Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Git commits / PRs to show provenance of changes between image tags #1887

Open
jessesuen opened this issue Apr 22, 2024 · 4 comments
Open

Git commits / PRs to show provenance of changes between image tags #1887

jessesuen opened this issue Apr 22, 2024 · 4 comments
Labels
area/controller kind/feature-request priority/normal

Comments

@jessesuen
Copy link
Contributor

Proposed Feature

When Kargo makes a git commit and/or PR, it would be extremely useful if Kargo included some provenance information/metadata in the commit/PR details about the application contents of what exactly was promoted.

This would be similar to the PRs that https://github.com/renovatebot/renovate creates. e.g.

image

The difference is that Renovate is more geared towards 3rd party dependencies that follow proper semantic versions and release notes that Rennovate can incorporate into the PR.

In the case of this proprosal, it would work with a user's internal services, which may or may not be using semantic versions for their image tags. As long as user could supply "hints" that map a image tag back to the application source code commit, Kargo could formulate GitHub deep links between the current vs. new version.

We already started down this path of "hints", with the gitRepoURL field in Warehouses, but have yet to take advantage of it.
https://doc.crds.dev/github.com/akuity/kargo/kargo.akuity.io/Warehouse/v1alpha1@v0.5.1#spec-subscriptions-image-gitRepoURL

Motivation

Today, promoting an image tag is a black box. Often times the image tag has enough information incorporated into the tag (e.g. commit sha), so a user could reverse lookup which commit the image was built from. Kargo could do this work for them, and give reviewers more information about what exactly they are approving as part of the promotion.

Suggested Implementation

When Kargo creates a PR or makes a commit to the gitops repo, it is able to see the image tag before the commit and after the commit. A Kargo user could give "hints" about how these image tags map back to the application repo, in order to create a URL. We already have the gitRepoURL hint, but will need some extraction rule hints.

e.g. If the tag is a semantic version, it could create a link like:

v0.5.0...v0.5.2

If an image incorporates a source code git hash, it could extract the hash to do something similar:

9d358f4...5d53351

Or if a build date is incorporated into the tag, we could generate a link like:

https://github.com/akuity/kargo/commits/v0.5.2?since=2024-04-03&until=2024-04-08
@maksimstankevic
Copy link
Contributor

@krancour can I take this one?

@krancour
Copy link
Member

@maksimstankevic, but before you get coding, could you outline how you might approach this. Looks like @jessesuen had some thoughts above, but I haven't put much thought into this yet.

@maksimstankevic
Copy link
Contributor

@krancour I'm taking this off me, after taking closer look - seems that this is far from trivial and probably more optimal to be handled internally

@krancour
Copy link
Member

krancour commented Jun 2, 2024

@maksimstankevic no worries. This is a difficult one.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/controller kind/feature-request priority/normal
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@krancour @jessesuen @maksimstankevic