Clean up interface for building + releasing #631
Comments
bobcatfish
added
help wanted
Instead of doing a lot of hacks to make sure we have all the tools we need to auth + invoke ko, let's build an image that has what we need in advance. Eventually we should be able to build this image and refer to the built image in our steps (tektoncd#639) but for now we'll have to hardcode it. We may also improve this image in tektoncd#631, or decide to move away from `ko` entirely.
Instead of doing a lot of hacks to make sure we have all the tools we need to auth + invoke ko, let's build an image that has what we need in advance. Eventually we should be able to build this image and refer to the built image in our steps (tektoncd#639) but for now we'll have to hardcode it. We may also improve this image in tektoncd#631, or decide to move away from `ko` entirely.
Instead of doing a lot of hacks to make sure we have all the tools we need to auth + invoke ko, let's build an image that has what we need in advance. Eventually we should be able to build this image and refer to the built image in our steps (tektoncd#639) but for now we'll have to hardcode it. We may also improve this image in tektoncd#631, or decide to move away from `ko` entirely.
Instead of doing a lot of hacks to make sure we have all the tools we need to auth + invoke ko, let's build an image that has what we need in advance. Eventually we should be able to build this image and refer to the built image in our steps (tektoncd#639) but for now we'll have to hardcode it. We may also improve this image in tektoncd#631, or decide to move away from `ko` entirely.
Instead of doing a lot of hacks to make sure we have all the tools we need to auth + invoke ko, let's build an image that has what we need in advance. Eventually we should be able to build this image and refer to the built image in our steps (tektoncd#639) but for now we'll have to hardcode it. We may also improve this image in tektoncd#631, or decide to move away from `ko` entirely.
Instead of doing a lot of hacks to make sure we have all the tools we need to auth + invoke ko, let's build an image that has what we need in advance. Eventually we should be able to build this image and refer to the built image in our steps (#639) but for now we'll have to hardcode it. We may also improve this image in #631, or decide to move away from `ko` entirely.
Looking again at the knative/test-infra release scripts, it looks like they now tag `latest` on the most recently released images, which makes sense for us as well (otherwise you can't pull without an explicit tag). It also looks like the knative release process has changed such that the process is to copy the most recent nightly-build, but we can decide if that's the route we want to go down later. Remove a comment about parsing and `ko`'s declarative model - in tektoncd#631 we can decide what we want to do about using `ko` for releasing in the future.
Looking again at the knative/test-infra release scripts, it looks like they now tag `latest` on the most recently released images, which makes sense for us as well (otherwise you can't pull without an explicit tag). It also looks like the knative release process has changed such that the process is to copy the most recent nightly-build, but we can decide if that's the route we want to go down later. Remove a comment about parsing and `ko`'s declarative model - in #631 we can decide what we want to do about using `ko` for releasing in the future.
|
@bobcatfish what is the status of this issue ? 👼 |
|
@afrittoli @bobcatfish are you ok closing this issue ? (and if there is anything that is still needed from it, creating issues on |
|
Rotten issues close after 30d of inactivity. /close Send feedback to tektoncd/plumbing. |
|
Stale issues rot after 30d of inactivity. /lifecycle rotten Send feedback to tektoncd/plumbing. |
|
Issues go stale after 90d of inactivity. /lifecycle stale Send feedback to tektoncd/plumbing. |
|
@tekton-robot: Closing this issue. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
tekton-robot
added
the
lifecycle/rotten
tekton-robot
added
lifecycle/stale
i think we're still in the same state but it also seems like it hasnt been important enough for anyone to get to |
Expected Behavior
If automation (or a user) wants to create a
TaskRunorPipelineRunto release the tekton pipelines project:a. If the user provided a service account to the run, use that
b. Otherwise use the default account in the namespace (creds automatically provided to the executing container)
Actual Behavior
In #528 and #529 we had to add some significant hacks to make
kowork in aTask:koand copy the binary around so we could use it in later stepsgobinary + supporting libs out of agolangimage so we could usegoin thegcloudimagegcloud auth configure-dockerto setup docker auth which 1) only works in GCP based projects and 2) only works with default service credentials (not user supplied service accounts)Additional Info
ko- if we decide we want to use something else instead, and/or if we decided we want to split up publishing the images from generating the k8s configkoupstream, if that issue is solved it could close this one :) (one potential solution)koimage (https://github.com/google/go-containerregistry/issues/383) which knows how to handle credentials via some well defined interfaceThe text was updated successfully, but these errors were encountered: