Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

parallelize insights gathering step and run it before the build completion #195

Open
shreddedbacon opened this issue Mar 19, 2023 · 5 comments
Open

parallelize insights gathering step and run it before the build completion #195

shreddedbacon opened this issue Mar 19, 2023 · 5 comments

Comments

@shreddedbacon
Copy link
Member

If its possible to run insights gathering in parallel, this would be really good to do. This step can take some time to run, so any reduction in time is welcome.

It should also probably be moved from being the last step of a build, to the second last step. Build completion should be the final step.
@tobybellwood
Copy link
Member

Given that the insights run is just a docker container being used to scan another docker container, it should be ok to lightly parallel - but may have more implications if you have large numbers at once across multiple builds?

The reason it was placed after the build completion was to be able to ensure that the build completed (and scanning didn't delay anything else) - although with the current logic, the build still doesn't report until the scan has finished - maybe we introduce a post-build step instead and place the scan in there if it's configured?

@shreddedbacon
Copy link
Member Author

Until insights is a separate process not tied to builds, it should be before the build completion.
Build completion means build completion, not build is completed but there is still more to do that isn't tied to the build but sort of is

@shreddedbacon
Copy link
Member Author

I'm hesitant to add post-build unless there is a case for more things to be added to it, which is what post-deploy is really meant to be for, since it runs before the build completion.

If the build process is this, it is kind of silly

  • build..
  • post-deploy tasks
  • completion
  • post-completion tasks

@tobybellwood
Copy link
Member

tobybellwood commented Mar 19, 2023
edited
Loading

Yeah, good point. I'm conscious that this step (or indeed others) could add XX minutes to a build that for all intents and purposes is otherwise completed and is ready to use. If a situation arose that a build needed reverting/rerunning, it would be a pain to wait for the insights to complete. Maybe the SBOM should be a special task triggered by the build - it does need to be closely coupled to the build, to ensure that the images for that build are still in the docker_host.

EDIT: to add "special" task, as the SBOM task will need access to the docker host it may require further configuration. Having it run in the build ensures it has access.

@tobybellwood tobybellwood mentioned this issue Mar 19, 2023
Open
@shreddedbacon
Copy link
Member Author

But the build isn't complete until all tasks are complete :)

The build and deploy of the environment may technically be complete, but the build process itself is not.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@tobybellwood @shreddedbacon