Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

zarf.dev/original-image annotation can prevent pod scheduling #3313

Closed
daniel-palmer-gu opened this issue Dec 10, 2024 · 2 comments · Fixed by #3314
Closed

zarf.dev/original-image annotation can prevent pod scheduling #3313

daniel-palmer-gu opened this issue Dec 10, 2024 · 2 comments · Fixed by #3314
Labels
possible-bug 🐛

Comments

@daniel-palmer-gu
Copy link
Contributor

Environment

Device and OS:
App version:
Kubernetes distro being used: EKS
Other:

Steps to reproduce

  1. Deploy a job that has a container name sonarqube-sonarqube-change-default-admin-password (manifest below)

Expected result

Pod is scheduled into the cluster

Actual Result

Scheduler errors with the following:

Warning  FailedCreate  48s    job-controller  (combined from similar events): Error creating: Pod "sonarqube-sonarqube-change-admin-password-hook-mqng2" is invalid: metadata.annotations: Invalid value: "zarf.dev/original-image-sonarqube-sonarqube-change-default-admin-password": name part must be no more than 63 characters

Visual Proof (screenshots, videos, text, etc)

Severity/Priority

Additional Context

Add any other context or screenshots about the technical debt here.

This is a job manifest deployed via bigbang:

apiVersion: batch/v1
kind: Job
metadata:
  annotations:
    helm.sh/hook: post-install
    helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
  creationTimestamp: "2024-12-10T18:50:35Z"
  generation: 1
  labels:
    app: sonarqube
    helm.sh/chart: sonarqube-10.6.1-bb.2
    heritage: Helm
    release: sonarqube
  name: sonarqube-sonarqube-change-admin-password-hook
  namespace: sonarqube
  resourceVersion: "65755"
  uid: f53e435e-1a04-41f7-ae01-2361cfb6474f
spec:
  backoffLimit: 6
  completionMode: NonIndexed
  completions: 1
  manualSelector: false
  parallelism: 1
  podReplacementPolicy: TerminatingOrFailed
  selector:
    matchLabels:
      batch.kubernetes.io/controller-uid: f53e435e-1a04-41f7-ae01-2361cfb6474f
  suspend: false
  template:
    metadata:
      creationTimestamp: null
      labels:
        app: sonarqube
        batch.kubernetes.io/controller-uid: f53e435e-1a04-41f7-ae01-2361cfb6474f
        batch.kubernetes.io/job-name: sonarqube-sonarqube-change-admin-password-hook
        controller-uid: f53e435e-1a04-41f7-ae01-2361cfb6474f
        heritage: Helm
        job-name: sonarqube-sonarqube-change-admin-password-hook
        release: sonarqube
      name: sonarqube-sonarqube-change-admin-password-hook
    spec:
      containers:
      - args:
        - |
          until curl -v --connect-timeout 100 sonarqube-sonarqube:9000/api/system/status | grep -w UP; do
            sleep 10
          done
          curl -v --connect-timeout 100 -u admin:admin -X POST "sonarqube-sonarqube:9000/api/users/change_password?login=admin&previousPassword=admin&password=someNewPassword"
          until curl -fsI http://localhost:15021/healthz/ready; do
            echo "Waiting for Istio sidecar proxy..."
            sleep 3
          done
          sleep 5
          echo "Stopping the istio proxy..."
          curl -X POST http://localhost:15020/quitquitquit
        command:
        - sh
        - -c
        env:
        - name: ADMIN_PASSWORD
          valueFrom:
            secretKeyRef:
              key: password
              name: sonarqube-sonarqube-admin-password
        - name: CURRENT_ADMIN_PASSWORD
          valueFrom:
            secretKeyRef:
              key: currentPassword
              name: sonarqube-sonarqube-admin-password
        image: registry1.dso.mil/ironbank/big-bang/base:2.1.0
        imagePullPolicy: IfNotPresent
        name: sonarqube-sonarqube-change-default-admin-password
        resources:
          limits:
            cpu: "1"
            ephemeral-storage: 512G
            memory: 6144M
          requests:
            cpu: 10m
            ephemeral-storage: 1536M
            memory: 128Mi
        securityContext:
          capabilities:
            drop:
            - ALL
          runAsGroup: 1001
          runAsNonRoot: true
          runAsUser: 1001
        terminationMessagePath: /dev/termination-log
        terminationMessagePolicy: File
      dnsPolicy: ClusterFirst
      imagePullSecrets:
      - name: private-registry
      - name: private-registry
      restartPolicy: OnFailure
      schedulerName: default-scheduler
      securityContext: {}
      serviceAccount: sonarqube-sonarqube
      serviceAccountName: sonarqube-sonarqube
      terminationGracePeriodSeconds: 30
@AustinAbro321
Copy link
Contributor

Thanks, this is an important bug. Will get a fix up soon

@AustinAbro321 AustinAbro321 mentioned this issue Dec 10, 2024
Merged
2 tasks
@daniel-palmer-gu
Copy link
Contributor Author

@AustinAbro321 thank you for the quick turnaround. I left a few comments on your PR

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
possible-bug 🐛
Projects
None yet
Milestone
No milestone
2 participants
@AustinAbro321 @daniel-palmer-gu