tektoncd
Fix buildah clustertask to support long image names
Changes
Fixes a problem in the buildah clustertask where when provided with a long image name (e.g. image-registry.openshift-image-registry.svc:5000/test/serverless-workflow-mtaanalysis:1.0), it caused the generated script to wrap the line which is interpreted by the shell as a new command, rather than part of the previous command:
Currently, the script generates this push command:
buildah --storage-driver=vfs push \
--tls-verify=true \
--digestfile /tmp/image-digest \
image-registry.openshift-image-registry.svc:5000/test/serverless-workflow-mtaanalysis:1.0
\
docker://image-registry.openshift-image-registry.svc:5000/test/serverless-workflow-mtaanalysis:1.0
Which, when executed, it fails with this error:
Writing manifest to image destination
/tekton/scripts/script-0-4dsn8: line 35: docker://image-registry.openshift-image-registry.svc:5000/test/serverless-workflow-mtaanalysis:1.0: No such file or directory
The proposal fix here is to capture the value of the image in an environment variable and use it in the push command, avoiding the wrapping and ensuring it is not affected by any image length.
IMAGE=$(params.IMAGE)
buildah --storage-driver=$(params.STORAGE_DRIVER) push \
$(params.PUSH_EXTRA_ARGS) --tls-verify=$(params.TLSVERIFY) \
--digestfile /tmp/image-digest $IMAGE docker://$IMAGE
Submitter Checklist
These are the criteria that every PR should meet, please check them off as you review them:
- [X] Run
make test lintbefore submitting a PR
Release Notes
Fix buildah clustertask to support long image names
The committers listed above are authorized under a signed CLA.
- :white_check_mark: login: jordigilh / name: Jordi Gil (811cb3a2ed0100a9e5412a43ddde6f72ddfe4914, be71798835816c1894cf545849bea66b401a66f4, b3e5bacd4a5e1abb95e676769e0246062ca2d902)
![linux-foundation-easycla[bot] avatar](https://avatars.githubusercontent.com/in/17893?v=4 "Published by a pub.dev verified publisher"){kind=small}
Hi @jordigilh. Thanks for your PR.
I'm waiting for a tektoncd member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.
Once the patch is verified, the new status will be reflected by the ok-to-test label.
I understand the commands that are listed here.
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.
/hold
The buildah Task is going to be maintained from openshift-pipelines/task-containers, so the change would need to be there. Though I am not entirely sure it is affected there.
/hold The
buildahTask is going to be maintained fromopenshift-pipelines/task-containers, so the change would need to be there. Though I am not entirely sure it is affected there.
Should I also raise a PR there? https://github.com/openshift-pipelines/task-containers/blob/66681544bedfa02e2d5d37075f1e2150f23809d1/scripts/buildah-bud.sh#L89-L92 The issue with the long name could also be found there.
/hold The
buildahTask is going to be maintained fromopenshift-pipelines/task-containers, so the change would need to be there. Though I am not entirely sure it is affected there.Should I also raise a PR there? https://github.com/openshift-pipelines/task-containers/blob/66681544bedfa02e2d5d37075f1e2150f23809d1/scripts/buildah-bud.sh#L89-L92 The issue with the long name could also be found there.
ah superb πΌπΌ yeah that would be perfect @jordigilh π€
/hold The
buildahTask is going to be maintained fromopenshift-pipelines/task-containers, so the change would need to be there. Though I am not entirely sure it is affected there.Should I also raise a PR there? https://github.com/openshift-pipelines/task-containers/blob/66681544bedfa02e2d5d37075f1e2150f23809d1/scripts/buildah-bud.sh#L89-L92 The issue with the long name could also be found there.
ah superb πΌπΌ yeah that would be perfect @jordigilh π€
I stand corrected. It's not needed because it's a script itself and the parameters are passed as environment values directly, so the problem I faced here won't happen there. I got carried away when I saw a similar structure to the push command. Sorry for the confusion π
_buildah push ${PARAMS_PUSH_EXTRA_ARGS} \
--digestfile="${digest_file}" \
${PARAMS_IMAGE} \
docker://${PARAMS_IMAGE}
[APPROVALNOTIFIER] This PR is APPROVED
This pull-request has been approved by: vdemeester
The full list of commands accepted by this bot can be found here.
The pull request process is described here
- ~~OWNERS~~ [vdemeester]
Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment
/hold The
buildahTask is going to be maintained fromopenshift-pipelines/task-containers, so the change would need to be there. Though I am not entirely sure it is affected there.Should I also raise a PR there? https://github.com/openshift-pipelines/task-containers/blob/66681544bedfa02e2d5d37075f1e2150f23809d1/scripts/buildah-bud.sh#L89-L92 The issue with the long name could also be found there.
ah superb πΌπΌ yeah that would be perfect @jordigilh π€
I stand corrected. It's not needed because it's a script itself and the parameters are passed as environment values directly, so the problem I faced here won't happen there. I got carried away when I saw a similar structure to the
pushcommand. Sorry for the confusion π_buildah push ${PARAMS_PUSH_EXTRA_ARGS} \ --digestfile="${digest_file}" \ ${PARAMS_IMAGE} \ docker://${PARAMS_IMAGE}
as the clustertask are deprecated and will be removed soon, we are not adding any changes, and as you mentioned tasks are not affected and as they are already shipped, we are not going with this change. Thanks for the efforts @jordigilh