Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OCIStorage: bundles still created as k8s-resources ? #3359

Open
strowi opened this issue Feb 15, 2025 · 4 comments
Open

OCIStorage: bundles still created as k8s-resources ? #3359

strowi opened this issue Feb 15, 2025 · 4 comments
Labels
kind/question

Comments

@strowi
Copy link

strowi commented Feb 15, 2025
edited
Loading

Hi,

i started testing the OCIStorage experimental feature. I added this to the gitRepo:

  ociRegistry:
    authSecretName: oci-secret
    basicHTTP: true
    reference: core.harbor.x.y/fleet-oci-storage

And on deleting all bundles in the gitRepo i can see blobs popping up in the registry. So far so good, but parallel i still see the bundles being generated inside the fleet-default-namespace (using rancher-2.10.2 with fleet-0.11.3 ). Eg the rancher-monitoring bundle still takes ~1,2MB in etcd and the resources are listed:

  resources:
  - content: bas64content
    encoding: base64+gz
    name: chart/CHANGELOG.md
  - content: bas64content
    encoding: base64+gz
    name: chart/CONTRIBUTING.md

It was my understanding that this is either OCIStorage OR k8s-resource? Am i wrong or is this just not implemented yet?
@rancherbot rancherbot added this to Fleet Feb 15, 2025
@github-project-automation github-project-automation bot moved this to 🆕 New in Fleet Feb 15, 2025
@0xavi0
Copy link
Contributor

0xavi0 commented Feb 24, 2025
edited
Loading

Hi, thanks for reporting this.

Resources are still listed as a reference for the UI, but should not include the real content.
Fleet creates a Content resource (not namespaced) with the real contents of the Bundle.
The name of the resource is the same name you see in the OCI storage blobs, (it's basically a hash with a s- prefix).

That Content resource should not be created when using OCI storage.

@manno
Copy link
Member

manno commented Feb 24, 2025

The status.resources are always updated for the UI. However the spec.resources should be empty.
I think there is a bug in the code (https://github.com/rancher/fleet/blob/main/internal/cmd/cli/apply/apply.go#L283), that leads to OCI blobs not being updated and only removing the resource list when the bundle is initially created.

saveOCIBundle should be called on update, too.

@manno manno mentioned this issue Feb 24, 2025
Open
@strowi
Copy link
Author

strowi commented Feb 24, 2025
edited
Loading

Oh sorry, the spec: got cut off during c&p. This is actually under spec.resources where i can see each single file of the eg. helmchart listed with name and content:

spec:
  resources:
  - content: |
      apiVersion: v2
      appVersion: v0.25.0
      description: Prometheus Blackbox Exporter
      home: https://github.com/prometheus/blackbox_exporter
      ...
    name: .chart/e635246b45a153c3a468a3216ce77a224fe256d56580060b0c9523cdc51b382d/prometheus-blackbox-exporter/Chart.yaml
...

Under status i only see the resources listed:

status:
...
  - apiVersion: v1
    kind: ServiceAccount
    name: blackbox-exporter-prometheus-blackbox-exporter
    namespace: blackbox-exporter

I wasn't sure if this is due to it being EXPERIMENTAL (and writing both just in case) or actually a bug.

@0xavi0
Copy link
Contributor

0xavi0 commented Feb 24, 2025

If it's in the spec then sounds like a bug :)

We will triage and schedule for being fixed.

Thanks!!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/question
Projects
Fleet
Status: 🆕 New
Milestone
No milestone
Development

No branches or pull requests
4 participants
@kkaempf @manno @strowi @0xavi0