-
Notifications
You must be signed in to change notification settings - Fork 1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bump image-rs rev to include image-layer-ordering fix #8670
Bump image-rs rev to include image-layer-ordering fix #8670
Conversation
0e43589
to
df6d719
Compare
👍 seeing the disclaimer in the policy cherry-pick and added it here |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/lgtm
Thanks for adding the disclaimer in the commit message.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM. Thanks
anything left to do here on my side? I don't think I can turn the remaining checks green myself (but maybe that's not required?) |
/test |
So even though this is an untested branch now, I guess it is worth us trying to get some of the checks passing.
The alternative is we just say screw it and use admin override to merge? |
df6d719
to
910dee9
Compare
ah, sorry. missed that, fixed. |
910dee9
to
80d31d6
Compare
👍 formatted the file |
/test |
80d31d6
to
cb333f8
Compare
@stevenhorsman sry, I messed up the commit message. would you mind... 👉🌟👈 |
/test |
We're getting:
In the static checks now, but it looks like potentially an issue in the guest-components? |
uh, oh. yeah, that's an issue with code-generated files being checked into the repo. those files have to be deleted and rebuilt. There was a similar issue in the guest-components repo. |
there's nothing we can do here, we need to repair this comprehensively in guest-components 😑 |
I guess we need to wait for that fix then and bump the image-rs version afterwards, otherwise we'll hit this issue when trying to build the kata-agent for the peer pod VM image? |
yes. I think that's the case. kata-agent will build w/ the "older" generated ttrpc code, but the guest-component's CI does not. I don't think we can commit the generated files |
cb333f8
to
b375307
Compare
Maybe if we regenerate a full Cargo.lock file (atm only ocicrypt-rs and image-rs are bumped in the lock file) it might still work. (we'll get all sort of dependencies bumped within their semver boundaries, but maybe that's tolerable) 🤞 |
/test |
We've got a cargo fmt failure now:
but that's better than the code-gen problem. @mkulke - can you remove that extra line as well, so we can re-try again? Thanks! |
b375307
to
9ed9fc5
Compare
/test |
One of the unit tests failed with a race condition - re-running now to see if that helps |
well, it was worth a try. |
9ed9fc5
to
c5d8910
Compare
/test |
The
I know ring didn't use to support s390x. That got added in October in briansmith/ring#1297, but |
Same error in static-checks with protobuf version:
|
sigh, possibly. that's w/ the latest guest-components commit (4ddac): $ cat deny.toml
[bans]
multiple-versions = "allow"
deny = [
{ name = "ring" },
]
$ cargo deny check bans
error[banned]: crate 'ring = 0.16.20' is explicitly banned
┌─ /home/magnuskulke/dev/kata-containers/src/agent/deny.toml:4:14
│
4 │ { name = "ring" },
│ ^^^^^^ banned here
│
= ring v0.16.20
└── tough v0.14.0
└── sigstore v0.8.0
└── image-rs v0.1.0
└── kata-agent v0.1.0
error[banned]: crate 'ring = 0.17.7' is explicitly banned
┌─ /home/magnuskulke/dev/kata-containers/src/agent/deny.toml:4:14
│
4 │ { name = "ring" },
│ ^^^^^^ banned here
│
= ring v0.17.7
└── rustls-webpki v0.102.0
└── sigstore v0.8.0
└── image-rs v0.1.0
└── kata-agent v0.1.0
bans FAILED image-rs w/ rev cargo deny check bans
bans ok |
c5d8910
to
997b3b5
Compare
/test |
fixes kata-containers#8669 drive-by fix: go-fmt on runtime/kata_agent.go There are no tests for this feature in CCv0 branch and you should use it at your own risk. Signed-off-by: Magnus Kulke <magnuskulke@microsoft.com>
997b3b5
to
4ebac8d
Compare
I also bumped protobuf to 3.3.0 on src/libs/protocol since we are also seeing version conflicts on generated source files here |
/test |
Finally we have the tests passing, so I'll merge this as an urgent fix to |
fixes #8669
The underlying issue in the dependency has been addressed, hence the revision bump of
image-rs
to use the fix in the agent. I think a fix to the CCv0 branch is warranted, since it makes all images with more than a single layer work unreliably.cc @stevenhorsman @bpradipt