Cirrus: Print images that should be pruned #3335
Conversation
openshift-ci-robot
added
the
do-not-merge/work-in-progress
|
NOTE: This is completely untested as of this comment. |
cevich
force-pushed
the
imgprune
branch
2 times, most recently
from
a75390a to
096c27f
Compare
|
☔ The latest upstream changes (presumably #3308) made this pull request unmergeable. Please resolve the merge conflicts. |
openshift-ci-robot
added
the
needs-rebase
openshift-ci-robot
removed
the
needs-rebase
cevich
force-pushed
the
imgprune
branch
3 times, most recently
from
e8186f2 to
0171d6a
Compare
openshift-ci-robot
added
the
needs-rebase
openshift-ci-robot
removed
the
needs-rebase
cevich
force-pushed
the
imgprune
branch
2 times, most recently
from
ca32e62 to
c9e2fac
Compare
cevich
changed the title
openshift-ci-robot
removed
the
do-not-merge/work-in-progress
|
@edsantiago mind taking an initial look? I know you're not fond of the |
edsantiago
left a comment
edsantiago
left a comment
There was a problem hiding this comment.
First-pass review; looks mostly good, with some suggestions and questions. I need to make another pass but I'm drained right now.
cevich
changed the title
openshift-ci-robot
added
do-not-merge/work-in-progress
cevich
force-pushed
the
imgprune
branch
2 times, most recently
from
757f13d to
93e97ab
Compare
|
Example run based on 93e97ab4b9f1dfe7e1658a1a5aa726b43fe155a3 |
Over time unless they're removed, the project could grow quite a large
collection of VM images. While generally cheap (less than a penny each,
per month), these will become a significant cost item if not kept
in-check.
Add a specialized container for handling image-pruning, but limit
it to only finding and printing (not actually deleting) images.
Also update the image-building workflow so that base-images used to
compose cache-images are also labeled with metadata.
N/B: As an additional safeguard, the service account which
executes the new container in production *DOES NOT*
have access to delete images. This can be enabled
by adding the GCE IAM role: CustomComputeImagePrune
Signed-off-by: Chris Evich <cevich@redhat.com>
|
rebased and force-pushed. Only change was a minor README fix. Ignoring the big scary image delete problem for now. |
|
/hold cancel |
openshift-ci-robot
removed
the
do-not-merge/hold
cevich
changed the title
openshift-ci-robot
removed
the
do-not-merge/work-in-progress
|
/lgtm |
|
Changes LGTM, tests aren't hip and it looks the same as your other PR's issues. |
|
tests happy now |
|
/approve |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: cevich, edsantiago, rhatdan The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-ci-robot
added
the
approved
github-actions
bot
added
the
locked - please file new issue/PR
7 participants
Over time unless they're removed, the project could grow quite a large
collection of VM images. While generally cheap (less than a penny each,
per month), these will become a significant cost item if not kept
in-check.
Add a specialized container for handling image-pruning, but limit
it to only finding and printing (not actually deleting) images.
Also update the image-building workflow so that base-images used to
compose cache-images are also labeled with metadata.
N/B: As an additional safeguard, the service account which
executes the new container in production DOES NOT
have access to delete images. This can be enabled
by adding the GCE IAM role: CustomComputeImagePrune
Signed-off-by: Chris Evich cevich@redhat.com