There are global docker settings in Jenkins that apply to that similar to
the GitHub credentials. Or they could be provided as credentials in
general. Personally, I’d lean toward an over engineered solution like
Vault, but that’s out of scope I think.
On Mon, Nov 2, 2020 at 15:16 Joan Touzet
Hey Gavin,
To avoid the rate limiting, this means that we need to bake CI
credentials into jobs for accounts inside of the apache org. Those
credentials need to be used for all `docker pull` commands.
How can we do this in a way that complies with ASF Infra policy?
Thanks,
Joan "the battle
> On Oct 29, 2020, at 8:37 AM, Allen Wittenauer
> wrote:
>
>
>
>> On Oct 28, 2020, at 11:57 PM, Chris Lambertus wrote:
>>
>> Infra would LOVE a smarter way to clean the cache. We have to use a heavy
>> hammer because there are 300+ projects that want a piece of it, and who
>> don’t
Hi All,
Any project under the 'apache' org on DockerHub are not affected by the
restrictions.
Kind Regards
Gavin "The futures so bright you gotta wear shades" McDonald
On Thu, Oct 29, 2020 at 11:08 PM Gavin McDonald
wrote:
> Hi ,
>
> Just to note I have emailed DockerHub, asking for
Hi ,
Just to note I have emailed DockerHub, asking for clarification on our
account and what our benefits are.
On Thu, Oct 29, 2020 at 6:34 PM Allen Wittenauer
wrote:
>
> > On Oct 29, 2020, at 9:21 AM, Joan Touzet wrote:
> >
> > (Sidebar about the script's details)
>
> Sure.
>
> > I
> On Oct 29, 2020, at 9:21 AM, Joan Touzet wrote:
>
> (Sidebar about the script's details)
Sure.
> I tried to read the shell script, but I'm not in the headspace to fully parse
> it at the moment. If I'm understanding correctly, this will still catch
> CouchDB's CI docker images if
On 2020-10-29 11:37 a.m., Allen Wittenauer wrote:
On Oct 28, 2020, at 11:57 PM, Chris Lambertus wrote:
Infra would LOVE a smarter way to clean the cache. We have to use a heavy
hammer because there are 300+ projects that want a piece of it, and who don’t
clean up.. We are not build
> On Oct 28, 2020, at 11:57 PM, Chris Lambertus wrote:
>
> Infra would LOVE a smarter way to clean the cache. We have to use a heavy
> hammer because there are 300+ projects that want a piece of it, and who don’t
> clean up.. We are not build engineers, so we rely on the community to advise
Just my 2c,
GitHub team is working with DockerHub, and GitHub-based runners won't be
affected by DockerHub limits.
Of course, Travis-based CI jobs and ASF-based CI jobs might still be
affected.
See
https://github.com/actions/virtual-environments/issues/1445#issuecomment-713861495
Vladimir
And also another comment,
If this is a concern only for DockerHub as a "CI" workflow, for now, I can
actually recommend the Github Docker Registry (even if it is technically
deprecated). It does a great job for us at Airflow.
We build our images during CI only once and push them to the Github
>
>
> As I mentioned in the referenced ticket, the Github Container Registry
> (“GCR”) is not something Infra can immediately support due to Github’s
> limitations. The Board collectively with Infra needs to determine how or if
> the GCR fits our needs from both operational and fiscal
> On Oct 29, 2020, at 12:19 AM, Jarek Potiuk wrote:
>
> Got the message too and also got very concerned.
>
> There is an easy (I think) solution though. The new GitHub Container
> Registry is a good replacement, providing that it is enabled by INFRA. I've
> opened the ticket few weeks ago as
Got the message too and also got very concerned.
There is an easy (I think) solution though. The new GitHub Container
Registry is a good replacement, providing that it is enabled by INFRA. I've
opened the ticket few weeks ago as we would love to switch to it from the
current (deprecated) GitHub
> On Oct 28, 2020, at 11:47 PM, Allen Wittenauer
> wrote:
>
>
>
>> On Oct 28, 2020, at 9:01 PM, Joan Touzet wrote:
>>
>> Even for those of us lucky enough to have sponsorship for dedicated CI
>> workers, it's still a problem. Infra has scripts to wipe all
>> not-currently-in-use Docker
> On Oct 28, 2020, at 9:01 PM, Joan Touzet wrote:
>
> Even for those of us lucky enough to have sponsorship for dedicated CI
> workers, it's still a problem. Infra has scripts to wipe all
> not-currently-in-use Docker containers off of each machine every 24
> hours (or did, last I looked).
On Wed, Oct 28, 2020 at 10:06 PM Chris Lambertus wrote:
>
> Hi Joan,
>
> I’m adding CC: vp-infra for visibility.
>
> The reason Infra aggressively prunes docker cache on the build nodes is that
> projects generally do not clean up after their builds, and run the nodes out
> of space with
Hi Joan,
I’m adding CC: vp-infra for visibility.
The reason Infra aggressively prunes docker cache on the build nodes is that
projects generally do not clean up after their builds, and run the nodes out of
space with infinite docker images. Our donated general purpose build hardware
resources
Hi Joan,
I was vaguely concerned when I got that email.
Thank you for sounding the alarm and presenting a reasonable choice of actions.
The idea of an Apache Infra docker repos Is great! (Maybe dist.apache.org
works?) A significant amount of time in Jenkins is spent building images which
Got your attention?
Here's what arrived in my inbox around 4 hours ago:
> You are receiving this email because of a policy change to Docker products
> and services you use. On Monday, November 2, 2020 at 9am Pacific Standard
> Time, Docker will begin enforcing rate limits on container pulls
19 matches
Mail list logo