Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update release Task to prevent releases clobbering each other #983

Closed
bobcatfish opened this issue Jun 13, 2019 · 3 comments · Fixed by #1434
Closed

Update release Task to prevent releases clobbering each other #983

bobcatfish opened this issue Jun 13, 2019 · 3 comments · Fixed by #1434
Assignees
@afrittoli
Labels
area/test-infra Issues or PRs related to the testing infrastructure
Milestone
Pipelines 0.8 🐱

Comments

@bobcatfish
Copy link
Collaborator

Expected Behavior

If someone tries to use the dogfood release Task to re-release a release that has already been created, execution of the Task should fail.

(One idea of how to do this is to add a first step to look in the buckets and the image repo to see if that versionTag has been used before, maybe even check for every single output image and also the yaml files.)

Actual Behavior

If someone with sufficient permissions tried to run the release Task with a version that has previously been released, the previously released images and yaml file would be overwritten.

One good thing tho is that the digests would change, so the releases used in the yaml files attached to our github releases wouldn't be affected, however the tags would be updated and the yaml file in our release bucket would be updated.

And there wouldnt even be a warning 😭

Additional Info

We saw something like this actually happen a while ago (pre-dogfooding) in #253 :O
@vdemeester
Copy link
Member

/area test-infra

@tekton-robot tekton-robot added the area/test-infra Issues or PRs related to the testing infrastructure label Jun 14, 2019
@houshengbo
Copy link

@bobcatfish Have we supported conditional execution yet?
If we have a step checking the image and the tags, how can we make sure next step is executed or terminated based on the result of the first step?
Is this what you mean to fix this issue?

@bobcatfish bobcatfish added the maybe-next-milestone For consideration when planning the next milestone label Jul 8, 2019
@bobcatfish
Copy link
Collaborator Author

@houshengbo we could use conditional execution but I think it might be simpler to do this via a step in the existing Task - that way the Task could fail early if a complete run would clobber an existing Task.

imo conditional execution would make sense if it wasn't considered an error to try to overwrite an existing release - but it is an error!

@bobcatfish bobcatfish mentioned this issue Jul 17, 2019
Merged
3 tasks
@bobcatfish bobcatfish added this to the Pipelines 0.7 🐱 milestone Aug 14, 2019
@bobcatfish bobcatfish removed the maybe-next-milestone For consideration when planning the next milestone label Sep 9, 2019
afrittoli added a commit to afrittoli/plumbing that referenced this issue Oct 16, 2019
@afrittoli
Add a task for preprelease checks
b279f78 
Add a tasks that verifies if a release already exists. This is
useful before generating a release, to make sure we do not
overwrite an existing release. Checks are:
- tag already exists in git
- release file already exists in the bucket
- release already defined in GitHub

Closes bug tektoncd/pipeline#983
@afrittoli afrittoli mentioned this issue Oct 16, 2019
Merged
2 tasks
tekton-robot pushed a commit to tektoncd/plumbing that referenced this issue Oct 17, 2019
@afrittoli @tekton-robot
Add a task for preprelease checks
0295c3b 
Add a tasks that verifies if a release already exists. This is
useful before generating a release, to make sure we do not
overwrite an existing release. Checks are:
- tag already exists in git
- release file already exists in the bucket
- release already defined in GitHub

Closes bug tektoncd/pipeline#983
afrittoli added a commit to afrittoli/pipeline that referenced this issue Oct 17, 2019
@afrittoli
Use the pre-release check task from plumbing
3d0e138 
Add the pre-release check task to the release pipeline, to ensure
we don't override an existing release by mistake.

Also fix the README to specify the correct setup for the nightly
release pipeline and the manual release pipeline.

Closes tektoncd#983
@afrittoli afrittoli mentioned this issue Oct 17, 2019
Merged
3 tasks
tekton-robot pushed a commit that referenced this issue Oct 17, 2019
@afrittoli @tekton-robot
Use the pre-release check task from plumbing
cc2474f 
Add the pre-release check task to the release pipeline, to ensure
we don't override an existing release by mistake.

Also fix the README to specify the correct setup for the nightly
release pipeline and the manual release pipeline.

Closes #983
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@afrittoli afrittoli

Labels
area/test-infra Issues or PRs related to the testing infrastructure
Projects
None yet
Milestone
Pipelines 0.8 🐱
Development

Successfully merging a pull request may close this issue.

Use the pre-release check task from plumbing afrittoli/pipeline
5 participants
@vdemeester @bobcatfish @houshengbo @afrittoli @tekton-robot