From ec11f071690ee46e24533d900619bcab2917ecea Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=81ukasz=20Sierant?= Date: Fri, 20 Jun 2025 10:24:36 +0200 Subject: [PATCH 1/5] Tag latest readiness and versionhook when building on master --- pipeline.py | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/pipeline.py b/pipeline.py index d2fc46fcf..c9c87ce9c 100755 --- a/pipeline.py +++ b/pipeline.py @@ -1042,8 +1042,22 @@ def build_image_generic( # But since we don't run daily rebuilds on ecr image builds, we can do that step instead here. # We only need to push manifests for multi-arch images. create_and_push_manifest(registry_address, version, architectures=architectures) - - # Sign and verify the context image if on releases if requied. + # if not is_running_in_patch() and is_running_in_evg_pipeline(): + # FIXME only for testing master latest tag push + if is_running_in_evg_pipeline(): + latest_tag="latest-test" + logger.info(f"Tagging and pushing {registry_address}:{version} as {latest_tag}") + try: + client = docker.from_env() + source_image = client.images.pull(f"{registry_address}:{version}") + source_image.tag(registry_address, latest_tag) + client.images.push(registry_address, tag=latest_tag) + logger.info(f"Successfully tagged and pushed {registry_address}:{latest_tag}") + except docker.errors.DockerException as e: + logger.error(f"Failed to tag/push {latest_tag} image: {e}") + raise + + # Sign and verify the context image if on releases if required. if config.sign and config.is_release_step_executed(): sign_and_verify_context_image(registry, version) From 156ff2fd3371f95c3c097838aa286e674320abc8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=81ukasz=20Sierant?= Date: Fri, 20 Jun 2025 10:36:22 +0200 Subject: [PATCH 2/5] Removed manual change --- pipeline.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/pipeline.py b/pipeline.py index c9c87ce9c..866591db0 100755 --- a/pipeline.py +++ b/pipeline.py @@ -1042,10 +1042,8 @@ def build_image_generic( # But since we don't run daily rebuilds on ecr image builds, we can do that step instead here. # We only need to push manifests for multi-arch images. create_and_push_manifest(registry_address, version, architectures=architectures) - # if not is_running_in_patch() and is_running_in_evg_pipeline(): - # FIXME only for testing master latest tag push - if is_running_in_evg_pipeline(): - latest_tag="latest-test" + latest_tag="latest" + if not is_running_in_patch() and is_running_in_evg_pipeline(): logger.info(f"Tagging and pushing {registry_address}:{version} as {latest_tag}") try: client = docker.from_env() @@ -1056,6 +1054,8 @@ def build_image_generic( except docker.errors.DockerException as e: logger.error(f"Failed to tag/push {latest_tag} image: {e}") raise + else: + logger.info(f"Skipping tagging and pushing {registry_address}:{version} as {latest_tag} tag; is_running_in_patch={is_running_in_patch()}, is_running_in_evg_pipeline={is_running_in_evg_pipeline()}") # Sign and verify the context image if on releases if required. if config.sign and config.is_release_step_executed(): From 113b9f5ba17f5c0f65ec0a09708d94d03ff69396 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=81ukasz=20Sierant?= Date: Fri, 20 Jun 2025 11:18:37 +0200 Subject: [PATCH 3/5] pre-commit --- ...godb-kubernetes.clusterserviceversion.yaml | 33 ++++++++----------- pipeline.py | 6 ++-- 2 files changed, 18 insertions(+), 21 deletions(-) diff --git a/config/manifests/bases/mongodb-kubernetes.clusterserviceversion.yaml b/config/manifests/bases/mongodb-kubernetes.clusterserviceversion.yaml index 84c3455fc..c64c8cc25 100644 --- a/config/manifests/bases/mongodb-kubernetes.clusterserviceversion.yaml +++ b/config/manifests/bases/mongodb-kubernetes.clusterserviceversion.yaml @@ -8,9 +8,9 @@ metadata: certified: "true" containerImage: quay.io/mongodb/mongodb-kubernetes:1.2.0 createdAt: "" - description: The MongoDB Controllers for Kubernetes enable easy deploys of - MongoDB into Kubernetes clusters, using our management, monitoring and - backup platforms, Ops Manager and Cloud Manager. + description: The MongoDB Controllers for Kubernetes enable easy deploys of MongoDB + into Kubernetes clusters, using our management, monitoring and backup platforms, + Ops Manager and Cloud Manager. features.operators.openshift.io/disconnected: "true" features.operators.openshift.io/fips-compliant: "false" features.operators.openshift.io/proxy-aware: "false" @@ -51,8 +51,7 @@ spec: x-descriptors: - urn:alm:descriptor:com.tectonic.ui:text - urn:alm:descriptor:com.tectonic.ui:fieldGroup:ClusterConfiguration - - description: In a Replica Set deployment type, specifies the amount of - members. + - description: In a Replica Set deployment type, specifies the amount of members. displayName: Members of a Replica Set path: members x-descriptors: @@ -66,8 +65,7 @@ spec: - description: Project configuration for this deployment displayName: Ops Manager project configuration path: opsManager - - description: Name of the ConfigMap with the configuration for this - project + - description: Name of the ConfigMap with the configuration for this project displayName: Ops Manager Project Configuration path: opsManager.configMapRef.name x-descriptors: @@ -166,8 +164,7 @@ spec: x-descriptors: - urn:alm:descriptor:com.tectonic.ui:text - urn:alm:descriptor:com.tectonic.ui:fieldGroup:ClusterConfiguration - - description: In a Replica Set deployment type, specifies the amount of - members. + - description: In a Replica Set deployment type, specifies the amount of members. displayName: Members of a Replica Set path: members x-descriptors: @@ -181,8 +178,7 @@ spec: - description: Project configuration for this deployment displayName: Ops Manager project configuration path: opsManager - - description: Name of the ConfigMap with the configuration for this - project + - description: Name of the ConfigMap with the configuration for this project displayName: Ops Manager Project Configuration path: opsManager.configMapRef.name x-descriptors: @@ -194,8 +190,8 @@ spec: x-descriptors: - urn:alm:descriptor:com.tectonic.ui:booleanSwitch - urn:alm:descriptor:com.tectonic.ui:fieldGroup:ClusterConfiguration - - description: Optional. Specify whether to duplicate service objects - among different Kubernetes clusters. + - description: Optional. Specify whether to duplicate service objects among + different Kubernetes clusters. displayName: Duplicate Service Objects path: duplicateServiceObjects x-descriptors: @@ -256,8 +252,7 @@ spec: path: passwordSecretKeyRef.name x-descriptors: - urn:alm:descriptor:io.kubernetes:Secret - - displayName: Name of the MongoDB resource to which this user is - associated. + - displayName: Name of the MongoDB resource to which this user is associated. path: mongodbResourceRef.name x-descriptors: - urn:alm:descriptor:io.kubernetes:mongodb @@ -313,8 +308,8 @@ spec: x-descriptors: - urn:alm:descriptor:io.kubernetes:Secret - urn:alm:descriptor:com.tectonic.ui:fieldGroup:OpsManagerConfiguration - - displayName: Secret to enable TLS for Ops Manager allowing it to serve - traffic over HTTPS. + - displayName: Secret to enable TLS for Ops Manager allowing it to serve traffic + over HTTPS. path: security.tls.secretRef.name x-descriptors: - urn:alm:descriptor:io.kubernetes:Secret @@ -324,8 +319,8 @@ spec: x-descriptors: - urn:alm:descriptor:com.tectonic.ui:number - urn:alm:descriptor:com.tectonic.ui:fieldGroup:ApplicationDatabase - - displayName: Secret containing the TLS certificate signed by known or - custom CA. + - displayName: Secret containing the TLS certificate signed by known or custom + CA. path: applicationDatabase.security.tls.secretRef.name x-descriptors: - urn:alm:descriptor:io.kubernetes:Secret diff --git a/pipeline.py b/pipeline.py index 866591db0..f21de6e88 100755 --- a/pipeline.py +++ b/pipeline.py @@ -1042,7 +1042,7 @@ def build_image_generic( # But since we don't run daily rebuilds on ecr image builds, we can do that step instead here. # We only need to push manifests for multi-arch images. create_and_push_manifest(registry_address, version, architectures=architectures) - latest_tag="latest" + latest_tag = "latest" if not is_running_in_patch() and is_running_in_evg_pipeline(): logger.info(f"Tagging and pushing {registry_address}:{version} as {latest_tag}") try: @@ -1055,7 +1055,9 @@ def build_image_generic( logger.error(f"Failed to tag/push {latest_tag} image: {e}") raise else: - logger.info(f"Skipping tagging and pushing {registry_address}:{version} as {latest_tag} tag; is_running_in_patch={is_running_in_patch()}, is_running_in_evg_pipeline={is_running_in_evg_pipeline()}") + logger.info( + f"Skipping tagging and pushing {registry_address}:{version} as {latest_tag} tag; is_running_in_patch={is_running_in_patch()}, is_running_in_evg_pipeline={is_running_in_evg_pipeline()}" + ) # Sign and verify the context image if on releases if required. if config.sign and config.is_release_step_executed(): From 74428e0393ab767c0ce16fd5a9e644eb8f931785 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=81ukasz=20Sierant?= Date: Fri, 20 Jun 2025 11:20:33 +0200 Subject: [PATCH 4/5] pre-commit --- ...godb-kubernetes.clusterserviceversion.yaml | 33 +++++++++++-------- 1 file changed, 19 insertions(+), 14 deletions(-) diff --git a/config/manifests/bases/mongodb-kubernetes.clusterserviceversion.yaml b/config/manifests/bases/mongodb-kubernetes.clusterserviceversion.yaml index c64c8cc25..84c3455fc 100644 --- a/config/manifests/bases/mongodb-kubernetes.clusterserviceversion.yaml +++ b/config/manifests/bases/mongodb-kubernetes.clusterserviceversion.yaml @@ -8,9 +8,9 @@ metadata: certified: "true" containerImage: quay.io/mongodb/mongodb-kubernetes:1.2.0 createdAt: "" - description: The MongoDB Controllers for Kubernetes enable easy deploys of MongoDB - into Kubernetes clusters, using our management, monitoring and backup platforms, - Ops Manager and Cloud Manager. + description: The MongoDB Controllers for Kubernetes enable easy deploys of + MongoDB into Kubernetes clusters, using our management, monitoring and + backup platforms, Ops Manager and Cloud Manager. features.operators.openshift.io/disconnected: "true" features.operators.openshift.io/fips-compliant: "false" features.operators.openshift.io/proxy-aware: "false" @@ -51,7 +51,8 @@ spec: x-descriptors: - urn:alm:descriptor:com.tectonic.ui:text - urn:alm:descriptor:com.tectonic.ui:fieldGroup:ClusterConfiguration - - description: In a Replica Set deployment type, specifies the amount of members. + - description: In a Replica Set deployment type, specifies the amount of + members. displayName: Members of a Replica Set path: members x-descriptors: @@ -65,7 +66,8 @@ spec: - description: Project configuration for this deployment displayName: Ops Manager project configuration path: opsManager - - description: Name of the ConfigMap with the configuration for this project + - description: Name of the ConfigMap with the configuration for this + project displayName: Ops Manager Project Configuration path: opsManager.configMapRef.name x-descriptors: @@ -164,7 +166,8 @@ spec: x-descriptors: - urn:alm:descriptor:com.tectonic.ui:text - urn:alm:descriptor:com.tectonic.ui:fieldGroup:ClusterConfiguration - - description: In a Replica Set deployment type, specifies the amount of members. + - description: In a Replica Set deployment type, specifies the amount of + members. displayName: Members of a Replica Set path: members x-descriptors: @@ -178,7 +181,8 @@ spec: - description: Project configuration for this deployment displayName: Ops Manager project configuration path: opsManager - - description: Name of the ConfigMap with the configuration for this project + - description: Name of the ConfigMap with the configuration for this + project displayName: Ops Manager Project Configuration path: opsManager.configMapRef.name x-descriptors: @@ -190,8 +194,8 @@ spec: x-descriptors: - urn:alm:descriptor:com.tectonic.ui:booleanSwitch - urn:alm:descriptor:com.tectonic.ui:fieldGroup:ClusterConfiguration - - description: Optional. Specify whether to duplicate service objects among - different Kubernetes clusters. + - description: Optional. Specify whether to duplicate service objects + among different Kubernetes clusters. displayName: Duplicate Service Objects path: duplicateServiceObjects x-descriptors: @@ -252,7 +256,8 @@ spec: path: passwordSecretKeyRef.name x-descriptors: - urn:alm:descriptor:io.kubernetes:Secret - - displayName: Name of the MongoDB resource to which this user is associated. + - displayName: Name of the MongoDB resource to which this user is + associated. path: mongodbResourceRef.name x-descriptors: - urn:alm:descriptor:io.kubernetes:mongodb @@ -308,8 +313,8 @@ spec: x-descriptors: - urn:alm:descriptor:io.kubernetes:Secret - urn:alm:descriptor:com.tectonic.ui:fieldGroup:OpsManagerConfiguration - - displayName: Secret to enable TLS for Ops Manager allowing it to serve traffic - over HTTPS. + - displayName: Secret to enable TLS for Ops Manager allowing it to serve + traffic over HTTPS. path: security.tls.secretRef.name x-descriptors: - urn:alm:descriptor:io.kubernetes:Secret @@ -319,8 +324,8 @@ spec: x-descriptors: - urn:alm:descriptor:com.tectonic.ui:number - urn:alm:descriptor:com.tectonic.ui:fieldGroup:ApplicationDatabase - - displayName: Secret containing the TLS certificate signed by known or custom - CA. + - displayName: Secret containing the TLS certificate signed by known or + custom CA. path: applicationDatabase.security.tls.secretRef.name x-descriptors: - urn:alm:descriptor:io.kubernetes:Secret From 8962bab7825b7af49fd23d21f61eae956a0cd84f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=81ukasz=20Sierant?= Date: Fri, 11 Jul 2025 08:20:44 +0200 Subject: [PATCH 5/5] Added tracing to pushing latest image --- pipeline.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/pipeline.py b/pipeline.py index f21de6e88..67d4b5383 100755 --- a/pipeline.py +++ b/pipeline.py @@ -1050,6 +1050,8 @@ def build_image_generic( source_image = client.images.pull(f"{registry_address}:{version}") source_image.tag(registry_address, latest_tag) client.images.push(registry_address, tag=latest_tag) + span = trace.get_current_span() + span.set_attribute("mck.image.push_latest", f"{registry_address}:{latest_tag}") logger.info(f"Successfully tagged and pushed {registry_address}:{latest_tag}") except docker.errors.DockerException as e: logger.error(f"Failed to tag/push {latest_tag} image: {e}") @@ -1623,7 +1625,6 @@ def calculate_images_to_build( def main(): _setup_tracing() - _setup_tracing() parser = argparse.ArgumentParser() parser.add_argument("--include", action="append", help="list of images to include")