genpolicy: Add optional toggle to pull images using containerd #9185
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
a4dbfb2
to
77651e6
Compare
0720ab5
to
2831777
Compare
|
Able to pass tests locally using |
50f253c
to
95e326a
Compare
sprt
requested changes
Mar 4, 2024
There was a problem hiding this comment.
Could you fix your commits according to this? https://github.com/kata-containers/community/blob/main/CONTRIBUTING.md#patch-format
Yep! I'm iterating and trying changes to pass the ci tests. I'll squash those changes into a commit with correct format when I'm done |
|
Gotcha, I just converted this to a draft while you work on it then. Feel free to take it out of draft when it's ready! |
08c7e87
to
0c33538
Compare
danmihai1
requested changes
Mar 7, 2024
tests/integration/kubernetes/runtimeclass_workloads/pod-file-volume.yaml
Outdated
Show resolved
Hide resolved
sprt
requested changes
Mar 7, 2024
There was a problem hiding this comment.
Thank you Saul! 🙂 We may have an issue with the workflow change, see my comments.
Also a few tips for this and upcoming PRs:
- Keep in mind that people will review your PRs commit by commit so keep each commit atomic: avoid adding code that is removed in a later commit.
- Add a short description to each of your commit. Not a continuation of your commit title, but something that explains the commit title. Focus on the why if it's not obvious.
- When you're applying automatted formatting changes, do that in a separate commit from an actual code change. Otherwise reviewers spend time getting distracted by purely cosmetic diff lines.
danmihai1
requested changes
Mar 29, 2024
| terminationGracePeriodSeconds: 0 | ||
| containers: | ||
| - name: nginxhttps | ||
| image: "docker.io/ymqytw/nginxhttps:1.5" |
There was a problem hiding this comment.
I am not sure docker.io is acceptable for CI testing. Let's see if more experienced reviewers have better ideas here - I will ping them after we agree on the rest of the changes.
Looks like pod-file-volume.yaml is using docker too - so maybe it is acceptable.
Redent0r
added a commit
to microsoft/kata-containers
that referenced
this pull request
Apr 1, 2024
… host_os Also adds new test matrix entry. This improves test coverage for PR kata-containers#9185. Fixes: kata-containers#9384 Signed-off-by: Saul Paredes <saulparedes@microsoft.com>
30811aa
to
b73998f
Compare
danmihai1
approved these changes
Apr 5, 2024
danmihai1
reviewed
Apr 5, 2024
|
|
||
| export AUTO_GENERATE_POLICY="yes" | ||
|
|
||
| # set default containerd config |
| @@ -131,6 +131,9 @@ create_common_genpolicy_settings() { | |||
|
|
|||
| # Set the default namespace of Kata CI tests in the genpolicy settings. | |||
| set_namespace_to_policy_settings "${genpolicy_settings_dir}" "${TEST_CLUSTER_NAMESPACE}" | |||
|
|
|||
| # allow genpolicy to access containerd without sudo | |||
| sudo chmod a+rw /var/run/containerd/containerd.sock | |||
b73998f
to
2cafed4
Compare
Add optional toggle to use existing containerd installation to pull and manage container images. This adds support to a wider set of images that are currently not supported by standard pull method, such as those that use v1 manifest. Fixes: kata-containers#9144 Signed-off-by: Saul Paredes <saulparedes@microsoft.com>
bbbed96
to
cfe6986
Compare
|
/test |
- Add v1 image test case - Install protobuf-compiler in build check - Reset containerd config to default in kubernetes test if we are testing genpolicy - Update docker_credential crate - Add test that uses default pull method - Use GENPOLICY_PULL_METHOD in test Signed-off-by: Saul Paredes <saulparedes@microsoft.com>
cfe6986
to
51498ba
Compare
sprt
approved these changes
Apr 9, 2024
|
/test |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes: #9144
Add an optional flag that allows you to use existing containerd installation to pull and manage images.
This improvement will:
bprashanth/nginxhttps:1.0application/vnd.docker.distribution.manifest.v1+prettyjwsfrom imageregistry.k8s.io/galera-install:0.1