summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChris Evich <cevich@redhat.com>2020-01-10 11:53:22 -0500
committerChris Evich <cevich@redhat.com>2020-01-10 13:13:27 -0500
commit49be255feee026d6818a205c30478d28f81c0045 (patch)
tree07f7c9c54fc242962c24b84ab944fa201b5b50c5
parent6ed88e047579bd2d1eac99a6089cc617f0c4773d (diff)
downloadpodman-49be255feee026d6818a205c30478d28f81c0045.tar.gz
podman-49be255feee026d6818a205c30478d28f81c0045.tar.bz2
podman-49be255feee026d6818a205c30478d28f81c0045.zip
Cirrus: Fix libpod base images going stale
VM Base images are used as a starting point for runtime VM images. The in-use VM base images should never be pruned, which is an operation that potentially occurs periodically from automation running on the master branch of the libpod repo. However the only place which updates timestamps (blocking pruning) of base images, occurs during runtime VM image building. Therefor, if images are not regularly rebuilt, it's possible their base images go stale and are pruned. Changes: * Add freshly-produced base images (old ones got pruned) * Wrap the timestamp update script to include base image names in the update list. Notes: * Regularly updating base image timestamps only needs to happen on the libpod repo's meta task, since all base images live there. * Using a wrapper is needed to maintain compatibility with multiple versions of the imgts container image used by other repos / branchs. Signed-off-by: Chris Evich <cevich@redhat.com>
-rw-r--r--.cirrus.yml2
-rw-r--r--contrib/cirrus/lib.sh16
-rwxr-xr-xcontrib/cirrus/update_meta.sh22
3 files changed, 37 insertions, 3 deletions
diff --git a/.cirrus.yml b/.cirrus.yml
index 8e1bf03f0..d069b5a3e 100644
--- a/.cirrus.yml
+++ b/.cirrus.yml
@@ -296,7 +296,7 @@ meta_task:
timeout_in: 10m
# Cirrus-CI ignores entrypoint defined in image
- script: '/usr/local/bin/entrypoint.sh |& ${TIMESTAMP}'
+ script: '$CIRRUS_WORKING_DIR/$SCRIPT_BASE/update_meta.sh |& ${TIMESTAMP}'
# Remove old and disused images based on labels set by meta_task
diff --git a/contrib/cirrus/lib.sh b/contrib/cirrus/lib.sh
index 2e43a59f6..1e237085f 100644
--- a/contrib/cirrus/lib.sh
+++ b/contrib/cirrus/lib.sh
@@ -64,8 +64,8 @@ export PACKER_BUILDS="${PACKER_BUILDS:-ubuntu-18,ubuntu-19,fedora-30,xfedora-30,
export UBUNTU_BASE_IMAGE="ubuntu-1904-disco-v20190724"
export PRIOR_UBUNTU_BASE_IMAGE="ubuntu-1804-bionic-v20190722a"
# Manually produced base-image names (see $SCRIPT_BASE/README.md)
-export FEDORA_BASE_IMAGE="fedora-cloud-base-30-1-2-1565360543"
-export PRIOR_FEDORA_BASE_IMAGE="fedora-cloud-base-29-1-2-1565360543"
+export FEDORA_BASE_IMAGE="fedora-cloud-base-30-1-2-1578586410"
+export PRIOR_FEDORA_BASE_IMAGE="fedora-cloud-base-29-1-2-1541789245"
export BUILT_IMAGE_SUFFIX="${BUILT_IMAGE_SUFFIX:--$CIRRUS_REPO_NAME-${CIRRUS_BUILD_ID}}"
# IN_PODMAN container image
IN_PODMAN_IMAGE="quay.io/libpod/in_podman:latest"
@@ -430,6 +430,18 @@ remove_packaged_podman_files() {
sync && echo 3 > /proc/sys/vm/drop_caches
}
+canonicalize_image_names() {
+ req_env_var IMGNAMES
+ echo "Adding all current base images to \$IMGNAMES for timestamp update"
+ export IMGNAMES="\
+$IMGNAMES
+$UBUNTU_BASE_IMAGE
+$PRIOR_UBUNTU_BASE_IMAGE
+$FEDORA_BASE_IMAGE
+$PRIOR_FEDORA_BASE_IMAGE
+"
+}
+
systemd_banish() {
$GOSRC/$PACKER_BASE/systemd_banish.sh
}
diff --git a/contrib/cirrus/update_meta.sh b/contrib/cirrus/update_meta.sh
new file mode 100755
index 000000000..618cd670c
--- /dev/null
+++ b/contrib/cirrus/update_meta.sh
@@ -0,0 +1,22 @@
+#!/bin/bash
+
+source $(dirname $0)/lib.sh
+
+# N/B: This script is expected to wrap $ENTRYPOINT when executing under the
+# 'meta' Cirrus task on the libpod repo.
+ENTRYPOINT=/usr/local/bin/entrypoint.sh
+
+req_env_var IMGNAMES BUILDID REPOREF GCPJSON GCPNAME GCPPROJECT CIRRUS_CI
+
+[[ -x "$ENTRYPOINT" ]] || \
+ die 2 "Expecting to find an installed entrypoint script $ENTRYPOINT."
+
+# A better way of checking isn't compatible with old but functional images
+# in-use by other repos.
+grep -q 'compute images update' "$ENTRYPOINT" || \
+ die 3 "Expecting to be running inside a specific imgts container image"
+
+canonicalize_image_names
+
+# Executing inside a container; proper hand-off for process control
+exec $ENTRYPOINT