Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Code Review Item: Update Policy Needed #13

Open
jtgasper3 opened this issue Dec 22, 2015 · 3 comments
Open

Code Review Item: Update Policy Needed #13

jtgasper3 opened this issue Dec 22, 2015 · 3 comments
Labels
discussion needed

Comments

@jtgasper3
Copy link
Contributor

The Unicon IAM team did a code review and suggested several small adjustments. This is one of those adjustments:

To facilitate adoption of this image, Unicon should state a "policy" of how often checks for updates of the dependency resources (Java, Jetty, IdP) will occur and when those updates will be applied. The policy should include what type of updates will "trigger" an image release.
@jtgasper3 jtgasper3 changed the title Code Review Item Code Review Item: Update Policy Needed Dec 22, 2015
@nklingenstein
Copy link

That sort of a policy would be very appealing to me, but I would make strong delineations between security fixes and ordinary patch/feature additions.

I have a couple of orthogonal general package questions that I'll pose here. Please move the below to its own issue if you prefer that. I'm sure I'll come up with more later.

  1. Do you try to incorporate new features? Is it hard to do that with the level of customization that deployers can expect? What happens if one site modified web.xml and another didn't?
  2. What endpoints are exposed for monitoring?

@jtgasper3
Copy link
Contributor Author

The images is just a basic deployment of the IdP that saves a deployer from having to install and config Jetty and the IdP. Backchannel is already setup too.

  1. Other than that it's up to the configure to deploy whatever options one wants. New versions will have the bits there, but the deployer might need to still enable... like ECP

  2. If one wants to use build.sh, then their image just needs to have a RUN build.sh (or run it in the container start script) and they overlay the idp.xml file to point to the idp.war vs the webapps directory...

  3. All standard endpoints are available. The deployer must configure any changes related to that just like they would in any other context.

@nklingenstein
Copy link

Makes sense and clarifies things, thanks. Since this is aimed at basic integration today, my follow-on questions fall in the category of "feature request" rather than "support considerations".

I would still find the clarification you suggest, especially with regard to update releases versus security patches, very helpful.

Thanks for taking the time.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
discussion needed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jtgasper3 @nklingenstein