Conversation
|
I just tested this locally, since I build local ARM versions I'd have to remember to add |
|
No, that's going to add too much complexity IMO. I'll have to do:
|
JamieMagee
force-pushed
the
jamiemagee/always-pull-container-image
branch
4 times, most recently
from
fd5ce42 to
603cbbe
Compare
JamieMagee
changed the title
|
I've updated this PR to compare digests first, instead of just blindly pulling the latest container. |
|
Smoke test failures appear to be unrelated to my changes. |
JamieMagee
force-pushed
the
jamiemagee/always-pull-container-image
branch
from
92da610 to
151fa1d
Compare
|
With the timestamp check this breaks my local workflow unless I add $ cd dependabot-core
$ script/build go_modulesSometimes this is just main, but also I'll make modifications locally to help debug. Then I'll run I'm thinking a better approach would be to first see if a local image is custom by asking the registry if it has that SHA. If an image with that SHA doesn't exist, then don't automatically pull. If it has seen it that would indicate it's ok to pull the latest. I do like this idea as a feature as we've seen folks confused that they need to update their local images occasionally. |
JamieMagee
force-pushed
the
jamiemagee/always-pull-container-image
branch
from
151fa1d to
cee6cc8
Compare
JamieMagee
force-pushed
the
jamiemagee/always-pull-container-image
branch
from
cee6cc8 to
699a63b
Compare
|
@jakecoffman I think I've addressed your concerns. The CLI will now check to see if the digest exists remotely. If yes, it will proceed to check if the digest is the latest for the current tag. If no, it will continue with the local digest and avoid the remote registry check. |
jakecoffman
left a comment
jakecoffman
left a comment
There was a problem hiding this comment.
Works for me locally!
It would be great to get some functional testing around this, like as in https://github.com/dependabot/cli/blob/c7aa6e76d4cec5d49e9494299cd052104e1306d0/testdata/scripts/timeout.txt#L25-L24
But we can move forward with this since it will improve some things on your side.
2 participants
This change adds an additional step to the
pullImagefunction to query the relevant container registry and find the current digest for the tag we specify. We then compare it with the digest of the image we have locally. If they don't match, we attempt to pull the image.