Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Avoid use of static image lists when gathering images used in deployment #689

Closed
i-chvets opened this issue Aug 31, 2023 · 1 comment
Closed

Comments

@i-chvets
Copy link
Contributor

i-chvets commented Aug 31, 2023

Description

This issue is a derivative of #679

List of images that are used in Charmed Kubeflow deployment is required for various use cases. Some most important ones to date are scanning images for vulnerabilities and creating airgapped deployment environment.

In order to generate a list of images each repository contains image gathering script which can be used individually or as a part of workflow or another tool. The exact functionality of how images are collected differs from repository to repository. In some cases, a static list of images is hardcoded in such scripts that contains images that could not be retrieved dynamically. Those images were observed in CKF deployments and were hardcoded to facilitate progress on image scanning and airgapped deployment work items.

Static lists are not a proper way of tracking what images are referenced in final deployment, because updating of these static lists is manual process that is very likely to introduce errors.

Solution

In each repository where image gathering script contains static list of images implement dynamic way of gathering those images. If dynamic image collection is not possible add disclaimer in image gathering script explaining what are the reasons and provide link to this issue.

List of repositories in which image gathering script contains static list:

@i-chvets
Copy link
Contributor Author

Changes have been made. There are no static lists in image gathering scripts. Closing.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant