Make GCR image provider available #1344
Conversation
https://kapetanios.io/builds/3aa6c2c5-cfee-46b0-ad58-98e175497c49/step-0#L91 Quite a long time melted away due to this error. Other properties (including |
| return auth.NewAuthorizer(manager, authHandlers...) | ||
| return &model.ImageRef{ | ||
| ImageName: *image, | ||
| // TODO: Enable to specify the tag if multiple tags are associated to an image |
There was a problem hiding this comment.
I'm looking into using regexp to specify which tag will be used. It would be nice to add the tagRegex field to ImageWatcher config under the .pipe/ directory.
apiVersion: pipecd.dev/v1beta1
kind: ImageWatcher
spec:
targets:
- image: gcr.io/pipecd/foo
provider: my-gcr
filePath: foo/deployment.yaml
field: $.spec.template.spec.containers[0].image
tagRegex: ^([0-9]+)\.([0-9]+)\.([0-9]+)(?:-([0-9A-Za-z-]+(?:\.[0-9A-Za-z-]+)*))?(?:\+[0-9A-Za-z-]+)?$Alternatively, simply providing useSemver or something like that might be nice.
There was a problem hiding this comment.
This option is needed right now for us whose images' have multiple tags: https://gcr.io/pipecd/server
There was a problem hiding this comment.
It would be wonderful if you could leverage pubsub instead of polling every 5 minutes for ImageWatcher, but I understand that you would need to do something specific for each registry, since everything implements this slightly differently.
There was a problem hiding this comment.
@jonjohnsonjr Thank you for taking a look at our project! You're quite right. We don't have to be worried about the pull rate limit if we could support the event hooks for cloud-provider-specific. However, we decided not to do that so as to reduce the burden on users and avoid complexity.
FYI: Alternatively, we're looking into a completely different solution to deal with the rate limit: #1341
|
@nakabonne looks like the error comes from here Could you check 👀 |
|
@khanhtc1202 Yup, that has caused me pain for a long time. |
|
@nakabonne Is that happening at your local environment too? |
|
@nghialv Yup, it's happening on my laptop as well. |
|
And for sure you can check whether that function was included in the |
|
That is included in the |
❯ cat vendor/github.com/google/go-containerregistry/pkg/v1/google/options.go
// Copyright 2018 Google LLC All Rights Reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package google
import (
"context"
"net/http"
"github.com/google/go-containerregistry/pkg/authn"
"github.com/google/go-containerregistry/pkg/logs"
)
// WithTransport is a functional option for overriding the default transport
// on a remote image
func WithTransport(t http.RoundTripper) ListerOption {
return func(l *lister) error {
l.transport = t
return nil
}
}
// WithAuth is a functional option for overriding the default authenticator
// on a remote image
func WithAuth(auth authn.Authenticator) ListerOption {
return func(l *lister) error {
l.auth = auth
return nil
}
}
// WithAuthFromKeychain is a functional option for overriding the default
// authenticator on a remote image using an authn.Keychain
func WithAuthFromKeychain(keys authn.Keychain) ListerOption {
return func(l *lister) error {
auth, err := keys.Resolve(l.repo.Registry)
if err != nil {
return err
}
if auth == authn.Anonymous {
logs.Warn.Printf("No matching credentials were found for %q, falling back on anonymous", l.repo.Registry)
}
l.auth = auth
return nil
}
}
// WithContext is a functional option for overriding the default
// context.Context for HTTP request to list remote images
func WithContext(ctx context.Context) ListerOption {
return func(l *lister) error {
l.ctx = ctx
return nil
}
} |
|
@nghialv Have you ever been facing this or something similar before? |
|
No. It is weird. Is it ok to call other functions from that package, e.g. |
Yes, other methods call goes well.
Actually already done, but doesn't go well... |
|
Let me take a try at my local. |
|
It helps me a lot. Thanks... |
|
I have just found that the downloaded source inside |
|
I see. I'd be happy to look into why it downloads wrong one. |
|
I think somehow it was overridden by before this line |
|
not sure will it help or not but update |
|
Yes, I am trying to upgrade |
|
I'm now at the stage of learning Bazel and its surrounding ecosystem. |
|
Status: for now waiting for #1346; once got merged check it out and proceed next solution depending on the result. |
|
I tried to add the Moving this part from repositories.bzl to WORKSPACE (before loading the rules_go's dependencies) |
|
@nghialv Thanks for spending your time. I'm now trying to do that. |
|
The following ISSUES will be created once got merged. If you want me to skip creating the issue, you can use Details1. Investigate why "go-containerregistry" package is overriddenThis was created by todo plugin since "TODO:" was found in 87a5339 when #1344 was merged. cc: @nakabonne.2. Use pagination to retrieve image tags from GCRThis was created by todo plugin since "TODO:" was found in 87a5339 when #1344 was merged. cc: @nakabonne.3. Enable to specify the tag if multiple tags are associated to an imageThis was created by todo plugin since "TODO:" was found in 87a5339 when #1344 was merged. cc: @nakabonne. |
|
Code coverage for golang is |
|
@nghialv @khanhtc1202 Just applied a workaround. PTAL! |
|
/lgtm |
|
Thank you |
|
This pull request is APPROVED by Approvers can cancel the approval by writing |
**What this PR does / why we need it**: This PR gets rid of Bazel's repositories no longer needed by running `gazelle update-repos` with the `-prune` option. For that option, see: https://github.com/bazelbuild/bazel-gazelle#update-repos Also, it reverts the workaround due to #1344 (comment). We can undo it because we just settled on stop watching container registries. If there are some reasons why we didn't use the `-prune` option, I don't mind dropping this patch. **Which issue(s) this PR fixes**: Fixes #1353 **Does this PR introduce a user-facing change?**: <!-- If no, just write "NONE" in the release-note block below. --> ```release-note NONE ``` This PR was merged by Kapetanios.
What this PR does / why we need it:
This PR allows us to use GCR as an image provider for public and private images.
No client package provided under the cloud.google.com/go package because GCR simply implements the Docker Registry API V2. So we've used the
docker/distributionpackage before, but I found GCR API wraps it to show the tags' uploaded time, that's why the package was replaced withgoogle/go-containerregistry. This package has some problem so I'd happy to address them as another PR.Which issue(s) this PR fixes:
Fixes #1205
Fixes #1206
Fixes #1204
Fixes #1207
Does this PR introduce a user-facing change?: