search

kubernetes / k8s.io

Code and configuration to manage Kubernetes project infrastructure, including various *.k8s.io sites
https://git.k8s.io/community/sig-k8s-infra
Apache License 2.0
730 stars 808 forks source link

Start Publishing Staging Images to Artifact Registry #3961

Open upodroid opened 2 years ago

upodroid commented 2 years ago

Part of: #1343

Notes: https://gist.github.com/upodroid/a33723a7e1abc5e9c6fabc6b07e7aac0

When images are built after a PR is merged, they need to be pushed to Artifact Registry(AR).

~Unlike Google Container Registry(GCR), you don't need a separate GCP project per staging project. The permission boundary is at the repository level instead of the project. This allows multiple registries to be created per project. Therefore, we will create a new project, start publishing images to it and delete the other projects after the transition.~

~We will need to do the following:

Prod changes need to be done via the shell scripts which makes deploying staging via terraform kind of pointless.

Open questions:

@puerco

/area artifacts /priority important-soon /area release-eng

upodroid commented 2 years ago

After #3968 is merged, we need to do a few things:

Bit unsure about other things.

upodroid commented 2 years ago

Spoke about this at the sig-testing meeting. Will push it out to the future when GCR deprecation is actually announced by Google.

May want to standardize on Aritfact Registry eventually, but would require tracking down a number of staging registries and changing team push processes (with unclear payoff right now)

/priority backlog /sig testing

ameukam commented 2 years ago

/milestone v1.26

k8s-triage-robot commented 1 year ago

The Kubernetes project currently lacks enough contributors to adequately respond to all issues and PRs.

This bot triages issues and PRs according to the following rules:

You can:

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

ameukam commented 1 year ago

/remove-lifecycle stale /milestone v1.27 /priority important-longterm

k8s-triage-robot commented 1 year ago

The Kubernetes project currently lacks enough contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

You can:

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

k8s-triage-robot commented 1 year ago

The Kubernetes project currently lacks enough active contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

You can:

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle rotten

ameukam commented 1 year ago

/remove-lifecycle rotten /milestone v1.29

BenTheElder commented 8 months ago

Strawman:

1) Create AR versions of all staging registries. These can be empty, but should have the same IAM access / names as the GCRs 2) Ask subprojects to switch to the AR registry. They do so by:

  1. Switching new builds to push to AR (this will vary by how they're doing image push)
  2. Running a backfill task we provide (gcrane cp -R)
  3. Switching from GCR to AR in image promoter config

We should probably check in with release engineering about that last part.

We could alternately: 1) Create AR versions of all staging registries. 2) SIG K8s Infra spins up a job or jobs to continuously backfill from GCR to AR (grane cp -R ... potentially excessive API usage ...) 3) SIG K8s Infra swaps over all the promoter manifests to promote from AR 4) We ask subprojects to stop writing to GCR so we can wind down the grane sync for their repo.

The first plan is less resource intensive but more people-coordination heavy

ameukam commented 8 months ago

Another alternative could be to transition existing GCR repos to AR repos: https://cloud.google.com/artifact-registry/docs/transition/setup-gcr-repo

The infrastructure changes would be minimal and there is little to be done by the community. The downsize of this approach is mostly cost. we will use multi-regional AR repositories.

BenTheElder commented 8 months ago

I forgot about this! Nice! We should definitely estimate the cost delta of that approach ...

One other downside: skew versus newly created registries going forward.

ameukam commented 8 months ago

One other downside: skew versus newly created registries going forward.

AR allow us to create AR repos using gcr.io (traffic is redirected from gcr.io to the AR repo) so I think we are fine until GCR is gone.

k8s-triage-robot commented 5 months ago

The Kubernetes project currently lacks enough contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

You can:

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

BenTheElder commented 5 months ago

Maybe instead tracking in https://github.com/kubernetes/k8s.io/issues/1343

k8s-triage-robot commented 4 months ago

The Kubernetes project currently lacks enough active contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

You can:

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle rotten

upodroid commented 3 months ago

Not rotten

dims commented 3 months ago

Need to go back and create etcd-manager staging bucket in https://github.com/kubernetes/k8s.io/pull/6897

slack conversation : https://kubernetes.slack.com/archives/CCK68P2Q2/p1718654806739639

k8s-triage-robot commented 2 weeks ago

The Kubernetes project currently lacks enough contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

You can:

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale