Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[KIE-830] Make SonataFlow Operator build reproducible #357

Merged
merged 6 commits into from
Jan 19, 2024
Merged

[KIE-830] Make SonataFlow Operator build reproducible #357

merged 6 commits into from
Jan 19, 2024

Conversation

ricardozanini
Copy link
Member

@ricardozanini ricardozanini commented Jan 17, 2024
edited
Loading

Description of the change:
See apache/incubator-kie-issues#830.

TODO:

  • - Test different build machines with diffoci
  • - Verify Buildkit on CI

Motivation for the change:
Closes apache/incubator-kie-issues#830

Checklist

  • Add or Modify a unit test for your change
  • Have you verified that tall the tests are passing?
How to backport a pull request to a different branch?

In order to automatically create a backporting pull request please add one or more labels having the following format backport-<branch-name>, where <branch-name> is the name of the branch where the pull request must be backported to (e.g., backport-7.67.x to backport the original PR to the 7.67.x branch).

NOTE: backporting is an action aiming to move a change (usually a commit) from a branch (usually the main one) to another one, which is generally referring to a still maintained release branch. Keeping it simple: it is about to move a specific change or a set of them from one branch to another.

Once the original pull request is successfully merged, the automated action will create one backporting pull request per each label (with the previous format) that has been added.

If something goes wrong, the author will be notified and at this point a manual backporting is needed.

NOTE: this automated backporting is triggered whenever a pull request on main branch is labeled or closed, but both conditions must be satisfied to get the new PR created.

@ederign
Copy link
Member

ederign commented Jan 17, 2024

docker pull quay.io/ederignatowicz/kogito-serverless-operator-nightly

@ricardozanini
Copy link
Member Author

ricardozanini commented Jan 18, 2024
edited
Loading

I was able to produce semantically equal images:

diffoci diff --platform=linux/amd64  quay.io/ricardozanini/kogito-serverless-operator-nightly:latest quay.io/wmedvede/sonataflow-operator:latest
INFO[0000] Target platforms: [linux/amd64]
TYPE    NAME                                                    INPUT-0                                                             INPUT-1
Desc    application/vnd.docker.distribution.manifest.v2+json    508a8efd643809f806504af28e100f610c0abf984cb6cdcc8f4f1bea14125ea8    d8d59be7f2b6dcb47a6be94bb0038eeaf026ad977e7180eecff70ba46b87a18b
Mani    ctx:/manifest                                           ?                                                                   ?
Desc    application/vnd.docker.container.image.v1+json          66cdb1cce69f54c83abd88ea5b4cc2f5bc2734672955ce8d04e91a47d0c54cd5    2d2196b3af3a0ecd7002754e297328f12f511fcf35ccdb86236e51d0c2cd4385
Cfg     ctx:/config/config                                      ?                                                                   ?
Desc    application/vnd.docker.image.rootfs.diff.tar.gzip       b4d49c25d2f03e2063f369c203ec7abef0192c7ac2ca1f71aca5419d6f43ef4f    67776c3576648a89a6840fb791af3e1f8d6037cdc84691122c04ea5ee610993a
File    usr/local/bin/                                          2024-01-17 17:16:21 -0300 -03                                       2024-01-18 10:53:37 -0300 -03
File    usr/local/bin/manager                                   2024-01-17 16:55:46 -0300 -03                                       2024-01-18 10:53:37 -0300 -03

The diffs are:

  • Docker manifests since they were build on different systems. Same systems, should produce the same result. I'm waiting for a friend to test on their end.
  • The operator's file timestamp. That we can force during the build, I'm gonna try a few things.

@ricardozanini
Formatting issues
af87eb4 
Signed-off-by: Ricardo Zanini <[email protected]>
@ricardozanini ricardozanini marked this pull request as ready for review January 18, 2024 17:12
porcelli
porcelli approved these changes Jan 18, 2024
View reviewed changes
Copy link
Contributor

@porcelli porcelli left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thank you @ricardozanini!

@ricardozanini
Copy link
Member Author

@porcelli the timestamp workaround is not working. The images are semantically equal per diffoci, but the timestamp still differs. I'll take a look tomorrow.

But, I think we should touch IPMC about this. How do we guarantee the images are reproducible? Is the diffoci output enough to validate? I need a benchmark. Can you ask around?

@ricardozanini
Copy link
Member Author

Guys, the images are identical now:

➜  ~ docker run --entrypoint /bin/bash --rm -it quay.io/kiegroup/kogito-serverless-operator-nightly:latest
bash-5.1$ ls -la manager
-rwxr-xr-x 1 root root 69959642 Jan 19 12:48 manager
bash-5.1$ ^C
bash-5.1$
exit
➜  ~ docker run --entrypoint /bin/bash --rm -it quay.io/wmedvede/kogito-serverless-operator-nightly:latest
bash-5.1$ ls -la manager
-rwxr-xr-x 1 root root 69959642 Jan 19 12:48 manager
bash-5.1$

Merging!

@ricardozanini
Fixing env var typo
49f2eaa 
Signed-off-by: Ricardo Zanini <[email protected]>
@ricardozanini ricardozanini merged commit cf2509a into apache:main Jan 19, 2024
7 checks passed
@ricardozanini ricardozanini deleted the issue-830 branch January 19, 2024 17:31
@ricardozanini ricardozanini mentioned this pull request Jan 23, 2024
Merged
rgdoliveira pushed a commit to rgdoliveira/kogito-serverless-operator that referenced this pull request Jan 29, 2024
@ricardozanini @rgdoliveira
[KIE-830] Make SonataFlow Operator build reproducible (apache#357)
4d5a81d 
* [KIE-830] Make SonataFlow Operator build reproducible

Signed-off-by: Ricardo Zanini <[email protected]>

* Add minor version to image.yaml

Signed-off-by: Ricardo Zanini <[email protected]>

* Force git date to the build files

Signed-off-by: Ricardo Zanini <[email protected]>

* Formatting issues

Signed-off-by: Ricardo Zanini <[email protected]>

* Use ubi9, add kind_version to e2e, fix ts on manager file

Signed-off-by: Ricardo Zanini <[email protected]>

* Fixing env var typo

Signed-off-by: Ricardo Zanini <[email protected]>

---------

Signed-off-by: Ricardo Zanini <[email protected]>
rgdoliveira pushed a commit to rgdoliveira/kogito-serverless-operator that referenced this pull request Jan 29, 2024
@ricardozanini @rgdoliveira
[KIE-830] Make SonataFlow Operator build reproducible (apache#357)
1691e2f 
* [KIE-830] Make SonataFlow Operator build reproducible

Signed-off-by: Ricardo Zanini <[email protected]>

* Add minor version to image.yaml

Signed-off-by: Ricardo Zanini <[email protected]>

* Force git date to the build files

Signed-off-by: Ricardo Zanini <[email protected]>

* Formatting issues

Signed-off-by: Ricardo Zanini <[email protected]>

* Use ubi9, add kind_version to e2e, fix ts on manager file

Signed-off-by: Ricardo Zanini <[email protected]>

* Fixing env var typo

Signed-off-by: Ricardo Zanini <[email protected]>

---------

Signed-off-by: Ricardo Zanini <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jordigilh jordigilh jordigilh left review comments

@porcelli porcelli porcelli approved these changes

@wmedvede wmedvede wmedvede approved these changes

@domhanak domhanak Awaiting requested review from domhanak

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Make Operators (SonataFlow/Kogito) and Kogito Images build reproducible
5 participants
@ricardozanini @ederign @porcelli @wmedvede @jordigilh