argocd-image-updater
argocd-image-updater copied to clipboard
argoproj-labs
Image updater does not try to deploy with non-existent image
I have an app that deploys an applicationset and I've configured image updater using git writeback.
The use case is that if a user updates the image tag with a tag that doesn't exist (example, because of a typo), I want the deployment to fail. However, it seems that it will just deploy a new pod with the existing working image.
Example:
The application is currently set with an image thisImageExists.v123.
From the console, specify an image that doesn't exist, thisdoesntexist.blah. It will update the applicationset manifest accordingly:
template:
metadata:
annotations:
argocd-image-updater.argoproj.io/my-app-service.allow-tags: 'regexp:^thisdoesntexist.blah$'
argocd-image-updater.argoproj.io/my-app-service.update-strategy: latest
argocd-image-updater.argoproj.io/image-list: my-app-service=example.azurecr.io/my-app-service
argocd-image-updater.argoproj.io/write-back-method: git
...
...
spec:
destination:
namespace: mynamespace
server: 'redacted'
project: myproject
source:
helm:
parameters:
- name: image.tag
value: thisdoesntexist.blah
The application manifest is then also updated with the image that doesn't exist.
source:
repoURL: 'redacted'
path: 'redacted'
targetRevision: main
helm:
valueFiles:
- values.yaml
parameters:
- name: image.tag
value: thisdoesntexist.blah
However, this doesn't reach the deployment manifest and it starts a new deployment, but using the current image, and not the new one that doesn't exist.
containers:
...
...
image: >-
example.azurecr.io/my-app-service:thisImageExists.v123
imagePullPolicy: Always
Logs from image updater show it doesn't try to get the new image.
time="2022-04-05T12:41:31Z" level=debug msg="target parameters: image-spec= image-name=image.name, image-tag=image.tag" application=my-app-service image=example.azurecr.io/my-app-service
time="2022-04-05T12:41:31Z" level=debug msg="Image 'example.azurecr.io/my-app-service:thisImageExists.v123' already on latest allowed version" alias=my-app-service application=my-app-service image_name=my-app-service image_tag=thisImageExists.v123 registry=example.azure.io
Is there configuration that I'm missing that will force image updater to try to deploy with the non-existent image, or, alternatively, some workaround that will let my user know that the deployment was unsuccessful with the image they specified?
Note: This works as expected if the user updates with an image tag that exists.
HI @maggiedeuitch, I'm not sure if I understand your use-case correctly.
What exactly is the outcome you expect?
Is there configuration that I'm missing that will force image updater to try to deploy with the non-existent image
Image Updater uses the registry for finding the available images. It would make no sense imho to have Image Updater update to a non-existing image.
Hi @jannfis
The use case is that sometimes a user wants to manually change the tag from the console, but they might accidentally input an image that doesn't exist because of a typo or something. In this case it would be nice to have some sort of validation that throws an error if image updater can't find this in the registry.
Currently, the user would assume that the deployment was successful with the image they inputted, when it actually just redeployed a previous working image. (I know a user can just double check their input or manually verify after deployment, but an automatic error would be better)
Hi @jannfis
After some more digging, I think this is linked to another issue that is already open where the .argocd-source-<app-name>.yamlis overriding the value set within the console.
https://github.com/argoproj/argo-cd/issues/6665