Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Publish container images #443

Merged
merged 1 commit into from
Dec 5, 2023
Merged

Publish container images #443

merged 1 commit into from
Dec 5, 2023

Conversation

aaronmondal
Copy link
Member

@aaronmondal aaronmondal commented Dec 5, 2023
edited by allada
Loading

Introduce signed, fully reproducible container images that are created
on pushes to main and published via GitHub packages.

This change is Reviewable

aaronmondal
aaronmondal commented Dec 5, 2023
View reviewed changes
Copy link
Member Author

@aaronmondal aaronmondal left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

+@allada +@MarcusSorealheis +@adam-singer +@blakehatch

You can ignore the first commit as that'll be "rebased away" after #442.

Reviewable status: 0 of 8 files reviewed, all discussions resolved (waiting on @adam-singer, @allada, @blakehatch, and @MarcusSorealheis)

MarcusSorealheis
MarcusSorealheis approved these changes Dec 5, 2023
View reviewed changes
Copy link
Collaborator

@MarcusSorealheis MarcusSorealheis left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

README.md Outdated Show resolved Hide resolved
allada
allada approved these changes Dec 5, 2023
View reviewed changes
Copy link
Member

@allada allada left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

:lgtm:

Reviewed 5 of 5 files at r2.
Reviewable status: 5 of 8 files reviewed, 2 unresolved discussions (waiting on @aaronmondal, @adam-singer, @blakehatch, and @MarcusSorealheis)

README.md line 47 at r2 (raw file):

# Verify the signature
cosign verify ghcr.io/TraceMachina/native-link:${LATEST} \
    --certificate-identity=https://github.com/TraceMachina/native-link/.github/workflows/image.yaml@refs/heads/main \

What happens if main is updated but the latest github action has not yet finished uploading? Won't this cause issues?

@aaronmondal aaronmondal mentioned this pull request Dec 5, 2023
Merged
aaronmondal
aaronmondal commented Dec 5, 2023
View reviewed changes
Copy link
Member Author

@aaronmondal aaronmondal left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reviewable status: 4 of 8 files reviewed, 2 unresolved discussions (waiting on @adam-singer, @allada, @blakehatch, and @MarcusSorealheis)

README.md line 9 at r1 (raw file):

Previously, MarcusSorealheis (Marcus Eagan) wrote…

Unix-based

Done.

README.md line 47 at r2 (raw file):

Previously, allada (Nathan (Blaise) Bruer) wrote…

What happens if main is updated but the latest github action has not yet finished uploading? Won't this cause issues?

I wouldn't say that it's too big of an issue, but it can surely be inconvenient if the image is unexpectedly not ready immediately. I've added a comment above and also added a "production" variant that can be used to fully pins the image.

aaronmondal
aaronmondal commented Dec 5, 2023
View reviewed changes
Copy link
Member Author

@aaronmondal aaronmondal left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Dismissed @MarcusSorealheis from a discussion.
Reviewable status: 4 of 8 files reviewed, 1 unresolved discussion (waiting on @adam-singer, @allada, @blakehatch, and @MarcusSorealheis)

README.md line 9 at r1 (raw file):

Previously, aaronmondal (Aaron Siddhartha Mondal) wrote…

Done.

Done

@aaronmondal aaronmondal force-pushed the release-container branch 2 times, most recently from 28b914a to 131775e Compare December 5, 2023 15:41
@aaronmondal
Publish container images
cf8709e 
Introduce signed, fully reproducible container images that are created
on pushes to main and published via GitHub packages.
@aaronmondal aaronmondal merged commit 697cddf into TraceMachina:main Dec 5, 2023
15 of 16 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@allada allada allada approved these changes

@MarcusSorealheis MarcusSorealheis MarcusSorealheis approved these changes

Assignees

@adam-singer adam-singer

@allada allada

@MarcusSorealheis MarcusSorealheis

@blakehatch blakehatch

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@aaronmondal @allada @MarcusSorealheis @adam-singer @blakehatch