docker/buildx

Feature Request - Add Support for Owner References in Kubernetes Driver

ali-kafel opened this issue · 0 comments

ali-kafel commented

Description

Hello,

I would like to have the ability to specify Kubernetes Owner References via the Docker Buildx CLI when using the Kubernetes driver. This feature will enhance the integration between Docker Buildx and Kubernetes, allowing resources created during the build process (e.g., Pods, Deployments) to automatically adopt ownership lifecycle policies.

Currently, Docker Buildx allows specifying a variety of options and configurations when using the Kubernetes driver. However, a critical lifecycle management feature is missing: the ability to set ownerReferences on Kubernetes resources like Pods directly through the Buildx CLI.

CLI and Driver Enhancements:

  • Provide new --driver-opt options to specify ownerReferences.
  • Allow users to pass owner reference details (e.g., apiVersion, kind, name, uid, controller, blockOwnerDeletion).

Use Case:
This feature is particularly useful for integrating Docker Buildx with ephemeral GitHub Actions runners or other resources that have dynamic lifecycles. For instance, in CI/CD environments, deployments or Pods created as a part of the build process should be cleaned up automatically when the controlling resource is deleted.

Current Manual Process:
Currently, we are manually adding the owner reference to a Buildx builder deployment to a runner. See an example:

> kubectl patch deployment builder-2f073425-0441-48bc-8ed2-2d8a286158001 --type='json' -p='[{"op": "replace", "path": "/metadata/ownerReferences", "value":[{"apiVersion": "actions.github.com/v1alpha1", "kind": "EphemeralRunner", "name": "large-dind-spot-rjz82-runner-4w7sp", "uid": "b636330d-26b7-417a-8464-c2641438feed", "controller": true, "blockOwnerDeletion": false}]}]'

> kubectl get ephemeralrunner large-dind-spot-rjz82-runner-4w7sp
Error from server (NotFound): ephemeralrunners.actions.github.com "large-dind-spot-rjz82-runner-4w7sp" not found

> kubectl get deployment builder-2f073425-0441-48bc-8ed2-2d8a286158001
Error from server (NotFound): deployments.apps "builder-2f073425-0441-48bc-8ed2-2d8a286158001" not found

This ensures that when the runner is deleted, the builder is deleted as well. This works much better than running the cleanup at the end of a GitHub Actions job since there are cases where a runner will exit prematurely and never actually run the builder cleanup at the end of a job.

Adding an owner reference ensures the builder deployment will be a part of the GitHub Actions runner lifecycle in Kubernetes.

Thank You