Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

authn/kubernetes - fix index.docker.io case #1300

Merged
merged 1 commit into from
Feb 19, 2022
Merged

authn/kubernetes - fix index.docker.io case #1300

merged 1 commit into from
Feb 19, 2022

Conversation

dprotaso
Copy link
Contributor

Previous PR broke this case - #1299

Added a test

@codecov-commenter
Copy link

codecov-commenter commented Feb 19, 2022
edited
Loading

Codecov Report

Merging #1300 (40bace3) into main (4fcfd54) will not change coverage.
The diff coverage is n/a.

Impacted file tree graph

@@           Coverage Diff           @@
##             main    #1300   +/-   ##
=======================================
  Coverage   74.01%   74.01%           
=======================================
  Files         112      112           
  Lines        8386     8386           
=======================================
  Hits         6207     6207           
  Misses       1575     1575           
  Partials      604      604

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 4fcfd54...40bace3. Read the comment docs.

@imjasonh imjasonh merged commit 1571d7f into google:main Feb 19, 2022
@imjasonh imjasonh mentioned this pull request Feb 19, 2022
Merged
5 tasks
@dprotaso dprotaso deleted the fix-kubernetes branch February 19, 2022 16:28
@dprotaso dprotaso mentioned this pull request Feb 23, 2022
Merged
dprotaso added a commit to dprotaso/serving that referenced this pull request Feb 23, 2022
@dprotaso
bump ggcr which includes auth config lookup fixes for k8s
ed6c6b9 
Includes the fixes:
- google/go-containerregistry#1299
- google/go-containerregistry#1300
dprotaso added a commit to dprotaso/serving that referenced this pull request Feb 23, 2022
@dprotaso
bump ggcr which includes auth config lookup fixes for k8s
8c08c7f 
Includes the fixes:
- google/go-containerregistry#1299
- google/go-containerregistry#1300
@dprotaso dprotaso mentioned this pull request Feb 23, 2022
Merged
knative-prow-robot pushed a commit to knative/serving that referenced this pull request Feb 23, 2022
@dprotaso
bump ggcr which includes auth config lookup fixes for k8s (#12655)
40029f9 
Includes the fixes:
- google/go-containerregistry#1299
- google/go-containerregistry#1300
@imjasonh imjasonh mentioned this pull request Feb 23, 2022
Merged
5 tasks
knative-prow-robot pushed a commit to knative/serving that referenced this pull request Feb 25, 2022
@dprotaso
bump ggcr which includes auth config lookup fixes for k8s (#12656)
a62fbd5 
Includes the fixes:
- google/go-containerregistry#1299
- google/go-containerregistry#1300
@hasheddan hasheddan mentioned this pull request Mar 4, 2022
Merged
3 tasks
@dprotaso dprotaso mentioned this pull request Mar 21, 2022
Closed
nak3 pushed a commit to nak3/serving that referenced this pull request May 26, 2022
@dprotaso @nak3
bump ggcr which includes auth config lookup fixes for k8s (knative#12656
2c05083 
)

Includes the fixes:
- google/go-containerregistry#1299
- google/go-containerregistry#1300
openshift-merge-robot pushed a commit to openshift/knative-serving that referenced this pull request May 26, 2022
@nak3 @skonto
@knative-prow-robot @dprotaso @knative-automation
[RELEASE-v1.2] Sync to serving v1.2.5 (#1128)
3393be7 
* Pin to 1.23 S-O branch

* Add 0-kourier.yaml and 1-config-network.yaml to kourier.yaml (#1122)

* Rename kourier.yaml with 0-kourier.yaml

* Concat the files

* fix csv logic (#1125)

* Reduce the period and failure threshold for activator readiness (knative#12618)

The default drain timeout is 45 seconds which was much shorter than
the time it takes the activator to be recognized as not ready (2 minutes)

This was resulting in 503s since the activator was receiving traffic when it
was not expecting it

Co-authored-by: dprotaso <[email protected]>

* Address 503s when the autoscaler is being rolled (knative#12621)

The activator's readiness depends on the status of web socket connection
to the autoscaler. When the connection is down the activator will report
ready=false. This can occur when the autoscaler deployment is updating.

PR knative#12614 made the activator's readiness probe fail aggressively after
a single failure. This didn't seem to impact istio but with contour it
started returning 503s since the activator started to report ready=false
immediately.

This PR does two things to mitigate 503s:
- bump the readiness threshold to give the autoscaler more time to
  rollout/startup. This still remains lower than the drain duration
- Update the autoscaler rollout strategy so we spin up a new instance
  prior to bring down the older one. This is done using maxUnavailable=0

Co-authored-by: dprotaso <[email protected]>

* [release-1.2] Drop MaxDurationSeconds from the RevisionSpec  (knative#12640)

* Drop MaxDurationSeconds from the RevisionSpec (knative#12635)

We added MaxDurationSeconds (knative#12322) because the behaviour of
RevisionSpec.Timeout changed from total duration to time to first byte.

In hindsight changing the behaviour of Timeout was a mistake since
it goes against the original specification.

Thus we're going to create a path for migration and the first part is
to remove MaxDurationSeconds from the RevisionSpec.

* fix conformance test

* [release-1.2] fix ytt package name (knative#12657)

* fix ytt package name

* use correct path

Co-authored-by: dprotaso <[email protected]>

* Remove an unnecessary start delay when resolving tag to digests (knative#12669)

Co-authored-by: dprotaso <[email protected]>

* Drop collecting performance data in release branch (knative#12673)

Co-authored-by: dprotaso <[email protected]>

* bump ggcr which includes auth config lookup fixes for k8s (knative#12656)

Includes the fixes:
- google/go-containerregistry#1299
- google/go-containerregistry#1300

* Fixes an activator panic when the throttle encounters a cache.DeleteFinalStateUnknown (knative#12680)

Co-authored-by: dprotaso <[email protected]>

* upgrade to latest dependencies (knative#12674)

bumping knative.dev/pkg 77555ea...083dd97:
  > 083dd97 Wait for reconciler/controllers to return prior to exiting the process (# 2438)
  > df430fa dizzy: we must use `flags` instead of `pflags`, since this is not working. It seems like pflag.* adds the var to its own flag set, not the one package flag uses, and it doesn't expose the internal flag.Var externally - hence this fix. (# 2415)

Signed-off-by: Knative Automation <[email protected]>

* [release-1.2] fix tag to digest resolution (ggcr bump) (knative#12834)

* pin k8s dep

* Fix tag to digest resolution with K8s secrets

I forgot to bump ggcr's sub package in the prior release

github.com/google/go-containerregistry/pkg/authn/k8schain

* bump ggcr which fixes tag-to-digest resolution for Azure & GitLab (knative#12857)

Co-authored-by: Stavros Kontopoulos <[email protected]>
Co-authored-by: Knative Prow Robot <[email protected]>
Co-authored-by: dprotaso <[email protected]>
Co-authored-by: knative-automation <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@imjasonh imjasonh imjasonh approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@dprotaso @codecov-commenter @imjasonh