclave-cc release candidate bundles for runtime-payload-ci for v0.8.0 Signed-off-by: Chris Porter <[email protected]>
Update the operator to point to the new release candidate bundles for reqs-payload for v0.8.0 Signed-off-by: Chris Porter <[email protected]>
Handle cases where an older containerd version is prefixed with "v" so that the operator still installs a newer version for them during end-to-end tests Signed-off-by: Chris Porter <[email protected]>
portersrc
force-pushed
the
step-13-operator-bump
branch
from
6c272ba to
de7203f
Compare
|
Thanks to @wainersm for catching these two things: pinning s390x runtime-payload-ci and also pinning peer-pods' reqs-payload. |
|
/test |
|
@wainersm my hunch for now is to do another PR for step 19 just to make sure we don't confuse ourselves. I don't think that will take too much longer, but I leave it to @portersrc to decide. |
|
/test |
|
Let's give these tests one more chance to behave |
This covers step 13 from the release checklist here