We are enabling build, scan logs for the images in the registry.centos.org so that for a build one can see the build, pre-build, scan logs for the image.

Why?

After a build request is submitted to container-index and PR is merged there user gets an email notification with status of the build and link to the logs for build, pre-build and scan. And for refering to the logs user needs to go to the email. This approach has mainly to issues.

  • Only the user who requested and has the email with build details can see the build logs.
  • For referring to the logs user need to go for the email.

Solution:

We have enabled the build status and build logs to be visible through the registry.centos.org UI. So whenever an user is looking for some image and browses through the regsitry.centos.org UI. and just by clicking the link for the image they can see the latest buid status as Failure or Success.

And clicking on the details link they can browse through Dockerfile details which is used to build the image. We have also added a link to the source repository for the image with branch, so that any one looking at the image knows which repository is getting used to build the image.

We have added a separate tabs for Build logs for pre-build, build and scan logs.

This helps user to access all the related details in a single place, and does not need to go through many places to look for the details.

How?

The idea is to show/fetch real time logs from the OpenShift cluster where the builds are running. For this we have enabled REST based API end points serving from the cluster. So whenever an user looks for the data in UI. It hits the API end points. API server fetches all the details from the cluster and feeds the UI. Then UI translates the JSON to show the details.

  • registry.centos.org UI now has the real time data from the build cluster. It validates the image details from the container-index and docker-distribution regsitry to make sure details are shown properly.
  • REST API server uses same serviceaccount as the account used for building the images. This helps the API to have proper security context to fetch the details.