ChRIS Plugin No-op Description Files

The functionality of three ChRIS plugins: pl-dircopy, pl-topologicalcopy, and pl-tsdircopy, are implemented within the backend code itself. The container images of these plugins are Python programs which total to a weight of 378.5 MB. But here's the catch: they are no-ops. Yet, somehow there is a need for us to spend effort on maintenance, adding features¹, and debugging² our no-op programs. Not to mention, trivy reveals 246 CVEs each in pl-topologicalcopy:1.0.13 and pl-tsdircopy:1.2.1, 26 of those being critical.

Solution

Replace the container image of those ChRIS plugins with nothing but true.

Results

Everything still works, 5–10 seconds shaved off startup time, zero CVEs. Furthermore, multi-arch is now supported including arm64 and ppc64le. It turns out that nothing is better than our code.

Notes

• On NERC-OCP (OpenShift), the minimum memory limit is 12Mi. Any value lower gives the error

  Warning  FailedCreatePodSandBox  12s (x6 over 67s)  kubelet            Failed to create pod sandbox: rpc error: code = Unknown desc = pod set memory limit 1048576 too low; should be at least 12582912 bytes

• Although /true works perfectly fine with extremely slim resource limits, e.g. max_memory_limit=12Mi and max_cpu_limit=10m, these values cause other parts of ChRIS to break. See FNNDSC/pfcon#173

Footnotes

1. https://github.com/FNNDSC/pl-topologicalcopy/pull/4 ↩

2. https://github.com/FNNDSC/pl-topologicalcopy/issues/6 ↩