Skip to content

[DX-2749] don't use mutable tags for Chip images in the local CRE #21010

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
Tofel merged 5 commits into from
Feb 4, 2026
Merged

[DX-2749] don't use mutable tags for Chip images in the local CRE #21010

Tofel merged 5 commits into from
Feb 4, 2026
+289 −32

Conversation

@Tofel
Copy link
Contributor

@Tofel Tofel commented Feb 3, 2026
edited
Loading

Summary
This PR fixes a versioning issue with Beholder Docker images (chip-ingress, chip-config) by replacing mutable local-cre tags with immutable commit-based tags. This prevents hard-to-debug issues caused by version mismatches when images are built from source or pulled images are removed.

Problem
Previously, images used a mutable local-cre tag that could point to any version. There was no way to verify if the locally available image matched what was defined in setup.toml, causing subtle bugs when:

  • Images were built from different commits
  • Pulled images were removed and re-pulled
  • Multiple developers had different local versions

Solution
Commit-based image tags: Images now use commit hashes as tags (e.g., chip-ingress:da84cb72d3a160e02896247d46ab4b9806ebee2f)
Auto-build/pull on beholder start: When starting Beholder, the system checks if required images exist with correct versions:

  • CI (CI=true): Skips checks (docker-compose pulls at runtime)
  • Non-interactive + AWS_ECR set: Auto-pulls from ECR
  • Non-interactive without AWS_ECR: Fails with helpful instructions
  • Interactive terminal: Builds from source, offers to pull if build fails
    Environment variables for docker-compose: Sets CHIP_INGRESS_IMAGE and CHIP_CONFIG_IMAGE env vars for docker-compose to use

Changes

  • configs/setup.toml: Use commit-based tags instead of local-cre
  • environment/setup.go: Export config types for shared use
  • environment/beholder.go: Add image verification, auto-build/pull logic
  • README.md: Document new image handling behavior

@Tofel
don't use mutable tags for Chip images in the local CRE, check if exp…
c225149 
…ected images exist before starting ChIP stack
@github-actions
Copy link
Contributor

github-actions bot commented Feb 3, 2026

I see you updated files related to core. Please run pnpm changeset in the root directory to add a changeset as well as in the text include at least one of the following tags:

  • #added For any new functionality added.
  • #breaking_change For any functionality that requires manual action for the node to boot.
  • #bugfix For bug fixes.
  • #changed For any change to the existing functionality.
  • #db_update For any feature that introduces updates to database schema.
  • #deprecation_notice For any upcoming deprecation functionality.
  • #internal For changesets that need to be excluded from the final changelog.
  • #nops For any feature that is NOP facing and needs to be in the official Release Notes for the release.
  • #removed For any functionality/config that is removed.
  • #updated For any functionality that is updated.
  • #wip For any change that is not ready yet and external communication about it should be held off till it is feature complete.

@trunk-io
Copy link

trunk-io bot commented Feb 3, 2026
edited
Loading

Static BadgeStatic BadgeStatic BadgeStatic Badge

View Full Report ↗︎Docs

@cl-sonarqube-production
Copy link

cl-sonarqube-production bot commented Feb 4, 2026

Quality Gate passed Quality Gate passed

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarQube

@Tofel Tofel marked this pull request as ready for review February 4, 2026 13:39
@Tofel Tofel requested review from a team as code owners February 4, 2026 13:39
Copilot AI review requested due to automatic review settings February 4, 2026 13:39
Copilot AI reviewed Feb 4, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR updates the Docker image configuration for ChIP (Chip Ingress and Chip Config) services in the local CRE environment by replacing mutable tags (local-cre) with immutable commit-based tags. It also adds pre-startup validation to ensure required images exist before starting the ChIP stack.

Changes:

  • Replace mutable local-cre image tags with commit hash-based tags for chip-ingress and chip-config
  • Add image existence validation before starting Beholder/ChIP stack with auto-build/pull capabilities
  • Export configuration types and ReadSetupConfig function to enable image validation

Reviewed changes

Copilot reviewed 7 out of 8 changed files in this pull request and generated no comments.

Show a summary per file
File Description
system-tests/tests/test-helpers/t_helpers.go Remove extraneous blank line
core/scripts/go.mod Bump dockercompose dependency version
core/scripts/cre/environment/environment/setup.go Export configuration types and ReadSetupConfig function, add documentation
core/scripts/cre/environment/environment/environment.go Update function call to use exported ReadSetupConfig
core/scripts/cre/environment/environment/beholder.go Add image validation logic with auto-build/pull fallback and environment variable configuration
core/scripts/cre/environment/configs/setup.toml Replace mutable tags with commit-specific tags for chip images
core/scripts/cre/environment/README.md Update documentation to reflect new image versioning approach and requirements

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@Tofel Tofel requested a review from mchain0 February 4, 2026 13:42
@Tofel Tofel enabled auto-merge February 4, 2026 15:22
@Tofel Tofel added this pull request to the merge queue Feb 4, 2026
Merged via the queue into develop with commit 13a0c37 Feb 4, 2026
223 checks passed
@Tofel Tofel deleted the dx-2749-gut-chip-images-check branch February 4, 2026 17:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@chudilka1 chudilka1 chudilka1 approved these changes

@mchain0 mchain0 mchain0 approved these changes

@makramkd makramkd Awaiting requested review from makramkd

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@Tofel @chudilka1 @mchain0