search

enix / kube-image-keeper

kuik is a container image caching system for Kubernetes
MIT License
431 stars 31 forks source link

feat: Verify image existence before pod mutation #337

Closed dennislapchenko closed 3 months ago

dennislapchenko commented 3 months ago

Why: Controller will mutate container's image even if remote image is not actually present in downstream registry. This causes issues for some types of workloads. Namely gitlab's runners will fail the job if first start will fail.

This PR adds the option to verify image existence before image: mutation. Image rewritability check now includes an authed call to registry to fetch image descriptor.

New Helm chart value:

controllers:
  webhook:
    ignoreImageAbsentInRemoteRegistry: true

Flipping to false will verify image existence.

Tests: Struggling to see how an appropriate test could be written. If required - please advise

paullaffitte commented 3 months ago

I don't understand the point of this PR. If the image doesn't exist, not rewriting it will not fix your issue, the image will still not exist :thinking:

dennislapchenko commented 3 months ago

@paullaffitte yes.. my apologies i incorrectly understood what was required and didn't bother to fully get into the reason why... closing MR, great time wasted.. ;D