Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: ImageBuildSpec build_file feature #2298

Closed
wants to merge 4 commits into from
Closed

fix: ImageBuildSpec build_file feature #2298

wants to merge 4 commits into from

Conversation

leovct
Copy link
Contributor

@leovct leovct commented Mar 14, 2024

Description

This PR #2223 introduced build_file in ImageBuildSpec but didn't test if it worked on a real example (my bad)... I tried to use the feature yesterday and it didn't work so I revisited my changes and made sure it works now!

To achieve that, I introduced a new Dockerfile called test.Dockerfile in internal_testsuites/starlark/image-build-package and added a new service that relies on this image.

$ ktdebug run --enclave test internal_testsuites/starlark/image-build-package
WARN[2024-03-14T12:21:29+01:00] An error occurred getting the running engine's version; you may be running an out-of-date engine version 
WARN[2024-03-14T12:21:29+01:00] We expected the running engine version to match format X.Y.Z, but instead got '921ba9'; this means that we can't verify the API library and engine versions match so you may encounter runtime errors 
INFO[2024-03-14T12:21:30+01:00] Executing Starlark package at '/Users/leovct/Documents/opensource/kurtosis/internal_testsuites/starlark/image-build-package' as the passed argument 'internal_testsuites/starlark/image-build-package' looks like a directory 
INFO[2024-03-14T12:21:30+01:00] Compressing package 'github.com/kurtosis-tech/kurtosis/internal_testsuites/starlark/image-build-package' at 'internal_testsuites/starlark/image-build-package' for upload 
INFO[2024-03-14T12:21:30+01:00] Uploading and executing package 'github.com/kurtosis-tech/kurtosis/internal_testsuites/starlark/image-build-package' 

Adding service with name 'service-1' and image 'kurtosistech/service'
SKIPPED - This instruction has already been run in this enclave

Adding service with name 'service-2' and image 'kurtosistech/service'
SKIPPED - This instruction has already been run in this enclave

Starlark code successfully run. No output was returned.

Made with Kurtosis - https://kurtosis.com
Name:            test
UUID:            1942191df821
Status:          RUNNING
Creation Time:   Thu, 14 Mar 2024 12:02:31 CET
Flags:           

========================================= Files Artifacts =========================================
UUID   Name

========================================== User Services ==========================================
UUID           Name        Ports    Status
1b5ec55bc742   service-1   <none>   STOPPED
38dafa01e996   service-2   <none>   STOPPED

Is this change user facing?

YES

References (if applicable)

@leovct
Copy link
Contributor Author

leovct commented Mar 14, 2024

tagging @mieubrisse @tedim52 for review :)

@gitguardian GitGuardian
Copy link

gitguardian bot commented Mar 15, 2024
edited

⚠️ GitGuardian has uncovered 5 secrets following the scan of your pull request.

Please consider investigating the findings and remediating the incidents. Failure to do so may lead to compromising the associated services or software components.

🔎 Detected hardcoded secrets in your pull request
GitGuardian id GitGuardian status Secret Commit Filename
- Generic Password 0d53544 core/server/api_container/server/startosis_engine/startosis_interpreter_plan_yaml_test.go View secret
- Generic Password 0d53544 core/server/api_container/server/startosis_engine/startosis_interpreter_plan_yaml_test.go View secret
- Generic Password 0d53544 core/server/api_container/server/startosis_engine/startosis_interpreter_plan_yaml_test.go View secret
- Generic Password 0d53544 core/server/api_container/server/startosis_engine/startosis_interpreter_plan_yaml_test.go View secret
- Generic Password 0d53544 core/server/api_container/server/startosis_engine/startosis_interpreter_plan_yaml_test.go View secret
🛠 Guidelines to remediate hardcoded secrets
  1. Understand the implications of revoking this secret by investigating where it is used in your code.
  2. Replace and store your secrets safely. Learn here the best practices.
  3. Revoke and rotate these secrets.
  4. If possible, rewrite git history. Rewriting git history is not a trivial act. You might completely break other contributing developers' workflow and you risk accidentally deleting legitimate data.

To avoid such incidents in the future consider

🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.

Our GitHub checks need improvements? Share your feedbacks!

@tedim52
Copy link
Contributor

tedim52 commented Mar 15, 2024
edited

Hey @leovct , is there any chance you can force undo the most recent merge commit and then merge again? (That should fix the git guardian issue)Then we can get this merged!

@leovct
Copy link
Contributor Author

leovct commented Mar 16, 2024
edited

Hey @leovct , is there any chance you can force undo the most recent merge commit and then merge again? (That should fix the git guardian issue)Then we can get this merged!

Looks like it introduced a bunch of breaking changes, I'll review that on Monday :) Have a great week-end!

edit: It did not fix the git guardian issue unfortunately :(

@leovct leovct force-pushed the fix/image-build-spec-build-file-feature branch from aca0c1e to 0d53544 Compare March 18, 2024 08:36
@tedim52
Copy link
Contributor

tedim52 commented Mar 18, 2024

@leovct ah okay, I'll fix that on a separate branch

@tedim52 tedim52 mentioned this pull request Mar 18, 2024
Merged
github-merge-queue bot pushed a commit that referenced this pull request Mar 18, 2024
@tedim52 @leovct
fix: ImageBuildSpec build_file feature (#2313)
c8e73da 
## Description
This is simply a copy of @leovct work on
#2298 to address merge
conflicts and git guardian secrets issues.

## Is this change user facing?
YES

## References
#2298

---------

Co-authored-by: leovct <l009.vincent@gmail.com>
@leovct leovct closed this Mar 18, 2024
@leovct leovct deleted the fix/image-build-spec-build-file-feature branch March 18, 2024 20:37
tedim52 added a commit that referenced this pull request Mar 21, 2024
@tedim52 @leovct
fix: ImageBuildSpec build_file feature (#2313)
0c58631 
## Description
This is simply a copy of @leovct work on
#2298 to address merge
conflicts and git guardian secrets issues.

## Is this change user facing?
YES

## References
#2298

---------

Co-authored-by: leovct <l009.vincent@gmail.com>
tedim52 added a commit that referenced this pull request Mar 21, 2024
@tedim52 @leovct
fix: ImageBuildSpec build_file feature (#2313)
24f495a 
## Description
This is simply a copy of @leovct work on
#2298 to address merge
conflicts and git guardian secrets issues.

## Is this change user facing?
YES

## References
#2298

---------

Co-authored-by: leovct <l009.vincent@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tedim52 tedim52 tedim52 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@leovct @tedim52