-
Notifications
You must be signed in to change notification settings - Fork 43
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Implement image builder database maintenance (HMS-4244) #1402
Implement image builder database maintenance (HMS-4244) #1402
Conversation
8e097b5
to
12c937d
Compare
Codecov ReportAttention: Patch coverage is
|
12c937d
to
0e26d6e
Compare
6af80e6
to
dc5cafe
Compare
Note: failed |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks great. The only concern I have is why this is a separate image, but this could be app-sre requirement, no issues.
@lzap |
Refactoring this into a separate repo or somehow sharing code with composer was considered but discarded for less effort. |
e5de212
to
e75755c
Compare
Konflux failure seems to be related to the current rhsm outage… (and it's not a required check here) |
/retest |
1 similar comment
/retest |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Couple of logging/transactional improvements could be done, but nothing big. I mean, there are not too many records, are there? :-)
6ffb370
to
326712c
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Quick drive-by: when switching to "cleanenv", please split the commit that changes our code and the part that adds the vendoring to the repo (i.e. two commits, one with vendored stuff, one with switching the code to use it)
Also do we actually need to put the vendored deps into the git repo? We removed all vendoring from "images" because it is not packaged, maybe we could look into doing the same here?
I can split it, although that actually results in a somewhat inconsistent commit (as it has dependencies no one needs, only one commit later) 🤔
Don't know - we can follow up on this, vendoring makes things strange for sure 👌 |
eb6caf2
to
ef9f5b7
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Perfect.
e07fe65
to
7dce7d5
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you!
In addition to the comments, could you also clean up the commit messages a bit?
The body of the commit should be full sentences ( so capital letters & periods). There are also some spelling errors (depentent -> dependent, our selfs -> ourselves). And there's a trailing s
in the distribution/Dockerfile-ubi-maintenance: fix entrypoint
commit.
I don't think there's any really good reason at this point time. We can remove them in image builder, a separate PR though. |
[..]
Quick drive-by (as I was tagged): maybe also worth squashing a few commits |
This was on purpose to be able to follow along the comments easier, but I'll squash some. |
83b2fb2
to
d7185ec
Compare
d7185ec
to
6297665
Compare
Will be used in more database tests like the image-builder-maintenance.
image-builder-maintenance for now runs vacuum and cleans all composes older than 2 years (by default). To remove customer related data according to the retention policy. As this is not really urgent, it's scheduled once a week on Tuesdays to avoid problems on weekends. Also introduces a github action test if the container can still be built.
This avoids problems with snyk code checker. The password is set in the environment anyway, so this is not needed here.
This touches also other code, due to dependent functions.
The time is just a first starting point. Two hours should be sufficient.
Graceful shutdown on SIGTERM and SIGINT, even when currently executing SQL statements.
Clones are implicitly deleted by `ON DELETE CASCADE`.
Adds the `image-builder-maintenance` binary to the existing container `quay.io/cloudservices/image-builder`, to avoid duplicating all the necessary build jobs.
02b4375
to
1722b09
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm!
This implements the retention policy requested in https://issues.redhat.com/browse/HMS-4244
image-builder-maintenance for now runs vacuum
and cleans all composes older than 2 years (by default)
to remove customer related data according to the
retention policy
As this is not really urgent, it's scheduled once
a week on Tuesdays to avoid problems on weekends
…should be merged after #1398
Note: this implementation is almost a copy of https://github.com/osbuild/osbuild-composer/tree/main/cmd/osbuild-service-maintenance to stick to the same mechanism