pants icon indicating copy to clipboard operation
pants copied to clipboard
verified publisher icon pantsbuild

Helm: warn on missing docker image

Open lilatomic opened this issue 1 year ago • 2 comments

Add a toggle for warning if something that will be used as an image looks like a target but does not exist. Also adds an option for known 3rd-party images (and the option to disable it).

This allows us to ensure that an image is valid. Obviously, if it's a valid docker_image target, it's valid. Otherwise, the value being passed to an image could fit into several categories, which we can warn about:

  • a 3rd party image : we check that this is a known image, so busybox:latest isn't interpreted as a target
  • an image that was produced by a docker_image target, but taken from the registry : myproject/docker:1.0.0. we treat is as a 3rd party chart, which isn't accurate but has the same outcome.
  • something that is obviously a Pants target but that isn't found : //myproject:oops, which we can warn must be a typo
  • targets of the wrong type : myproject:files

closes to #18346

lilatomic avatar Jun 17 '24 05:06 lilatomic

Since we're adding a new subsystem that allows to configure the dependency inference behavior. What about having an extra option in the subsystem, some sort of list-option third_party_docker_images?

So if the behavior in helm-infer is something other than ignore, then we would either error or warn whenever we find an image reference that looks like it could either be a target address or a valid external reference but can't find any address for it and it hasn't been listed in that option as an external image reference.

In other words, it would be a safe way of silencing the error/warning without having to change the whole behavior to be ignore. This obviously would need to be highlighted in the documentation otherwise it would take newcomers off-guard.

alonsodomin avatar Jun 17 '24 07:06 alonsodomin

ah, so one wrinkle is that the image refs include values that are passed in as vars and values that are there by default/in the chart. So if you're deploying a helm chart then you might need to add a bunch of images...

lilatomic avatar Jun 22 '24 20:06 lilatomic

I wonder though why we need the wildcard * in external_docker_images as that gives two different ways of silencing errors/warnings about unknown docker image references.

There's a bit of a subtlety in that the wildcard will only "pass" on things that look like docker images, but will still error on other things, like something that looks like an address but didn't resolve. I've added that as a doc.

lilatomic avatar Jul 18 '24 00:07 lilatomic