Skip to content

ROX-29453: Inactive image retention setting 0 should never prune images#15444

Merged
charmik-redhat merged 1 commit intomasterfrom
ROX-29453/fix-inactive-images-retention-setting
May 28, 2025
Merged

ROX-29453: Inactive image retention setting 0 should never prune images#15444
charmik-redhat merged 1 commit intomasterfrom
ROX-29453/fix-inactive-images-retention-setting

Conversation

@charmik-redhat
Copy link
Contributor

@charmik-redhat charmik-redhat commented May 27, 2025

Description

For inactive images retention value of 0, the expectation is that the inactive images will never be pruned. However there is a bug in pruning logic which causes the inactive images to get instantly pruned every hour when the retention value is 0. This could lead to frequent resetting of the firstDiscovered and firstImageOccurrence times of the CVEs in images that are only temporarily inactive.

User-facing documentation

  • Changelog update is not needed
  • Documentation is not needed

Testing and quality

  • the change is production ready: the change is GA, or otherwise the functionality is gated by a feature flag
  • CI results are inspected

Automated testing

  • added unit tests
  • added e2e tests
  • added regression tests
  • added compatibility tests
  • modified existing tests

How I validated my change

Manual test- pending

@charmik-redhat charmik-redhat requested a review from a team May 27, 2025 15:25
sourcery-ai[bot]
sourcery-ai bot reviewed May 27, 2025
View reviewed changes
Copy link
Contributor

@sourcery-ai sourcery-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey @charmik-redhat - I've reviewed your changes and they look great!

Here's what I looked at during the review
  • 🟢 General issues: all looks good
  • 🟢 Security: all looks good
  • 🟢 Testing: all looks good
  • 🟢 Complexity: all looks good
  • 🟢 Documentation: all looks good
Sourcery is free for open source - if you like our reviews please consider sharing them ✨
Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.

@rhacs-bot
Copy link
Contributor

rhacs-bot commented May 27, 2025

Images are ready for the commit at 2047f3e.

To use with deploy scripts, first export MAIN_IMAGE_TAG=4.8.x-817-g2047f3e1a7.

@codecov
Copy link

codecov bot commented May 27, 2025
edited
Loading

Codecov Report

Attention: Patch coverage is 0% with 4 lines in your changes missing coverage. Please review.

Project coverage is 49.23%. Comparing base (c31c579) to head (2047f3e).
Report is 4 commits behind head on master.

Files with missing lines Patch % Lines
central/pruning/pruning.go 0.00% 3 Missing and 1 partial ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##           master   #15444      +/-   ##
==========================================
- Coverage   49.23%   49.23%   -0.01%     
==========================================
  Files        2578     2578              
  Lines      189182   189186       +4     
==========================================
- Hits        93151    93145       -6     
- Misses      88693    88701       +8     
- Partials     7338     7340       +2
Flag Coverage Δ
go-unit-tests 49.23% <0.00%> (-0.01%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@openshift-ci
Copy link

openshift-ci bot commented May 27, 2025

@charmik-redhat: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
ci/prow/gke-qa-e2e-tests 2047f3e link false /test gke-qa-e2e-tests

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

@charmik-redhat charmik-redhat merged commit 62b9857 into master May 28, 2025
83 of 86 checks passed
@charmik-redhat charmik-redhat deleted the ROX-29453/fix-inactive-images-retention-setting branch May 28, 2025 16:39
@charmik-redhat charmik-redhat modified the milestones: 4.6.7-rc.1, 4.7.4-rc.1 May 28, 2025
@charmik-redhat charmik-redhat added backport release-4.6 Create a PR to backport this PR to release-4.6 backport release-4.7 labels May 28, 2025
@charmik-redhat charmik-redhat removed this from the 4.6.7-rc.1 milestone May 28, 2025
rhacs-bot pushed a commit that referenced this pull request May 28, 2025
@charmik-redhat @github-actions
ROX-29453: Inactive image retention setting 0 should never prune imag…
8efc299 
…es (#15444)

(cherry picked from commit 62b9857)
@rhacs-bot rhacs-bot mentioned this pull request May 28, 2025
Merged
rhacs-bot pushed a commit that referenced this pull request May 28, 2025
@charmik-redhat @github-actions
ROX-29453: Inactive image retention setting 0 should never prune imag…
a5db910 
…es (#15444)

(cherry picked from commit 62b9857)
@rhacs-bot rhacs-bot mentioned this pull request May 28, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sourcery-ai sourcery-ai[bot] sourcery-ai[bot] left review comments

@dashrews78 dashrews78 dashrews78 approved these changes

Assignees

No one assigned

Labels

area/central backport release-4.6 Create a PR to backport this PR to release-4.6 backport release-4.7

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@charmik-redhat @rhacs-bot @dashrews78