Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ROX-18384: remove slim images from upstream #1963

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

ROX-18384: remove slim images from upstream #1963

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
97ab843
ROX-18384: remove slim images from upstream
Stringy Nov 18, 2024
cd7643b
Minor docs fix
Stringy Nov 18, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
30 changes: 0 additions & 30 deletions .github/workflows/collector.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -188,13 +188,6 @@ jobs:
base-image: quay.io/stackrox-io/collector:${{ inputs.collector-tag }}
archs: ${{ env.ARCHS }}

- name: Create and push multiarch manifest for stackrox-io -slim
uses: ./.github/actions/create-multiarch-manifest
with:
base-image: quay.io/stackrox-io/collector:${{ inputs.collector-tag }}
archs: ${{ env.ARCHS }}
suffix: -slim

- name: Create and push multiarch manifest for stackrox-io -base
uses: ./.github/actions/create-multiarch-manifest
with:
Expand Down Expand Up @@ -222,13 +215,6 @@ jobs:
base-image: quay.io/rhacs-eng/collector:${{ inputs.collector-tag }}
archs: ${{ env.ARCHS }}

- name: Create and push multiarch manifest for rhacs-eng -slim
uses: ./.github/actions/create-multiarch-manifest
with:
base-image: quay.io/rhacs-eng/collector:${{ inputs.collector-tag }}
archs: ${{ env.ARCHS }}
suffix: -slim

- name: Create and push multiarch manifest for rhacs-eng -base
uses: ./.github/actions/create-multiarch-manifest
with:
Expand Down Expand Up @@ -264,14 +250,6 @@ jobs:
username: ${{ secrets.QUAY_STACKROX_IO_RW_USERNAME }}
password: ${{ secrets.QUAY_STACKROX_IO_RW_PASSWORD }}

- name: Retag and push stackrox-io -slim
uses: stackrox/actions/images/retag-and-push@v1
with:
src-image: ${{ inputs.collector-image }}-amd64
dst-image: ${{ inputs.collector-image }}-slim
username: ${{ secrets.QUAY_STACKROX_IO_RW_USERNAME }}
password: ${{ secrets.QUAY_STACKROX_IO_RW_PASSWORD }}

- name: Retag and push stackrox-io -base
uses: stackrox/actions/images/retag-and-push@v1
with:
Expand All @@ -296,14 +274,6 @@ jobs:
username: ${{ secrets.QUAY_RHACS_ENG_RW_USERNAME }}
password: ${{ secrets.QUAY_RHACS_ENG_RW_PASSWORD }}

- name: Retag and push rhacs-eng -slim
uses: stackrox/actions/images/retag-and-push@v1
with:
src-image: ${{ inputs.collector-image }}-amd64
dst-image: ${{ env.RHACS_ENG_IMAGE }}-slim
username: ${{ secrets.QUAY_RHACS_ENG_RW_USERNAME }}
password: ${{ secrets.QUAY_RHACS_ENG_RW_PASSWORD }}

- name: Retag and push rhacs-eng -base
uses: stackrox/actions/images/retag-and-push@v1
with:
Expand Down
5 changes: 2 additions & 3 deletions ansible/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -51,9 +51,8 @@ quay.io.

### Collector image

The `ci-build-collector.yml` playbook is meant to be used by CI, it handles the
build process for the slim collector image, as well as retagging and pushing
of these images to quay.io.
The `ci-build-collector.yml` playbook is meant to be used by CI, it handles
retagging and pushing of Collector images to quay.io.

#### Environment variables used by the playbook

Expand Down
16 changes: 0 additions & 16 deletions ansible/ci-build-collector.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -63,13 +63,6 @@
push: true
source: local

- name: Push slim to quay.io/stackrox-io
community.docker.docker_image:
name: "{{ collector_image }}-{{ arch }}"
repository: "{{ collector_image }}-{{ arch }}-slim"
push: true
source: local

- name: Push base to quay.io/stackrox-io
community.docker.docker_image:
name: "{{ collector_image }}-{{ arch }}"
Expand Down Expand Up @@ -97,13 +90,6 @@
push: true
source: local

- name: Push slim to quay.io/rhacs-eng
community.docker.docker_image:
name: "{{ rhacs_eng_image }}-{{ arch }}"
repository: "{{ rhacs_eng_image }}-{{ arch }}-slim"
push: true
source: local

- name: Push base to quay.io/rhacs-eng
community.docker.docker_image:
name: "{{ rhacs_eng_image }}-{{ arch }}"
Expand All @@ -123,11 +109,9 @@
msg:
- "Pushed the following images:"
- " {{ collector_image }}-{{ arch }}"
- " {{ collector_image }}-{{ arch }}-slim"
- " {{ collector_image }}-{{ arch }}-base"
- " {{ collector_image }}-{{ arch }}-latest"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not a blocking comment and not aiming to be delay the PR by becoming a reviewer.

I recalled this our conversation https://redhat-internal.slack.com/archives/CFMQ5C2TT/p1733309587336659

Your changes in https://github.com/stackrox/stackrox/pull/13350/files#diff-9f1c5124b529a407693ba184291c9797252978fe4ce8770e1ddec20d811efd69L104 allow getting rid of publishing -latest.

Also, I believe -base wasn't used by StackRox. IIRC, it was created by the Collector build pipelines as something intermediate before drivers are injected and it becomes "the full collector".

- " {{ rhacs_eng_image }}-{{ arch }}"
- " {{ rhacs_eng_image }}-{{ arch }}-slim"
- " {{ rhacs_eng_image }}-{{ arch }}-base"
- " {{ rhacs_eng_image }}-{{ arch }}-latest"
tags: [print_action]
Expand Down
2 changes: 1 addition & 1 deletion docs/how-to-start.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ $ make image

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

(not about this line)
I suppose what some of my comments allude to is the need for more testing in different version combinations.
Such as:

  • New Central old roxctl, can roxctl generate sensor manifests and can that be successfully deployed? In both versions of slim=true/false.
  • Old Central, new roxctl, can sensor manifests be generated and successfully deployed?
  • Get old manifest-based secured cluster connected to new Central (probably start both old and then upgrade only Central). Does the UI display all things as expected? Can the secured cluster download probes through Central?
  • Get old Helm-based and Operator-based secured clusters connected to new Central. UI fine? Functioning ok?
  • Get old Central and connect new Helm-based and Operator-based secured clusters. All works well, including UI?

This target will build necessary submodules (gRPC dependencies, Falco
libraries), prepare a builder image, compile Collector using it, and wrap
everything into a slim image with Collector binary inside.
everything into an image with the Collector binary inside.

*NOTE*: Using an intermediate image for compilation means that file paths are
going to be different between your local project directory and the image. For
Expand Down
Loading