Merge pull request containers#294 from cevich/replace_clobbered_ec2_i…

…mport_image Replace clobbered ec2 import image
Luap99 · Aug 16, 2023 · 0ac55b6 · 0ac55b6
2 parents dcc416c + ec0c7b6
commit 0ac55b6
Show file tree

Hide file tree

Showing 6 changed files with 47 additions and 5 deletions.
diff --git a/.cirrus.yml b/.cirrus.yml
@@ -328,7 +328,7 @@ test_imgts_task: &imgts
             fedora-aws-i${IMPORT_IMG_SFX}
             fedora-aws-b${IMG_SFX}
             fedora-aws-c${IMG_SFX}
-            fedora-aws-arm64-i${IMG_SFX}
+            fedora-aws-arm64-i${IMPORT_IMG_SFX}
             fedora-aws-arm64-b${IMG_SFX}
             fedora-podman-aws-arm64-c${IMG_SFX}
             fedora-netavark-aws-arm64-c${IMG_SFX}

diff --git a/IMG_SFX b/IMG_SFX
@@ -1 +1 @@
-20230815t160849z-f38f37d13
+20230816t191118z-f38f37d13
diff --git a/IMPORT_IMG_SFX b/IMPORT_IMG_SFX
@@ -1 +1 @@
-20230613t155237z-f38f37d13
+20230816t191121z-f38f37d13
diff --git a/cache_images/build-push_packaging.sh b/cache_images/build-push_packaging.sh
@@ -27,6 +27,7 @@ INSTALL_PACKAGES=(\
     git
     jq
     podman
+    python3-pip
     qemu-user-static
     skopeo
 )
@@ -45,3 +46,6 @@ cd $REPO_DIRPATH/build-push
 set -x
 # Do not auto-update to allow testing inside a PR
 $SUDO env BUILDPUSHAUTOUPDATED=1 bash ./.install.sh
+
+# Install wait-for-copr
+$SUDO pip3 install git+https://github.com/packit/wait-for-copr.git@main
diff --git a/imgobsolete/entrypoint.sh b/imgobsolete/entrypoint.sh
@@ -11,7 +11,7 @@ set -eo pipefail
 # shellcheck source=imgts/lib_entrypoint.sh
 source /usr/local/bin/lib_entrypoint.sh
 
-req_env_vars GCPJSON GCPNAME GCPPROJECT AWSINI
+req_env_vars GCPJSON GCPNAME GCPPROJECT AWSINI IMG_SFX IMPORT_IMG_SFX
 
 gcloud_init
 
@@ -54,6 +54,14 @@ $GCLOUD compute images list --format="$FORMAT" --filter="$FILTER" | \
             continue
         fi
 
+        # Any image matching the currently in-use IMG_SFX must always be preserved
+        # Value is defined in cirrus.yml
+        # shellcheck disable=SC2154
+        if [[ "$name" =~ $IMG_SFX ]]; then
+            msg "Retaining current (latest) image $name | $labels"
+            continue
+        fi
+
         # No label was set
         if [[ -z "$last_used" ]]
         then # image lacks any tracking labels
@@ -151,6 +159,14 @@ for (( i=nr_amis ; i ; i-- )); do
         continue
     fi
 
+    # Any image matching the currently in-use IMG_SFX or IMPORT_IMG_SFX
+    # must always be preserved.  Values are defined in cirrus.yml
+    # shellcheck disable=SC2154
+    if [[ "$name" =~ $IMG_SFX ]] || [[ "$name" =~ $IMPORT_IMG_SFX ]]; then
+        msg "Retaining current (latest) image $name | $tags"
+        continue
+    fi
+
     # For IAM (security) policy, an "automation" tag is always required
     if [[ -z "$automation" ]]
     then

diff --git a/imgprune/entrypoint.sh b/imgprune/entrypoint.sh
@@ -11,7 +11,7 @@ set -e
 # shellcheck source=imgts/lib_entrypoint.sh
 source /usr/local/bin/lib_entrypoint.sh
 
-req_env_vars GCPJSON GCPNAME GCPPROJECT AWSINI
+req_env_vars GCPJSON GCPNAME GCPPROJECT AWSINI IMG_SFX IMPORT_IMG_SFX
 
 gcloud_init
 
@@ -44,6 +44,15 @@ $GCLOUD compute images list --show-deprecated \
             die 1 "Refusing to delete a deprecated image labeled permanent=true.  Please use gcloud utility to set image active, then research the cause of deprecation."
         [[ "$dep_state" == "OBSOLETE" ]] || \
             die 1 "Unexpected depreciation-state encountered for $name: $dep_state; labels: $labels"
+
+        # Any image matching the currently in-use IMG_SFX must always be preserved.
+        # Values are defined in cirrus.yml
+        # shellcheck disable=SC2154
+        if [[ "$name" =~ $IMG_SFX ]] || [[ "$name" =~ $IMPORT_IMG_SFX ]]; then
+            msg "    Skipping current (latest) image $name"
+            continue
+        fi
+
         reason="Obsolete as of $del_date; labels: $labels"
         echo "GCP $name $reason" >> $TODELETE
     done
@@ -77,6 +86,19 @@ for (( i=nr_amis ; i ; i-- )); do
         continue
     fi
 
+    unset name
+    if ! name=$(get_tag_value "Name" "$ami"); then
+        warn 0 "    EC2 AMI ID '$ami_id' is missing a 'Name' tag"
+    fi
+
+    # Any image matching the currently in-use IMG_SFX or IMPORT_IMG_SFX
+    # must always be preserved.
+    if [[ "$name" =~ $IMG_SFX ]] || [[ "$name" =~ $IMPORT_IMG_SFX ]]; then
+        warn 0 "    Retaining current (latest) image $name id $ami_id"
+        $AWS ec2 disable-image-deprecation --image-id "$ami_id" > /dev/null
+        continue
+    fi
+
     if [[ $(echo -e "$ABOUTNOW\n$dep_ymd" | sort | tail -1) == "$ABOUTNOW" ]]; then
       reason="Obsolete as of '$dep_ymd'; snap=$snap"
       echo "EC2 $ami_id $reason" >> $TODELETE
Original file line number	Diff line number	Diff line change
		@@ -1 +1 @@
		20230815t160849z-f38f37d13
		20230816t191118z-f38f37d13
Original file line number	Diff line number	Diff line change
		@@ -1 +1 @@
		20230613t155237z-f38f37d13
		20230816t191121z-f38f37d13