Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update scripts/release.sh to push to artifact registry #19250

Closed
wants to merge 2 commits into from

Conversation

jmhbnz
Copy link
Member

@jmhbnz jmhbnz commented Jan 21, 2025

This pr addresses #15199. On March 18, 2025, Container Registry will be replaced by Artifact Registry and no longer available.

There are wider discussions ongoing about how etcd will adopt/re-use existing k8s etcd image build pipeline. In the short term lets ensure our upcoming releases will push to artifact registry.

A new registry has been created in our etcd-development gcp project: https://console.cloud.google.com/artifacts/docker/etcd-development/us/etcd?project=etcd-development

I have verified push permissions work as expected by pushing a v3.5.17 image to the new repository and granted push permissions to our etcd-release-team custom gcp role. Public read only access has been granted to the repository so users can pull our images.

I've also verified the release script is working as expecting, producing the following images after being run in dry run mode:

 ~  Documents  etcd   main ↑1  last: 0m 6s  docker images
REPOSITORY                                    TAG              IMAGE ID      CREATED             SIZE
gcr.io/etcd-development/etcd                  v3.6.99-s390x    0955597f3106  35 seconds ago      64.4 MB
quay.io/coreos/etcd                           v3.6.99-s390x    0955597f3106  35 seconds ago      64.4 MB
us-docker.pkg.dev/etcd-development/etcd/etcd  v3.6.99-s390x    0955597f3106  35 seconds ago      64.4 MB
gcr.io/distroless/static-debian12             <none>           4d0de7b4ef96  37 seconds ago      5.73 MB
us-docker.pkg.dev/etcd-development/etcd/etcd  v3.6.99-ppc64le  28c366e5d9ad  50 seconds ago      60.5 MB
quay.io/coreos/etcd                           v3.6.99-ppc64le  28c366e5d9ad  50 seconds ago      60.5 MB
gcr.io/etcd-development/etcd                  v3.6.99-ppc64le  28c366e5d9ad  50 seconds ago      60.5 MB
gcr.io/etcd-development/etcd                  v3.6.99-arm64    619e0640fca5  About a minute ago  59 MB
quay.io/coreos/etcd                           v3.6.99-arm64    619e0640fca5  About a minute ago  59 MB
us-docker.pkg.dev/etcd-development/etcd/etcd  v3.6.99-arm64    619e0640fca5  About a minute ago  59 MB
us-docker.pkg.dev/etcd-development/etcd/etcd  v3.6.99-amd64    5cc288184af8  About a minute ago  60.9 MB
gcr.io/etcd-development/etcd                  v3.6.99-amd64    5cc288184af8  About a minute ago  60.9 MB
quay.io/coreos/etcd                           v3.6.99-amd64    5cc288184af8  About a minute ago  60.9 MB

cc @ahrtr, @serathius, @ivanvc

scripts/release.sh Outdated Show resolved Hide resolved
Copy link

codecov bot commented Jan 21, 2025

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 68.75%. Comparing base (83771ff) to head (0dd4344).
Report is 25 commits behind head on main.

Additional details and impacted files

see 22 files with indirect coverage changes

@@            Coverage Diff             @@
##             main   #19250      +/-   ##
==========================================
- Coverage   68.81%   68.75%   -0.07%     
==========================================
  Files         420      420              
  Lines       35649    35649              
==========================================
- Hits        24533    24509      -24     
- Misses       9691     9715      +24     
  Partials     1425     1425              

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 83771ff...0dd4344. Read the comment docs.

@jmhbnz
Copy link
Member Author

jmhbnz commented Jan 21, 2025

/test pull-etcd-integration-2-cpu-amd64

Copy link
Member

@ivanvc ivanvc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. Thanks, James. From the conversation, it sounds like a blocker before the script's execution time. Given GCR's deprecation, that should not be a blocker anymore.

@k8s-ci-robot
Copy link

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: ivanvc, jmhbnz

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@serathius
Copy link
Member

https://cloud.google.com/artifact-registry/docs/transition/auto-migrate-gcr-ar#migrate-gcrio-hosted-ar mentions Redirects all traffic from gcr.io endpoint to Artifact Registry. Do we really need to change the script to have a separate image push to AR assuming that redirect will work?

@jmhbnz
Copy link
Member Author

jmhbnz commented Jan 22, 2025

https://cloud.google.com/artifact-registry/docs/transition/auto-migrate-gcr-ar#migrate-gcrio-hosted-ar mentions Redirects all traffic from gcr.io endpoint to Artifact Registry. Do we really need to change the script to have a separate image push to AR assuming that redirect will work?

We don't need to. However adopting the new pkg.dev hosts provides more features and appears to be the long term direction for Google, so if we are going to migrate my vote would be to do it fully: https://cloud.google.com/artifact-registry/docs/transition/transition-from-gcr#feature-comparison.

@ahrtr ahrtr self-requested a review January 22, 2025 15:49
@ahrtr
Copy link
Member

ahrtr commented Jan 23, 2025

Thanks @jmhbnz for working on this.

My Proposal:

  • Keep using the gcr.io domain for etcd official images (of course, also keep using quay.io);
  • Using new pkg.dev for any new projects, i.e. etcd-operator.

Points:

  • gcr.io is also a long term support: gcr.io domain support in Artifact Registry will be supported throughout the lifetime of Artifact Registry.
  • There should be huge number of users, applications or scripts are using gcr.io/etcd-development/etcd. Changing it from gcr.io to us-docker.pkg.dev will be definitely a major breaking change for users.
  • I agree that pkg.dev repositories provide more features, but they don't appear to be of immediate interest for etcd for now.
  • Even if we decide to migrate to pkg.dev, we shouldn't do it for the stable releases. ( I am NOT saying I agree the migration)

@serathius
Copy link
Member

+1 to what @ahrtr said.

@ivanvc
Copy link
Member

ivanvc commented Jan 23, 2025

Just noting that James' current approach pushes both to GCR and pkg.dev. It doesn't replace it. I agree that replacing would be disruptive, but I'm supportive of adding the registry in case in a later major release we decide to drop the deprecated registry.

@ahrtr
Copy link
Member

ahrtr commented Jan 23, 2025

Just noting that James' current approach pushes both to GCR and pkg.dev.

Because the legacy container registry is still working at the moment. It won't work any more after March 18, 2025. we can only push to one of them after that time.

@jmhbnz jmhbnz closed this Jan 23, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Development

Successfully merging this pull request may close these issues.

5 participants