Description
Is there an existing issue for this?
- I have searched the existing issues
What did you expect to happen?
Images should have identical digests no matter what region I pull from.
This does not appear to be the case for some of the sigstore images added by the image-promoter
Thread: https://kubernetes.slack.com/archives/CJH2GBF7Y/p1679166550351119
This issue is to track, the underlying fix will happen in the backing registries and in the image promoter (https://github.com/kubernetes-sigs/promo-tools) if we actively have a bug still causing this.
To be clear this is not a bug in the registry application, however it will be visible to users of the registry, and more visible on registry.k8s.io than k8s.gcr.io (because k8s.gcr.io has much much broader backing regions: eu, us, asia).
We'll want to fix the underlying issues if any remain in promo-tools and then fixup the backing registry contents somehow.
Debugging Information
I have script that inspects some important high-bandwidth images. It's a bit slow, and currently it only checks at k8s.gcr.io / registry.k8s.io https://github.com/BenTheElder/registry.k8s.io/blob/check-images/hack/tools/check-images.sh
We'll need to check the backing stores. I noticed a difference between my laptop at home and SSH to a cloud workstation.
Anything else?
/sig release
Code of Conduct
- I agree to follow this project's Code of Conduct