Closed davidcollom closed 1 week ago
ribbybibby
commented
4 months ago It looks to me like there's only a few clients where this actually reduces the number of API calls we're making. For some we have to iterate through everything anyway.
Would it make sense to apply util.FilterSbomAttestationSigs higher up in pkg/client/client.go? Then we would only have to use it in the client implementations when it actually provides an optimisation.
davidcollom
commented
4 months ago So I agree that there's only a handful of clients that would affect API calls... But we also cache these image tag lists for additional containers that come along in the meantime time (i.e scaling up a replica). So if we have a considerable number of tags with attestations, Sig and sbom (looking at kyverno here too with their large numbers of tags) we should reduce that memory footprint too
ribbybibby
commented
4 months ago I think we would be able to avoid caching the tags if we filtered them further up the stack. I'm thinking here: https://github.com/jetstack/version-checker/blob/main/pkg/client/client.go#L108.
It just saves pushing the requirement to filter things into the individual client implementations (unless there's a reason to). It would mean you don't need to remember to apply this filter when you write a new client.
ribbybibby
commented
4 months ago I suppose more generally, it might be nice if we had a mechanism for passing the filters that version checker applies into the clients where it would save on API calls.
github-actions[bot]
commented
2 weeks ago This Pull Request is stale because it has been open for 60 days with no activity. It will be closed in 7 days if no further activity.
This will help reduce some of the API Calls performed when attestation, sbom and sig tags are published, we don't care/need them so should also reduce the memory footprint along the way.