Application Trigger contains name of another Application


#1

Started to see some weird behavior and thought it might be worth mentioning here. Here’s a little background… We have a web service and a web-bff service both being managed in k8s via Spinnaker. We currently use the PubSub trigger which uses messages published from GCR to kick off our pipelines. Not sure why this seemingly started happening recently but lately our web service has been getting triggered by PubSub messages to our web-bff service. Just to make it clear, these service names are - more or less - exactly what we’re working with which I thought might be worth mentioning in case web is somehow matching on web-bff. I can click into the configuration and see that everything is configured correctly yet this seems to happen now on every merge.

Exception ( Monitor Deploy )
The following artifacts could not be bound: ‘[Artifact(type=docker/image, name=gcr.io/gcp-devops/web-bff, version=sha256:ca378b7bffaf52da390957c8156b805f18d1ebe83176c27a4dab43d4946322cb, location=null, reference=gcr.io/gcp-devops/web-bff@sha256:ca378b7bffaf52da390957c8156b805f18d1ebe83176c27a4dab43d4946322cb, metadata=null, artifactAccount=null, provenance=null, uuid=null)]’ . Failing the stage as this is likely a configuration error.

We’re using master-unvalidated as I haven’t been able to lock down to a specific version due to other bug fixes.


#2

@ezimanyi, ptal, thanks.


#3

@briananderson1222: Do you mind providing a bit more information about the triggers and artifacts you have set up?

In particular, what constraints have you configured on the triggers for the web and web-bff service? Are you using either a payload constraint, or an artifact constraint to ensure that the pipeline only executes when the expected image is pushed to the registry? If so, these constraints are actually regular expressions, so a constraint on web would indeed match web-bff as you surmised (but ^web$ would give you the specific match you want).

You could also consider using an artifact constraint. By putting the artifact you’ve configured into the 'Artifact constraints` section of the trigger, you’d only trigger the pipeline if that artifact is present (rather than fail downstream as it seems is happening now).


#4

@ezimanyi Here is my configuration for web:

trigger

and my configuration for web-bff:

trigger2

Are the artifact constraints really regular expressions? It doesn’t seem like I have the ability to modify them outside of the expected constraints defined in the configuration


#5

@briananderson1222: The artifact constraint does actually match as a regular expression. (This is behavior we should probably document better, this isn’t the first time someone has been surprised by this behavior.)

You can’t modify the constraint itself separately, but would need to change the ‘Docker Image’ field on the expected artifact itself to anchor the end of the regular expression. This will then affect any time we try to match the artifact (both in the trigger, and in the stage itself) which should be the behavior you want.

There is a small UI issue, whereby upon entering a $ in the input box, you get a link with help on how to write a SPEL expression (as it thinks that’s what you’re trying to do when you enter a $). You can ignore that, and just save with the terminal $ and it will work.

I’ve created this github issue to improve this behavior (or at least the documentation) as the current behavior is generally surprising to users when they discover it, which would be better to avoid.


#6

@ezimanyi I assume (because it’s the only editable field) that this anchor would need to be added to the “Expected Artifact” and not the the Artifact Constraint directly

Edit: I’ve confirmed that my assumption above is correct! Thanks.