Restrict checks for image existence #734
Conversation
✅ Deploy Preview for kubernetes-sigs-kmm ready!
To edit notification comments on pull requests, go to your Netlify site configuration. |
k8s-ci-robot
added
the
cncf-cla: yes
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: qbarrand The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
k8s-ci-robot
added
approved
Before populating the NodeModulesConfig object, only check if built or signed image exist on the registry. Add a log message when the NodeModulesConfig is not populated for that reason.
qbarrand
force-pushed
the
fix-image-check
branch
from
cf21cc4 to
5f3fbde
Compare
|
/lgtm |
k8s-ci-robot
added
the
lgtm
| // skip updating NMC, reconciliation will kick in once the build pod is completed | ||
| return nil | ||
|
|
||
| if module.ShouldBeBuilt(mld) || module.ShouldBeSigned(mld) { |
There was a problem hiding this comment.
In case Module is using pre-built image, we are not checking it existence here, so we might end up spawning the Worker pod that will fail on pulling an image. How about we change this code here, so that we always check image existence, and in case prebuilt image should exist, we log it and return an error? WDYT?
There was a problem hiding this comment.
@qbarrand i see that the PR was merged, but have not received answer for the comment
There was a problem hiding this comment.
A problem with doing that is that we are going to query the registry a lot. That is likely why we did not do it in the first place.
| @@ -357,7 +362,7 @@ func (mnrh *moduleNMCReconcilerHelper) enableModuleOnNode(ctx context.Context, m | |||
| } | |||
|
|
|||
| opRes, err := controllerutil.CreateOrPatch(ctx, mnrh.client, nmcObj, func() error { | |||
| err = mnrh.nmcHelper.SetModuleConfig(nmcObj, mld, &moduleConfig) | |||
| err := mnrh.nmcHelper.SetModuleConfig(nmcObj, mld, &moduleConfig) | |||
There was a problem hiding this comment.
why do we need a new variable here? if SetModuleConfig fail, err will be update with its value, and if it is ok then err will be updated anyway with the value of CreateOrPatch. What am i missing?
There was a problem hiding this comment.
@qbarrand i see that the PR was merged, but have not received answer the comment
There was a problem hiding this comment.
err inside the callback called CreateOrPatch and outside that callback are two different variables.
If SetModuleConfig returns an error, then CreateOrPatch likely returns that error as well. But the line
if err := mnrh.nmcHelper.SetModuleConfig(nmcObj, mld, &moduleConfig); err != nil {does not affect the outside err.
There was a problem hiding this comment.
and why do we care if it affects? eventually outside err will hold the return value of CreateAndPatch, so even if it holds the error code of SeModuleConfig, it will be for a short time, and it won't affect the correctness of the code
There was a problem hiding this comment.
Oh, I see what you mean now. Indeed we could have skipped the semicolon here - I added it out of habit because I rewrote the if statement to hold on one line. At best, this adds one pointer on the stack - I don't think it warrants a reverting PR 🙂
There was a problem hiding this comment.
sure , no need for additional PR. Just wanted to make sure that i read the code correctly, that there is no hidden issue that i missed that required a new err variable
Before populating the NodeModulesConfig object, only check if built or signed image exist on the registry. Add a log message when the NodeModulesConfig is not populated for that reason.
* Add a webhook for namespace deletion (#719) This commit makes KMM set the kmm.node.k8s.io/contains-modules label on all namespaces that contain at least one Module. It also adds a new webhook to the bundle and the corresponding handler in the manager. The new webhook rejects namespace deletions if the kmm.node.k8s.io/contains-modules label is present on the namespace. This avoids entering situations where the namespace is being deleted and KMM cannot create unloading Pods to honor Module deletion. * Restrict checks for image existence (#734) Before populating the NodeModulesConfig object, only check if built or signed image exist on the registry. Add a log message when the NodeModulesConfig is not populated for that reason. * Make slight changes to the CRDs (#736) Module: make moduleName an optional field. ManagedClusterModule: make spokeNamespace a required field.
Before populating the
NodeModulesConfigobject, only check if built or signed image exist on the registry.Add a log message when the
NodeModulesConfigis not populated for that reason./cc @yevgeny-shnaidman @mresvanis