Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: add push flag to support pushing to registry directly #294

Closed

Conversation

RealHarshThakur
Copy link
Contributor

@RealHarshThakur RealHarshThakur commented Sep 7, 2023

This PR enables direct push to registry from buildkit:

copa patch -i docker.io/library/alpine:3.16.4 -r patch.json -p ttl.sh/alpinepatched:1h

One side-effect of this would be that copa wouldn't rely on Docker anymore if there is a remote buildkit setup as I mentioned here. #285 (comment)

Closes #293

@RealHarshThakur RealHarshThakur changed the title Add push flag to support pushing to registry directly feat: add push flag to support pushing to registry directly Sep 7, 2023
@codecov
Copy link

codecov bot commented Sep 7, 2023

Codecov Report

Attention: 63 lines in your changes are missing coverage. Please review.

Comparison is base (2b9f177) 33.02% compared to head (82060be) 33.49%.

Additional details and impacted files
@@            Coverage Diff             @@
##             main     #294      +/-   ##
==========================================
+ Coverage   33.02%   33.49%   +0.46%     
==========================================
  Files          17       17              
  Lines        1626     1663      +37     
==========================================
+ Hits          537      557      +20     
- Misses       1060     1072      +12     
- Partials       29       34       +5     
Files Coverage Δ
pkg/patch/cmd.go 47.91% <25.00%> (-0.98%) ⬇️
pkg/patch/patch.go 20.00% <46.34%> (+13.96%) ⬆️
pkg/buildkit/buildkit.go 0.00% <0.00%> (ø)

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@sozercan
Copy link
Member

sozercan commented Sep 7, 2023

I am wondering if we should align with buildx CLI here. Ideally, we don't want to break existing users so what I was thinking was to use --tag to accept registy/repo:tag and --push can be a bool. to remain backwards compat, we can parse if --tag includes : and /. If it includes both : and /, retag the entire image. If it doesn't include both : and /, only replace the tag.

-i foo.io/repo/image:tag -t -patched -> foo.io/repo/image:tag-patched (what we have today)
-i foo.io/repo/image:tag -t bar.io/repo/image:tag -> bar.io/repo/image:tag
-i foo.io/repo/image:tag -t bar.io/repo/image -> invalid (must provide tag)
-i foo.io/repo/image:tag -t repo/image:tag -> invalid (must provide registry)

@jeremyrickard @cpuguy83 wdyt?

@jeremyrickard
Copy link

jeremyrickard commented Sep 8, 2023

I am wondering if we should align with buildx CLI here. Ideally, we don't want to break existing users so what I was thinking was to use --tag to accept registy/repo:tag and --push can be a bool. to remain backwards compat, we can parse if --tag includes : and /. If it includes both : and /, retag the entire image. If it doesn't include both : and /, only replace the tag.

-i foo.io/repo/image:tag -t -patched -> foo.io/repo/image:tag-patched (what we have today) -i foo.io/repo/image:tag -t bar.io/repo/image:tag -> bar.io/repo/image:tag -i foo.io/repo/image:tag -t bar.io/repo/image -> invalid (must provide tag) -i foo.io/repo/image:tag -t repo/image:tag -> invalid (must provide registry)

@jeremyrickard @cpuguy83 wdyt?

I like the -i foo.io/repo/image:tag -t bar.io/repo/image:tag syntax because it's also very explicit.

I also think that adding a --push flag would be useful, especially if it didn't require docker locally. Not the same scenario, but the experience withko and pushing images w/o docker is super useful.

@RealHarshThakur
Copy link
Contributor Author

RealHarshThakur commented Sep 8, 2023

cool, happy to go with what you folks suggested.

Although, I am not sure about this bit:

-i foo.io/repo/image:tag -t repo/image:tag -> invalid (must provide registry)

This might still be what the user wants, partially due to how popular dockerhub is: username/image:tag is valid over there. Also, other such registries like ttl.sh also don't mind that format.

Even this bit, might be specific to how registries should manage it. Many registries would just accept it and tag it as latest(although, not encouraged):

 -i foo.io/repo/image:tag -t bar.io/repo/image -> invalid (must provide tag)

@RealHarshThakur
Copy link
Contributor Author

I've pushed a commit to get most of what you folks suggested. Added couple test cases that shows we'll be backwards-compatible and a new case for specifying a different registry. I've tried to stay unopinionated about destination registry conventions as copa will throw an error during push if buildkit fails to push anyway. Happy to take your suggestions tho

@RealHarshThakur
Copy link
Contributor Author

I think setting up the mock buildkit API in unit tests failed, is it acting flaky?

@sozercan
Copy link
Member

sozercan commented Sep 8, 2023

This might still be what the user wants, partially due to how popular dockerhub is: username/image:tag is valid over there. Also, other such registries like ttl.sh also don't mind that format.

this is being consistent with -i since you must provide docker.io there

@RealHarshThakur RealHarshThakur force-pushed the pushimages branch 2 times, most recently from 66fcf39 to 46f56f1 Compare September 9, 2023 08:26
@RealHarshThakur
Copy link
Contributor Author

this is being consistent with -i since you must provide docker.io there

cool, I've added the registry check @sozercan

@RealHarshThakur RealHarshThakur force-pushed the pushimages branch 2 times, most recently from cb525c9 to 7e736d6 Compare September 22, 2023 14:38
@RealHarshThakur
Copy link
Contributor Author

@sozercan @jeremyrickard don't mean to badger, is there anything else you'd like me to change on this PR?

@salaxander
Copy link
Contributor

@RealHarshThakur sorry for the delay - @sozercan has been on vacation for the past couple days. I'll see if I can get you a review asap :)

@sozercan sozercan modified the milestone: v0.5.0 Oct 3, 2023
Copy link
Member

@sozercan sozercan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry about the delay! Please see comments

@@ -232,3 +232,47 @@ func SolveToDocker(ctx context.Context, c *client.Client, st *llb.State, configD
})
return eg.Wait()
}

func SolveToRegistry(ctx context.Context, c *client.Client, st *llb.State, configData []byte, tag string) error {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this seems like duplicating the existing code, can we refactor to share the logic?

return nil, err
}
if ref.IsNameOnly(imageName) {
log.Warnf("Image name has no tag or digest, using latest as tag")
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
log.Warnf("Image name has no tag or digest, using latest as tag")
log.Warn("image name has no tag or digest, using latest as tag")

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

although not sure if we get to this point, since i believe it'll fast fail before this

{
name: "tag passed but without registry or repo",
image: "docker.io/library/nginx:1.21.3",
patchedTag: "my.registry/nginx:1.21.3-patched",
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this should be valid (something like myregistry.azurecr.io/nginx:1.21.3-patched)

if slashCount > 0 {
if slashCount < 2 {
err := fmt.Errorf("invalid tag %s, must be in the form <registry>/<image>:<tag>", patchedTag)
log.Error(err)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i think this is duplicate, since return is logged already?

@sozercan
Copy link
Member

ping @RealHarshThakur. we are getting close to cutting v0.5.0 release if you want this to be included

@RealHarshThakur
Copy link
Contributor Author

I'll try but most likely, I'll be able to pick it up by end of the month

@RealHarshThakur
Copy link
Contributor Author

@sozercan sorry for the delay, I've made the changes you've requested.

@sozercan
Copy link
Member

@RealHarshThakur thanks! can you please rebase when you get a chance? looks there are a few conflicts now.

@sozercan
Copy link
Member

sozercan commented Jul 3, 2024

Closing due to inactivity. Please feel free to re-open if there's ongoing work. Thanks!

@sozercan sozercan closed this Jul 3, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
Status: Done
Development

Successfully merging this pull request may close these issues.

[REQ] Support pushing to registry directly
4 participants