Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

October 14th, 2024 Community Meeting #246

Open
qu1queee opened this issue Sep 26, 2024 · 4 comments
Open

October 14th, 2024 Community Meeting #246

qu1queee opened this issue Sep 26, 2024 · 4 comments

Comments

@qu1queee
Copy link
Contributor

  • Please add a topic in this thread and add a link to the GitHub issue associated with the topic.
  • Please make sure you give folks enough time to review/discuss the topic offline on GitHub before coming into the meeting
  • (optional) Paste the image of an animal 😸
@qu1queee
Copy link
Contributor Author

  • Andrea Frittoli will give a session about CD Events.

@apoorvajagtap
Copy link
Member

How does buildah buildStrategy ensure that the buildah bud command has required creds to pull an image from a private registry?
My build using buildah strategy fails when the Dockerfile references the base image from a private registry.

@SaschaSchwarze0
Copy link
Member

SaschaSchwarze0 commented Oct 14, 2024

How does buildah buildStrategy ensure that the buildah bud command has required creds to pull an image from a private registry? My build using buildah strategy fails when the Dockerfile references the base image from a private registry.

+1 also wanted to bring up this topic, mainly in the context of DockerHub reducing rate limits for anonymous pulls again from 100 pulls per six hours per IP to 10 pulls per one hour per IP.

Today's Shipwright answer is that your image push secret must contain all secrets. Tools like https://github.com/src2img/k8s-dockerconfig-secrets-merge can help you to build such a secret.

Question is: do we want to add some capability in the first place or - given it mainly affects Dockerfile strategies (maybe also ko if you use a base image that is private and not in the same registry as the output image) - improve the build strategies with an optional additional volume for an additional secret?

@qu1queee
Copy link
Contributor Author

Meeting minutes:

  • Andrea Frittoli provided us a session about CD Events. From an overall perspective, to their latest features in the release 0.4 . You can find the slides in here. Per the Q&A:

    • is there standardization on how to configure a tool for which CD Events endpoint to use?
    • Go SDK has evolved a lot!
    • How does the CD Events endpoint can authenticate trusted events?
    • How does the linked events work? ( also know as connected events )
    • Can you tell us more about CNOE and what is CD Events doing there.
  • From @apoorvajagtap and @SaschaSchwarze0 . Authentication for the FROM images of a Dockerfile is currently not natively supported (although workarounds exist). We need to reconsider where we are here and come with a proposal if we want to support this. An issue exists Cannot specify registry credentials for build step build#838 .

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
Status: No status
Development

No branches or pull requests

3 participants