[JENKINS-53790] PodTemplate Container Docker image check #497
Conversation
…ass it down to AllContainersPodWatcher, which does a check for invalid docker images used, will print an error msg to the build console and cancel the job to prevent infinte looping
Vlatombe
changed the title
CHANGELOG.md
Outdated
| @@ -11,6 +11,10 @@ Unreleased | |||
| ---------- | |||
| * Explicit inheritance should override implicit inheritance. Declarative k8s template do not inherit from parent pod template by default. [#480](https://github.com/jenkinsci/kubernetes-plugin/pull/480) [JENKINS-57548](https://issues.jenkins-ci.org/browse/JENKINS-57548) | |||
|
|
|||
| 1.15.7 | |||
| ------ | |||
| * Check on ContainerWaitingState if the Docker image can't be found, prints message to build console and cancels and removes job from build queue. [#497](https://github.com/jenkinsci/kubernetes-plugin/pull/497) [JENKINS-53790](https://issues.jenkins-ci.org/browse/JENKINS-53790) | |||
There was a problem hiding this comment.
Need to be moved to Unreleased
src/main/java/org/csanchez/jenkins/plugins/kubernetes/AllContainersRunningPodWatcher.java
Outdated
Show resolved
Hide resolved
| Queue q = jenkins.getQueue(); | ||
| for (Queue.Item item : q.getItems()) { | ||
| Label itemLabel = item.getAssignedLabel(); | ||
| if (itemLabel != null && isCorrespondingLabels(itemLabel.getDisplayName(), pod.getMetadata().getName())) { |
There was a problem hiding this comment.
I understand the intent, but this is out of line here. Eventually could be added to exception handling in the launcher
There was a problem hiding this comment.
Are you saying that the KubernetesLauncher should be in charge of canceling the job? We've seen that unless a job is canceled, it'll get put back in the queue and infinitely fail due to that bad pod template.
There was a problem hiding this comment.
It would be a better place than in AllContainersRunningPodWatcher, certainly.
src/main/java/org/csanchez/jenkins/plugins/kubernetes/AllContainersRunningPodWatcher.java
Outdated
Show resolved
Hide resolved
src/main/java/org/csanchez/jenkins/plugins/kubernetes/AllContainersRunningPodWatcher.java
Outdated
Show resolved
Hide resolved
pyieh
changed the title
pyieh
changed the title
…ld item to use for canceling bad docker image pod template jobs, added tests for this
|
@jglick Looks like you made some changes and have fixed the issue I was seeing. |
|
|
Test failures seem to be infrastructural. Suggest |
| String waitingStateMsg = waitingState.getMessage(); | ||
| if (waitingStateMsg != null && waitingStateMsg.contains("Back-off pulling image")) { | ||
| runListener.error("Unable to pull Docker image \""+containerStatus.getImage()+"\". Check if image name is spelled correctly"); | ||
| throw new IllegalStateException("BAD_DOCKER_IMAGE"); |
There was a problem hiding this comment.
Create a specific exception type.
There was a problem hiding this comment.
The exception is needed in the stack of AllContainersRunningPodWatcher.areAllContainersRunning()<- periodicAwait() <- await().
Creating a new exception type causes a clash in AllContainersRunningPodWatcher.eventReceived() which is overriding the parent method of Watcher.eventReceived()
To allow the aforementioned flow, it also causes the flow of areAllContainersRunning() <- updateState() <- eventReceived()
Would you suggest:
- catching the exception at
updateState()oreventReceived()such thateventReceived()has to also pass it along. - Remain with the branching usage of the
IllegalStateException, whicheventReceived()already throws - Some alternative ?
There was a problem hiding this comment.
Make your exception extend RuntimeException.
| try (Watch _w = client.pods().inNamespace(namespace1).withName(podName).watch(watcher)) { | ||
| watcher.await(template.getSlaveConnectTimeout(), TimeUnit.SECONDS); | ||
| } catch (IllegalStateException e) { | ||
| if (e.getMessage().equals("BAD_DOCKER_IMAGE")) { |
src/main/java/org/csanchez/jenkins/plugins/kubernetes/KubernetesLauncher.java
Outdated
Show resolved
Hide resolved
| /* itemTaskName is format of "part of <ORGANIZATION> <JOB NAME> >> <BRANCH> #<BUILD NUMBER> */ | ||
| /* <ORGANIZATION> and <BRANCH> are only there if Pipeline created through BlueOcean, else just <JOB NAME> */ | ||
| private String getJobName(String itemTaskName) { | ||
| final String partOfStr = "part of "; |
There was a problem hiding this comment.
Removed this method as the only use was logging in the case there was an unexpected job name and not actually used in the feature functionality.
| @@ -14,6 +14,7 @@ | |||
| import javax.annotation.Nonnull; | |||
|
|
|||
| import com.google.common.annotations.VisibleForTesting; | |||
| import hudson.model.*; | |||
There was a problem hiding this comment.
Set your IDE to avoid wildcard imports.
…sed getJobName method
|
We have a flake (ContainerExecDecoratorTest.testCommandExecution) which can be ignored, but there are two other tests failing that need to be addressed. |
|
@Vlatombe I've fixed those tests. But the KubernetesPipelineTest.runInPodFromYaml is failing in Jenkins, but it's passing for me locally. However, KubernetesPipelineTest.cascadeDelete is failing for me locally. Even a clean clone from the jenkinsci/kubernetes-plugin master is failing. |
src/main/java/org/csanchez/jenkins/plugins/kubernetes/KubernetesLauncher.java
Outdated
Show resolved
Hide resolved
|
@jglick please review. Thank you. |
Check on ContainerWaitingState if the Docker image can't be found, prints message to build console and cancels and removes job from build queue.
JENKINS-53790
Cleaned up and reforked, previous PR #440