fix: truncate agent pod annotation so scheduler doesn't fail when annoation limit is exceeded

src/internal/agent/hooks/pods.go

@@ -42,8 +42,16 @@ func parsePod(object []byte) (*corev1.Pod, error) {
 	return &pod, nil
 }
 
-func getImageAnnotationKey(containerName string) string {
-	return fmt.Sprintf("%s/original-image-%s", annotationPrefix, containerName)
+func getImageAnnotationKey(ctx context.Context, containerName string) string {
+	annotationName := fmt.Sprintf("original-image-%s", containerName)
+	// Kubernetes requires all annotation names to be to be no more than 63 characters
+	// https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/#syntax-and-character-set
+	if len(annotationName) > 63 {
+		logger.From(ctx).Debug("truncating container name to fit Kubernetes 63 character annotation name limit", "container", containerName)
+		annotationName = annotationName[:63]
+	}
+	key := fmt.Sprintf("%s/%s", annotationPrefix, annotationName)
+	return key
 }
 
 func mutatePod(ctx context.Context, r *v1.AdmissionRequest, cluster *cluster.Cluster) (*operations.Result, error) {
@@ -88,7 +96,7 @@ func mutatePod(ctx context.Context, r *v1.AdmissionRequest, cluster *cluster.Clu
 		if err != nil {
 			return nil, err
 		}
-		updatedAnnotations[getImageAnnotationKey(container.Name)] = container.Image
+		updatedAnnotations[getImageAnnotationKey(ctx, container.Name)] = container.Image
 		patches = append(patches, operations.ReplacePatchOperation(path, replacement))
 	}
 
@@ -99,7 +107,7 @@ func mutatePod(ctx context.Context, r *v1.AdmissionRequest, cluster *cluster.Clu
 		if err != nil {
 			return nil, err
 		}
-		updatedAnnotations[getImageAnnotationKey(container.Name)] = container.Image
+		updatedAnnotations[getImageAnnotationKey(ctx, container.Name)] = container.Image
 		patches = append(patches, operations.ReplacePatchOperation(path, replacement))
 	}
 
@@ -110,7 +118,7 @@ func mutatePod(ctx context.Context, r *v1.AdmissionRequest, cluster *cluster.Clu
 		if err != nil {
 			return nil, err
 		}
-		updatedAnnotations[getImageAnnotationKey(container.Name)] = container.Image
+		updatedAnnotations[getImageAnnotationKey(ctx, container.Name)] = container.Image
 		patches = append(patches, operations.ReplacePatchOperation(path, replacement))
 	}
 

src/internal/agent/hooks/pods_test.go

@@ -154,3 +154,27 @@ func TestPodMutationWebhook(t *testing.T) {
 		})
 	}
 }
+func TestGetImageAnnotationKey(t *testing.T) {
+	t.Parallel()
+	tests := []struct {
+		containerName string
+		expectedKey   string
+	}{
+		{
+			containerName: "nginx",
+			expectedKey:   "zarf.dev/original-image-nginx",
+		},
+		{
+			containerName: "a-very-long-container-name-that-exceeds-sixty-three-characters",
+			expectedKey:   "zarf.dev/original-image-a-very-long-container-name-that-exceeds-sixty-th",
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.containerName, func(t *testing.T) {
+			t.Parallel()
+			key := getImageAnnotationKey(context.Background(), tt.containerName)
+			require.Equal(t, tt.expectedKey, key)
+		})
+	}
+}