New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bug 1835887: upstream-opm-builder.Dockerfile: add ca-certificates #320
Bug 1835887: upstream-opm-builder.Dockerfile: add ca-certificates #320
Conversation
FYI @kevinrizza @ecordell |
This looks fine to me. |
/lgtm |
Discussed offline:
|
/lgtm |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/lgtm
/approve
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: dinhxuanvu, ecordell, joelanford The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
/bugzilla refresh |
@ecordell: This pull request references Bugzilla bug 1835887, which is valid. 3 validation(s) were run on this bug
In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
@joelanford: All pull requests linked via external trackers have merged: operator-framework/operator-registry#320. Bugzilla bug 1835887 has been moved to the MODIFIED state. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
Description of the change:
This changes the
upstream-opm-builder
runtime base image fromscratch
toalpine
and installsca-certificates
.This increases the
upstream-opm-builder
on-disk base image size from 56.8 MB to 64.6 MB. This seems better than usingupstream-registry-builder
which is 1.24 GB.Motivation for the change:
This is essential to make the simple UX for
operator run bundle
work. This is necessary for two reasons.Use case 1:
operator-sdk run bundle --bundle-image=my-bundle-image
upstream-opm-builder
as the image and override the pod entrypoint to inject the provided bundle image into a new registry database on the fly, and then serve the database.Use case 2:
operator-sdk run bundle --bundle=my-bundle-image --index=my-existing-index
opm
to create an index, it needs to have bash and ca-certificates in the final image. In this mode, instead of usingupstream-opm-builder
, we would use the provided index image.Initial assumptions for MVP:
/database/index.db
. In a future update, we would query the index image label to find the database location.Demo
I built an updated
upstream-opm-builder
with this change (quay.io/joelanford/upstream-opm-builder:latest
), and created a simple Helm chart that demonstrates a simple set of resources that the operator-sdk could create to exercise this concept.Helm chart repo: https://github.com/joelanford/bundle-runner
Custom pod with
upstream-opm-builder
: https://github.com/joelanford/bundle-runner/blob/master/templates/registry.yamlReviewer Checklist
/docs
@jmrodri is currently working on the full design proposal for
operator-sdk run bundle
and will follow up with a link to that PR when it is posted.