The GitHub Actions job "Tests" on airflow.git/main has failed. Run started by GitHub user potiuk (triggered by potiuk).
Head commit for run: 95bbf6ace25c013a67962c078ea7be75f7ac2190 / Jarek Potiuk <[email protected]> Pin Docker Hub test images against K8s system-test rate-limit flakes (#66423) * Pin Docker Hub test images against rate-limit flakes The scheduled K8s system-test job has been intermittently red because multiple test pods pull the unpinned `alpine:latest` (xcom sidecar) and `busybox:latest` / `ubuntu:latest` (test pods) from Docker Hub anonymously and trip its 100-pulls-per-6h limit (https://github.com/apache/airflow/actions/runs/25365187430/job/74380551079). Without a tag, kubelet defaults `imagePullPolicy` to `Always`, so even nodes that already cached the image re-pull every run. Changes ------- 1. **Production default**: `xcom_sidecar.PodDefaults.SIDECAR_CONTAINER` now uses `alpine:3.23` via a new module-level `XCOM_SIDECAR_IMAGE` constant. Tagged → `imagePullPolicy: IfNotPresent` by default → nodes with the image cached do not re-pull. 2. **System / kubernetes-tests pin**: every bare `image="ubuntu"` / `"busybox"` / `"alpine"` in `kubernetes-tests/...` and the `cncf/kubernetes` system / unit tests is now pinned (ubuntu:24.04, busybox:1.37, alpine:3.23). Test assertions in `test_pod.py` updated to match the new sidecar default. 3. **Pre-load into kind**: a new `_preload_test_images_to_kind()` helper in `breeze k8s` runs after `_upload_k8s_image()` in `_run_complete_tests`. It pulls each image on the runner with exponential-backoff retries on Docker Hub 429s, then `kind load docker-image` puts it on every node — so kubelet never has to reach out to the registry once the cluster is ready. 4. **Auto-tracker**: `scripts/ci/prek/upgrade_important_versions.py` gains `UPGRADE_ALPINE` / `UPGRADE_BUSYBOX` flags, fetchers using the existing Docker Hub `get_latest_image_version()`, regex patterns for `alpine:` / `busybox:` literals plus chart `ALPINE_VERSION` ARGs, and the relevant call-sites added to `FILES_TO_UPDATE`. The next "Upgrade important CI environment" run will keep these pins fresh automatically. Ubuntu is intentionally not auto-tracked: the tracker would prefer the highest semver, which can be an interim (non-LTS) release — system tests want LTS. Drive-by -------- `# type: ignore[no-redef]` on the standard `import tomli as tomllib` fallback in `dev/registry/extract_{metadata,versions}.py` so `mypy-dev` passes on edits to anything else under `dev/`. Identical fix lives in PR #66314 — whichever lands first, the other becomes a no-op rebase. * Fix expected_pod fixtures + changelog formatting + spelling Three follow-ups to the original commit, surfaced by CI on #66423: 1. The dict-literal `image` keys in `expected_pod` fixtures inside `kubernetes-tests/tests/kubernetes_tests/test_kubernetes_pod_operator.py` still pointed at the bare names (`"ubuntu"`, `"alpine"`) — only the kwarg-style `image=` references were caught by the original sed. Pinned them to match the new defaults. Without this, every pod-spec equality assertion against `self.expected_pod` failed on Python 3.10 K8s system tests. 2. The cncf.kubernetes changelog note used a level-3 `~~~` heading directly under `Changelog ---`, which (a) shifted the entire version-section hierarchy and produced ~700 cascading docs-build errors, and (b) was 1 char short of the title length triggering a `Title underline too short` warning. Replaced the heading with a bold-led paragraph — same content, no hierarchy disruption. 3. `kubelet` was missing from `docs/spelling_wordlist.txt`, so the sphinx spellcheck flagged it in the new note. Report URL: https://github.com/apache/airflow/actions/runs/25472151635 With regards, GitHub Actions via GitBox --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
