rules_k8s Improve validation of missing image dependencies

Improve validation of missing image dependencies

Open calder opened this issue 6 years ago • 3 comments

When an image dependency is accidentally missing from a BUILD file, rules_k8s happily assumes it's an external image, and the baked YAML continues to refer to the image at :latest. This can result in accidentally deploying the wrong version of an image, which is at best confusing to debug and at worst dangerous to production.

One approach that could potentially work is a pair of new parameters to k8s_object:

external_images - A whitelist of external images which are not built by Bazel.
strict_image_check - When true, check that all images are either explicitly listed in external_images or supplied via images. This could default to false for backward compatibility, though this is an easy (and dangerous) enough mistake to make that it might be worth defaulting it to true.

Jun 21 '18 18:06 calder

Fixed?

Jul 24 '18 17:07 fejta

hqdefault

Sep 15 '18 19:09 calder

But also very low priority.

Sep 15 '18 19:09 calder

rules_k8s rules_k8s copied to clipboard

Improve validation of missing image dependencies

rules_k8s
rules_k8s copied to clipboard