Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] SHA comparison issue with match-regex.version-checker.io #228

Open
erwanval opened this issue Jul 9, 2024 · 0 comments
Open

[BUG] SHA comparison issue with match-regex.version-checker.io #228

erwanval opened this issue Jul 9, 2024 · 0 comments
Assignees
@davidcollom
Labels
bug Something isn't working

Comments

@erwanval
Copy link
Contributor

erwanval commented Jul 9, 2024
edited
Loading

Describe the bug
version-checker seems to not do the comparison properly sometimes, leading to the metrics stating it's not the latest while it is.
I haven't tested with other registries, but it happens with docker.io, and the annotation match-regex.version-checker.io.

Here is a simple pod to test that scenario:

apiVersion: v1
kind: Pod
metadata:
  creationTimestamp: null
  labels:
    run: test-pod
  annotations:
    match-regex.version-checker.io/test: ^\d+.\d+.\d+-glibc
  name: test-pod
spec:
  containers:
  - image: docker.io/busybox:1.36.1-glibc
    name: test
    args:
    - sh
    - -c
    - "sleep infinity"

docker.io/busybox:1.36.1-glibc is currently the latest of the -glibc suffix.

The produced metric has the following labels, and its value is 0:

version_checker_is_latest_version{container="version-checker", container_type="container", current_version="1.36.1-glibc@sha256:25e9fcbd3799fce9c0ec978303d35dbb18a6ffb1fc76fc9b181dd4e657e2cd13", endpoint="web", exported_container="test", exported_namespace="default", exported_pod="test-pod", image="docker.io/busybox", instance="100.64.6.176:8080", job="version-checker", latest_version="1.36.1-glibc@sha256:50aa4698fa6262977cff89181b2664b99d8a56dbca847bf62f2ef04854597cf8", namespace="infra", pod="version-checker-5757d8dc7-mw75h", service="version-checker"}

First thing to note is the current_version and latest_version contains the sha, so I assume it compares using the sha in that case, instead of just the tag. From my tests, I concluded that when the semVer doesn't match, version-checker immediately states it's not the latest (which makes sense). But when it matches, version-checker then compares using the sha. I'm not sure if I'm right about the behavior, nor if it's expected.
In any case, when the semVer match, and sha is compared, both values are differents. Looking in docker hub, the "current_version" is matching the "Index digest", while "latest_version" is matching "Manifest digest", which are both different for the same image. I suppose that's why the metrics returns 0.

To Reproduce
See above

Expected behavior
version-checker should return current version match the latest

Screenshots
ksnip_20240709-160208

Environment (please complete the following information):

  • Version-Checker: 0.7.0
  • Kubernetes: 1.29.1

Additional context
Add any other context about the problem here.
@erwanval erwanval added the bug Something isn't working label Jul 9, 2024
@erwanval erwanval changed the title [BUG] SHA comparison issue [BUG] SHA comparison issue with match-regex.version-checker.io Jul 9, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@davidcollom davidcollom

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@davidcollom @erwanval