Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

libimage: pull: ignore platform for local image lookup #634

Merged
merged 3 commits into from
Jun 23, 2021
Merged

libimage: pull: ignore platform for local image lookup #634

merged 3 commits into from
Jun 23, 2021

Conversation

vrothberg
Copy link
Member

We must ignore the platform of a local image when doing lookups. Some
images set an incorrect or even invalid platform (see
containers/podman/issues/10682). Doing the lookup while ignoring the
platform checks prevents redundantly downloading the same image.

Note that this has the consequence that a --pull-never --arch=hurz may
chose a local image of another architecture. However, I estimate the
benefit of continuing to allow potentially invalid images higher than
not running them (and breaking workloads).

The changes required to touch the corrupted checks. I used the occasion
to make the corrupted checks a bit cheaper.

Signed-off-by: Valentin Rothberg [email protected]

@openshift-ci
Copy link
Contributor

openshift-ci bot commented Jun 18, 2021

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: vrothberg

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@vrothberg
Copy link
Member Author

@rhatdan @Luap99 PTAL

@vrothberg vrothberg mentioned this pull request Jun 18, 2021
Closed
@rhatdan
Copy link
Member

rhatdan commented Jun 18, 2021

LGTM

@Luap99
Copy link
Member

Luap99 commented Jun 18, 2021

@vrothberg The linter is not happy

@vrothberg
libimage: pull: ignore platform for local image lookup
82c6ef5 
We must ignore the platform of a local image when doing lookups.  Some
images set an incorrect or even invalid platform (see
containers/podman/issues/10682).  Doing the lookup while ignoring the
platform checks prevents redundantly downloading the same image.

Note that this has the consequence that a `--pull-never --arch=hurz` may
chose a local image of another architecture.  However, I estimate the
benefit of continuing to allow potentially invalid images higher than
not running them (and breaking workloads).

The changes required to touch the corrupted checks.  I used the occasion
to make the corrupted checks a bit cheaper.

Signed-off-by: Valentin Rothberg <[email protected]>
@vrothberg
Copy link
Member Author

Linter is happy now :) @Luap99 PTanotherL

@vrothberg
Copy link
Member Author

/hold
I'll put one thing on top.

@vrothberg vrothberg mentioned this pull request Jun 21, 2021
Merged
@vrothberg
libimage: pull: enforce pull policy for custom platforms
d3d1223 
Enforce the pull policy to always if a custom platform is requested by
the user.  Some images ship with invalid platforms which we must
pessimistically assume, see containers/podman/issues/10682.

Signed-off-by: Valentin Rothberg <[email protected]>
@Luap99
Copy link
Member

Luap99 commented Jun 21, 2021

/lgtm

@openshift-ci openshift-ci bot added the lgtm label Jun 21, 2021
@rhatdan
Copy link
Member

rhatdan commented Jun 21, 2021

/hold cancel

@vrothberg
Copy link
Member Author

/hold

@vrothberg
Copy link
Member Author

Too early: containers/podman#10739 is red all over

@vrothberg vrothberg changed the title libimage: pull: ignore platform for local image lookup WIP- libimage: pull: ignore platform for local image lookup Jun 21, 2021
@vrothberg
libimage: pull: override even --pull=never with custom platform
f38374f 
As it turned out in Podman CI (containers/podman/pull/10739), the policy
is overridden via --arch/os/platform/variant even when the policy is set
to never.

While I think this is a bug, it is a separate one and must tackled
separately.

Signed-off-by: Valentin Rothberg <[email protected]>
vrothberg added a commit to vrothberg/buildah that referenced this pull request Jun 21, 2021
@vrothberg
do not merge - test containers/common/pull/634
7ca576e 
Signed-off-by: Valentin Rothberg <[email protected]>
@vrothberg
Copy link
Member Author

Now also opened a Buildah PR containers/buildah#3326 to be extra sure.

@vrothberg
Copy link
Member Author

Note that there is still space for optimizations (e.g., do an extra arch/os/variant check) but I think it's good for now. Already an improvement to the previous state and with the RHEL deadlines around the corner, I want to make sure to have enough time for getting the backports to v0.38 ready (for Podman v3.2).

@vrothberg vrothberg changed the title WIP- libimage: pull: ignore platform for local image lookup libimage: pull: ignore platform for local image lookup Jun 23, 2021
@vrothberg
Copy link
Member Author

/hold cancel

@Luap99
Copy link
Member

Luap99 commented Jun 23, 2021

/lgtm

@openshift-ci openshift-ci bot added the lgtm label Jun 23, 2021
@openshift-merge-robot openshift-merge-robot merged commit 6b4cf4d into containers:main Jun 23, 2021
@vrothberg vrothberg deleted the oh-my-arch branch June 23, 2021 12:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@Luap99 Luap99

Labels
approved lgtm
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@vrothberg @rhatdan @Luap99 @openshift-merge-robot