Skip to content

labels, yaks and rabbit hole

Benjamin Tissoires requested to merge bentiss/ci-templates:wip/labels into master

I wanted to send a small MR, and it turned out to be massive as I was shaving the yak.

CC: @anholt, @daniels, @daenzer, @whot as there are a few API breaks.

The primary objective of this was to add labels to images to provide information to the garbage collector we run on the runner to not remove some images.

For example, we can now tag registry.freedesktop.org/freedesktop/ci-templates/buildah:2020-03-11 with fdo.upstream-repo=freedesktop/ci-templates, and the garbage collector can make the decision to keep the image given that there is a high chance it will get pulled soon-ish.

This should be useful for mesa and gstreamer where we spend a lot of bandwidth re-downloading the same images because our garbage collector is too dumb to realize that.

I also copied the quay.io custom label quay.expires_after: when you set this label to an image, the registry will clean up the image based on this condition (comparing the tag creation and the content of this label). This should help for 2 things:

  • the garbage collector in the runner will now know that some images can be thrown away without having to wait for the grace period
  • we can imagine a gitlab registry garbage collector that will run on every repo here, and apply the rules properly (one can always dream).

To show off, here is the result:

> docker inspect --format='{{json .Config.Labels}}' registry.freedesktop.org/bentiss/ci-templates/fedora/ci_templates_test_upstream:fdo-ci-119179
{"fdo.expires-after":"1h","maintainer":"Clement Verna \u003ccverna@fedoraproject.org\u003e"}

> docker inspect --format='{{json .Config.Labels}}' registry.freedesktop.org/bentiss/ci-templates/buildah:2020-03-11
{"fdo.upstream-repo":"freedesktop/ci-templates","maintainer":"Clement Verna \u003ccverna@fedoraproject.org\u003e"}

While on this, I realized the following (with some help from @whot here and there):

  • the bootstrap stage could actually re-use the templates themselves if we get rid of the before_script we heavily use in those templates.

This relaxes a little bit the constraints on the user, and we can now have jobs that redefine the before_script. This allows the bootstrap stage to also add the image labels without doing anything special for it.

  • to remove that before_script, I had to introduce a variable to say whether or not we want to use the (previously) ifnot-exists script. And it turns out that we might as well remove those 2 templates entirely and solely provide the distro-container-build template, and let the users decide if they want to force the rebuild by setting FDO_FORCE_REBUILD

This is an API break, as .fdo.container-ifnot-exists gets replaced by .fdo.container-build. In the long run, I think we do not want to keep a compatibility job as there is no way to notify users that the .fdo.container-ifnot-exists is deprecated.

  • the FDO_REPO_SUFFIX was weird: why were we prepending the distribution in the first place? So I stripped that one, and I hope that mesa will happily pull from mesa/mesa/x86_build instead of mesa/mesa/debian/x86_build.

This was also required to have the bootstrap script using the templates themselves

  • oh, and the internal CI was not using .fdo.distribution_image@, that helped a lot not having to deal with the image renaming (hint for the user of ci-templates: use this!)

  • last, I moved all of the distro-ci.yaml files into .gitlab-ci/, this makes things cleaner

Merge request reports