#59: Process for determining when and why Docker trusted images need to be rebuilt ----------------------------+-------------------- Reporter: scollier | Owner: Type: task | Status: new Priority: normal | Milestone: Future Component: Docker (Other) | Keywords: ----------------------------+-------------------- We have several Docker trusted images hosted on the Docker index:
https://index.docker.io/u/fedora/
These are built from the Fedora Cloud github account here:
https://github.com/fedora-cloud/Fedora-Dockerfiles
We need a clear process for deciding when these layered images need to be rebuilt. Is it when new RPMs are released? Security errata? Changes to config files? What are other criteria that could trigger the need for a rebuild?
#59: Process for determining when and why Docker trusted images need to be rebuilt ----------------------------+--------------------- Reporter: scollier | Owner: Type: task | Status: new Priority: normal | Milestone: Future Component: Docker (Other) | Resolution: Keywords: | ----------------------------+---------------------
Comment (by mattdm):
Good questions! What about RPMs that are in the image but not used? Can we filter those out? What about a distinction between the primary application for that image vs. other rpms used in its construction?
Also, do we want these to track the latest Fedora release, or should we have separate ones for F19, F20, F21, rawhide....?
And if so, do they have different policies? Maybe rawhide rebuilds on any change, current release rebuilds on security updates + any update to the primary application, previous release rebuilds on security updates only?
#59: Process for determining when and why Docker trusted images need to be rebuilt ----------------------------+--------------------- Reporter: scollier | Owner: Type: task | Status: new Priority: normal | Milestone: Future Component: Docker (Other) | Resolution: Keywords: meeting | ----------------------------+--------------------- Changes (by mattdm):
* keywords: => meeting
#59: Process for determining when and why Docker trusted images need to be rebuilt ----------------------------+--------------------- Reporter: scollier | Owner: Type: task | Status: new Priority: normal | Milestone: Future Component: Docker (Other) | Resolution: Keywords: meeting | ----------------------------+--------------------- Changes (by jzb):
* cc: jzb@… (added)
#59: Process for determining when and why Docker trusted images need to be rebuilt ----------------------------+----------------------- Reporter: scollier | Owner: jzb Type: task | Status: assigned Priority: normal | Milestone: Future Component: Docker (Other) | Resolution: Keywords: meeting | ----------------------------+----------------------- Changes (by jzb):
* owner: => jzb * status: new => assigned
Comment:
Will take first crack at this, then send to the list for revisions.
#59: Process for determining when and why Docker trusted images need to be rebuilt ----------------------------+----------------------- Reporter: scollier | Owner: jzb Type: task | Status: assigned Priority: normal | Milestone: Future Component: Docker (Other) | Resolution: Keywords: meeting | ----------------------------+-----------------------
Comment (by walters):
Some thoughts on this ticket:
* An option as well is for Fedora to run a registry. There are several advantages to this, some disadvantages.
* We need to decide if we acutally *build* all of these - some of them are what I'd call examples, not something you'd expect to run directly
#59: Process for determining when and why Docker trusted images need to be rebuilt ----------------------------+----------------------- Reporter: scollier | Owner: jzb Type: task | Status: assigned Priority: normal | Milestone: Future Component: Docker (Other) | Resolution: Keywords: meeting | ----------------------------+-----------------------
Comment (by jzb):
First draft sent to list today, draft on wiki here:
https://fedoraproject.org/wiki/Cloud/Cloud_RFC_Docker_Trusted_Images_Rebuild...
#59: Process for determining when and why Docker trusted images need to be rebuilt ----------------------------+------------------------------- Reporter: scollier | Owner: jzb Type: task | Status: assigned Priority: normal | Milestone: Fedora 21 (Beta) Component: Docker (Other) | Resolution: Keywords: | ----------------------------+------------------------------- Changes (by jzb):
* milestone: Future => Fedora 21 (Beta) * keywords: meeting =>
Comment:
Leaving this open, but setting the milestone to beta and removing the meeting tag. Going to consider this mostly solved since the feedback I've gotten has been pretty much positive. Have a few questions to address, but I think this is mostly done.
#59: Process for determining when and why Docker trusted images need to be rebuilt ----------------------------+------------------------------- Reporter: scollier | Owner: jzb Type: task | Status: closed Priority: normal | Milestone: Fedora 21 (Beta) Component: Docker (Other) | Resolution: fixed Keywords: | ----------------------------+------------------------------- Changes (by kushal):
* status: assigned => closed * resolution: => fixed
Comment:
Closing this ticket as part of trac clean up process. If you want to reopen, please reopen it after we move to pagure.io as atomic-wg.
cloud@lists.stg.fedoraproject.org