Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Go back to latest payloads after release #377

Merged
merged 3 commits into from
May 17, 2024
Merged

Go back to latest payloads after release #377

merged 3 commits into from
May 17, 2024

Conversation

fitzthum
Copy link
Member

@fitzthum fitzthum commented May 3, 2024

The release is done, so let's go back to the upstream bundles for enclave-cc, kata, and reqs-deploy

@fitzthum fitzthum mentioned this pull request May 3, 2024
Merged
ldoktor
ldoktor reviewed May 14, 2024
View reviewed changes
Copy link
Contributor

@ldoktor ldoktor left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hello @fitzthum, wouldn't it be clearer to use git revert as you are effectively reverting the 9d14530 f36b294 and actually even aa27060 ? I think doing so would be a nice practice in the future.

@fitzthum
Copy link
Member Author

Hello @fitzthum, wouldn't it be clearer to use git revert as you are effectively reverting the 9d14530 f36b294 and actually even aa27060 ? I think doing so would be a nice practice in the future.

I was thinking about this, but it seemed weird to revert the fairly old change for enclave-cc (we forgot to update those on the last release). I don't really have a preference either way. You might want to comment on confidential-containers/confidential-containers#210 where we are fixing up the release checklist for next time. I think we will probably start using a script to make these changes in the future as well.

wainersm
wainersm approved these changes May 15, 2024
View reviewed changes
Copy link
Member

@wainersm wainersm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I also liked the git revert idea. Maybe next release we can update the files so that it's git revert-able.

fidencio
fidencio requested changes May 17, 2024
View reviewed changes
Copy link
Member

@fidencio fidencio left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@fitzthum, the PR itself is not wrong, but it'll need a follow-up commit (as part of the very same PR).

Once we revert to use the latest from kata-containers, Operator jobs will break, as on the Kata Containers side a change was made but not reflected here, and it's my fault, see:

That mount has to be propagated here:

  • operator/config/samples/ccruntime/base/ccruntime.yaml

    Lines 18 to 43 in 0e8b344

    installerVolumeMounts:
    - mountPath: /etc/crio/
    name: crio-conf
    - mountPath: /etc/containerd/
    name: containerd-conf
    - mountPath: /opt/kata/
    name: kata-artifacts
    - mountPath: /usr/local/bin/
    name: local-bin
    installerVolumes:
    - hostPath:
    path: /etc/crio/
    type: ""
    name: crio-conf
    - hostPath:
    path: /etc/containerd/
    type: ""
    name: containerd-conf
    - hostPath:
    path: /opt/kata/
    type: DirectoryOrCreate
    name: kata-artifacts
    - hostPath:
    path: /usr/local/bin/
    type: ""
    name: local-bin

Thanks, and let me know if you face any issue updating the file.

@fitzthum
enclave-cc: use latest payloads
eaa262a 
Since the release is done, move back to the latest payloads
for enclave-cc and the reqs bundle.

Signed-off-by: Tobin Feldman-Fitzthum <tobin@ibm.com>
@fitzthum
config: update kata payloads to latest
1fd43b0 
Since the release is done, point the Kata payloads
back to the latest upstream bundles.

Signed-off-by: Tobin Feldman-Fitzthum <tobin@ibm.com>
@fitzthum
ccruntime: add host mount
f9beae4 
kata-deploy now expects to access the host through /host.
Update the ccruntime yaml to add this mount point.

Signed-off-by: Tobin Feldman-Fitzthum <tobin@ibm.com>
@fitzthum
Copy link
Member Author

Added the host mount.

I don't want this PR to become a catch-all for changes we pick up from Kata. Ideally it should be merged immediately after the release.

@fidencio
Copy link
Member

I don't want this PR to become a catch-all for changes we pick up from Kata. Ideally it should be merged immediately after the release.

I agree, but if the tests were not passing, we fix the minimum enough to get the CI green (which is the case at this point).

fidencio
fidencio approved these changes May 17, 2024
View reviewed changes
Copy link
Member

@fidencio fidencio left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm, thanks @fitzthum!

@fidencio fidencio merged commit 5a92d1a into confidential-containers:main May 17, 2024
10 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ldoktor ldoktor ldoktor left review comments

@fidencio fidencio fidencio approved these changes

@wainersm wainersm wainersm approved these changes

Assignees
No one assigned
Labels
ok-to-test
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@fitzthum @fidencio @ldoktor @wainersm