kaniko icon indicating copy to clipboard operation
kaniko copied to clipboard

Published 20 hours ago verified publisher icon GoogleContainerTools

Add --push-ignore-immutable-tag-errors boolean CLI option

Open matheuscscp opened this issue 10 months ago • 2 comments

Description

This change adds the boolean CLI flag --push-ignore-immutable-tag-errors for ignoring known tag immutability errors after a push. When the flag is true, an error known to be due to a tag immutability feature, e.g. Google Artifact Registry's tag immutability, a push would simply ignore such error and return with success.

In my use case we have a Google Artifact Registry with immutable tags enabled, but our CD pipelines may try to build and push the same tag in parallel. Since we ensure on our side that the produced images would necessarily be identical, we would like to be able to ignore such errors and consider the push successful so our pipelines can just move on.

Submitter Checklist

  • [ ] Tests: I'd definitely add them, but it looks like a significant refactor would be required for mocking the error returned by this call.

Reviewer Notes

  • [ ] The code flow looks good.
  • [ ] Unit tests and or integration tests added.

Release Notes

This change adds the boolean CLI flag --push-ignore-immutable-tag-errors for ignoring known tag immutability errors after a push. When the flag is true, an error known to be due to a tag immutability feature, e.g. Google Artifact Registry's tag immutability, a push would simply ignore such error and return with success.

matheuscscp avatar Oct 04 '23 10:10 matheuscscp

Thanks for the PR here @matheuscscp. If you can rebase your changes here and fix the lint error (snippet below) we should be able to merge this. To fix the below you need to the added PushIgnoreImmutableTagErrors bool field to be with the other bool fields:

error snippet

Error: pkg/config/options.go:34:22: struct of size 112 bytes could be of size 104 bytes:

struct{ RegistryMirrors github.com/GoogleContainerTools/kaniko/pkg/config.multiArg, InsecureRegistries github.com/GoogleContainerTools/kaniko/pkg/config.multiArg, SkipTLSVerifyRegistries github.com/GoogleContainerTools/kaniko/pkg/config.multiArg, RegistriesCertificates github.com/GoogleContainerTools/kaniko/pkg/config.keyValueArg, RegistriesClientCertificates github.com/GoogleContainerTools/kaniko/pkg/config.keyValueArg, PushRetry int, SkipDefaultRegistryFallback bool, Insecure bool, SkipTLSVerify bool, InsecurePull bool, SkipTLSVerifyPull bool, PushIgnoreImmutableTagErrors bool, }

type RegistryOptions struct {
                     ^
make: *** [Makefile:67: test] Error 1

aaron-prindle avatar Nov 29 '23 04:11 aaron-prindle

Thanks for the PR here @matheuscscp. If you can rebase your changes here and fix the lint error (snippet below) we should be able to merge this. To fix the below you need to the added PushIgnoreImmutableTagErrors bool field to be with the other bool fields:

error snippet

Error: pkg/config/options.go:34:22: struct of size 112 bytes could be of size 104 bytes:

struct{ RegistryMirrors github.com/GoogleContainerTools/kaniko/pkg/config.multiArg, InsecureRegistries github.com/GoogleContainerTools/kaniko/pkg/config.multiArg, SkipTLSVerifyRegistries github.com/GoogleContainerTools/kaniko/pkg/config.multiArg, RegistriesCertificates github.com/GoogleContainerTools/kaniko/pkg/config.keyValueArg, RegistriesClientCertificates github.com/GoogleContainerTools/kaniko/pkg/config.keyValueArg, PushRetry int, SkipDefaultRegistryFallback bool, Insecure bool, SkipTLSVerify bool, InsecurePull bool, SkipTLSVerifyPull bool, PushIgnoreImmutableTagErrors bool, }

type RegistryOptions struct {
                     ^
make: *** [Makefile:67: test] Error 1

Thanks @aaron-prindle! I just rebased and fixed the lint error :ok_hand:

matheuscscp avatar Dec 01 '23 13:12 matheuscscp

@matheuscscp thanks for the PR here, can you also add this flag to the README.md section which lists kaniko's CLI flag options: https://github.com/GoogleContainerTools/kaniko?tab=readme-ov-file#additional-flags

Once that is done we should be able to merge

aaron-prindle avatar Feb 29 '24 07:02 aaron-prindle

@matheuscscp thanks for the PR here, can you also add this flag to the README.md section which lists kaniko's CLI flag options: https://github.com/GoogleContainerTools/kaniko?tab=readme-ov-file#additional-flags

Once that is done we should be able to merge

@aaron-prindle Done! :ok_hand:

matheuscscp avatar Feb 29 '24 09:02 matheuscscp

Thanks for merging this, @aaron-prindle! Can you please cut a release? Thanks :pray: :pray: :pray:

matheuscscp avatar Feb 29 '24 19:02 matheuscscp

@matheuscscp Kaniko v1.21.0 is released now with this change included. Thanks for the PR!

aaron-prindle avatar Mar 01 '24 21:03 aaron-prindle