Fix k3d-dev.sh default AMI selection
Package Merge Request
Package Changes
Line 31 query in k3d-dev.sh gets changed from a sort_by to a max_by function:
AMI_ID=$(aws ec2 describe-images --filters Name=owner-alias,Values=aws-marketplace Name=architecture,Values=x86_64 Name=name,Values="ubuntu/images/hvm-ssd/ubuntu-jammy-22.04-amd64-server-*" --query 'max_by(Images, &CreationDate).ImageId' --output text)This change updates 186 packages that have changed since 2022-05-11. 105 were security related.
Package MR
For Issue
Closes https://repo1.dso.mil/big-bang/bigbang/-/issues/1535
Test Case
➜ bigbang git:(1535-k3d-dev-ami) ./docs/assets/scripts/developer/k3d-dev.sh
AWS User Name: Ben.Francis
Checking for existing cluster for Ben.Francis.
Will use standard t3a.2xlarge spot instance
Checking if key pair Ben.Francis-dev exists ...found
Checking if security group Ben.Francis-dev exists ...found
Retrieving ID for security group Ben.Francis-dev ...done
Checking if 173.93.203.43 is authorized in security group ...found
Using AMI image id **ami-0d700129195b41067**
Creating device_mappings.json ...
Creating spot_options.json ...
Running spot instance ...ami-0d700129195b41067 is the latest image from June 1, 2023.
Closes #1535
Merge request reports
Activity
changed milestone to %2.4.0
added Big Bang Core statusreview labels
assigned to @ben.francis
Resolved by Ryan GarciaThis is a draft MR because I don't know if you want me to label all 186 packages that have changed from the default AMI of a year ago.
- Last reply by Ryan Garcia
This is a great way to keep our dev instances up to date, but are there any issues with regularly pulling new patch versions that are unvetted? Could using a new revision of our AMI every day cause inconsistency issues with Kubernetes?
Edited by Cody Williams-
Yes, new packages might break stuff. That's the tradeoff. Staying with a package set that worked yesterday is extremely attractive to product managers. I totally understand. It's also how companies find themselves still running the 2.6 kernel with over 5000 vulnerabilities.
Redhat decided that streaming is the way to go to keep their customers safe. We would do well to pull the latest and greatest versions of Ubuntu LTS.
requested review from @ryan.j.garcia and @chris.oconnell
mentioned in commit 48c96c6f