Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Maintain release images #135

Open
2 tasks
WadeBarnes opened this issue Sep 11, 2024 · 6 comments
Open
2 tasks

Maintain release images #135

WadeBarnes opened this issue Sep 11, 2024 · 6 comments
Labels
enhancement New feature or request good first issue Good for newcomers help wanted Extra attention is needed

Comments

@WadeBarnes
Copy link
Member

When a release is created images are built and published to Docker Hub for that release. The images are not maintained following their release, meaning they are not rebuilt periodically to pick up updates (such as vulnerability fixes) made to the base container.

Create a scheduled maintenance job that maintains the last x (3 or 4) release images by rebuilding and republishing. The job should trigger at least once a month. This will help reduce the number of teams building and maintaining their own images.

Bonus points for:

  • Making the job(s) smart enough to know whether the base image has changed and only build the related images if the base image has changed since the last build.
  • Triggering the job(s) when there is a change to the related base image.

Other decisions that should be considered:

  • Should we continue publishing to Docker Hub?
  • Should we publish to the GHCR as well or instead of to Docker Hub?
@WadeBarnes WadeBarnes added enhancement New feature or request help wanted Extra attention is needed good first issue Good for newcomers labels Sep 11, 2024
@WadeBarnes
Copy link
Member Author

cc @i5okie, @esune

@mishraomp
Copy link

vote for ghcr.io, and ref through artifactory

@caggles
Copy link

caggles commented Sep 11, 2024

I would also be happy to discuss creating a service account with write access to the bcgov-docker-local repo in Artifactory where you can push backup-container images.

@sheaphillips
Copy link

vote for ghcr.io, and ref through artifactory

+1 for ghcr.io + artifactory.

@jujaga
Copy link
Member

jujaga commented Sep 13, 2024
edited
Loading

+1 For having the container image artifacts pushed to ghcr.io would be ideal, similar to what already exists on the hub.docker.io side. If we do swap over to ghcr.io, we do not necessarily need to continue having it be mirrored to dockerhub any longer, unless having it there makes it easier to mirror to artifactory.
As long as the tagging for these image artifacts follows standard semver conventions it'll provide a huge value for downstream change management.

@mishraomp
Copy link

+1 For having the container image artifacts pushed to ghcr.io would be ideal, similar to what already exists on the hub.docker.io side. If we do swap over to ghcr.io, we do not necessarily need to continue having it be mirrored to dockerhub any longer, unless having it there makes it easier to mirror to artifactory. As long as the tagging for these image artifacts follows standard semver conventions it'll provide a huge value for downstream change management.

+1 for semver tag release,

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request good first issue Good for newcomers help wanted Extra attention is needed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@sheaphillips @jujaga @caggles @WadeBarnes @mishraomp