Conversation
|
@BradLugo: The following test failed, say
Full PR test history. Your PR dashboard. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
dcaravel
left a comment
dcaravel
left a comment
There was a problem hiding this comment.
LGTM, one Q regarding the image change
| value: fetch-scanner-v2-data | ||
| - name: bundle | ||
| value: quay.io/rhacs-eng/konflux-tasks:latest@sha256:4fa48956b283615f094d0186cb9b36bfa63ea4b798d8ce66d5f95102728150db | ||
| value: quay.io/rhacs-eng/konflux-tasks:pr-98@sha256:731e64f1054a03a8d79e9382397cd2a41b2f1d47451e395bd110d6e3709e3ba2 |
There was a problem hiding this comment.
assuming this is meant to be temporary until stackrox/konflux-tasks#98 merged?
There was a problem hiding this comment.
After the merge, you need to get the newer digest from the merge commit build (you don't need to wait for MintMaker PR, as you are also touching the timeouts)
There was a problem hiding this comment.
Yup, this is temporary. My plan was to drop the commit that adds this to make the cherry-picks to the release branches a bit easier.
| # Tagged builds wait for blobs to be published, which takes about 1h30m. | ||
| timeouts: | ||
| tasks: 1h30m | ||
| tasks: 3h30m |
There was a problem hiding this comment.
Why is this increasing by 2 hours? Do we see frequent failures for this pipeline too?
Your PR description only mentions generate-db-dump, which I assumed concerned scanner-db* images.
There was a problem hiding this comment.
(not a blocker, please update the PR description before merging)
There was a problem hiding this comment.
Great question. I hadn't mapped out all these dependencies before submitting these changes. It looks like we still need this because we upload the necessary artifacts ('nvd-definitions.zip', 'k8s-definitions.zip', 'repo2cpe.zip', 'genesis_manifests.json') during the upload-dumps-for-downstream job, which is dependent on generate-db-dump. I'll update the PR description with each timeout change.
There was a problem hiding this comment.
One interesting point: the current .tekton/scanner-slim-build.yaml downloads nvd-definitions.zip, k8s-definitions.zip, and repo2cpe.zip, but I don't think it needs nvd_definitions nor k8s_definitions (appears to still require repo2cpe).
This reverts commit 9604af6.
3 participants
Description
The time the
generate-db-dumpjob is taking has been increasing over time. These changes increase timeouts for Konflux tasks that pull blobs dependent ongenerate-db-dump.Timeouts changed:
.tekton/scanner-build.yaml: From3h0mto3h30m. The necessary artifacts for this build ('nvd-definitions.zip', 'k8s-definitions.zip', 'repo2cpe.zip', 'genesis_manifests.json') are uploaded during theupload-dumps-for-downstreamjob, which is dependent ongenerate-db-dump..tekton/scanner-db-build.yaml: From2h30mto3h0m.pg-definitions.sql.gzis uploaded during thegenerate-db-dumpjob..tekton/scanner-slim-build.yaml: From1h30mto3h30m. Same deal as the scanner-build; the necessary artifacts for this build ('nvd-definitions.zip', 'k8s-definitions.zip', 'repo2cpe.zip', 'genesis_manifests.json') are uploaded during theupload-dumps-for-downstreamjob, which is dependent ongenerate-db-dump.Related PR: stackrox/konflux-tasks#98