-
Notifications
You must be signed in to change notification settings - Fork 2.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
make image listing more resilient #18980
Conversation
Draft until containers/common#1520 is merged. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I would love for @edsantiago to have a look at the test.
code LGTM
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Because this is such a freaky weird failure, I'd like to see a super-clear comment immediately next to the podman images
.
Suggested retry code is untested. Low on time today, heading out.
LGTM once the tests are hip and @edsantiago 's comments are addressed. |
Need another PR in c/common. I am pretty happy about the test as it's quite helpful in finding (more) issues. |
Commit 97961a6 took a first stab at making operating on the layer tree more resilient by detecting unknown-image errors. Testing in containers/podman/pull/18980 revealed that we also need to detect unknown-layer and -size errors as well. Move the errors checks into a convenience function and update the relevant call sites to facilitate future changes. Signed-off-by: Valentin Rothberg <[email protected]>
Now vendoring containers/common#1522 which is needed to address more errors that popped up. I've been running the test for the past 20 mins on my machine but let's see what CI says. |
Commit 97961a6 took a first stab at making operating on the layer tree more resilient by detecting unknown-image errors. Testing in containers/podman/pull/18980 revealed that we also need to detect unknown-layer and -size errors as well. Move the errors checks into a convenience function and update the relevant call sites to facilitate future changes. Export the function since Podman needs the very same checks when operating on images, for instance, when looking up image labels. Signed-off-by: Valentin Rothberg <[email protected]>
a080bf2
to
93ea7a8
Compare
Commit 97961a6 took a first stab at making operating on the layer tree more resilient by detecting unknown-image errors. Testing in containers/podman/pull/18980 revealed that we also need to detect unknown-layer and -size errors as well. Move the errors checks into a convenience function and update the relevant call sites to facilitate future changes. Export the function since Podman needs the very same checks when operating on images, for instance, when looking up image labels. Signed-off-by: Valentin Rothberg <[email protected]>
Commit 97961a6 took a first stab at making operating on the layer tree more resilient by detecting unknown-image errors. Testing in containers/podman/pull/18980 revealed that we also need to detect unknown-layer and -size errors as well. Move the errors checks into a convenience function and update the relevant call sites to facilitate future changes. Export the function since Podman needs the very same checks when operating on images, for instance, when looking up image labels. Signed-off-by: Valentin Rothberg <[email protected]>
c1e1074
to
2741635
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
Almost green and ready to merge |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/hold
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Explanation.
Handle more TOCTOUs operating on listed images. Also pull in containers/common/pull/1520 and containers/common/pull/1522 which do the same on the internal layer tree. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2216700 Signed-off-by: Valentin Rothberg <[email protected]>
@vrothberg this is a new (to me) error:
Is there any chance your code could've caused this? |
It is not obvious to me but "never say never". Let's keep an eye on it. |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: edsantiago, giuseppe, vrothberg The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
Flake turned out to be the unmount/EINVAL one (#18831), which is well known. This PR LGTM. |
/lgtm |
Handle more TOCTOUs operating on listed images. Also pull in containers/common/pull/1520 which does the same on the internal layer tree.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2216700
Does this PR introduce a user-facing change?