New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Switch to the latest images #96
Conversation
The idea was to catch CFLite regressions but since the action itself pulls the latest docker images it can't be pinned properly and issues like google/clusterfuzzlite#91 are going to pop up anyway. Let's unpin it by analogy with CIFuzz and hope it doesn't break very often. Waiting for google/clusterfuzzlite#96
The idea was to catch CFLite regressions but since the action itself pulls the latest docker images it can't be pinned properly and issues like google/clusterfuzzlite#91 are going to pop up anyway. Let's unpin it by analogy with CIFuzz and hope it doesn't break very often. Waiting for google/clusterfuzzlite#96
The idea was to catch CFLite regressions but since the action itself pulls the latest docker images it can't be pinned properly and issues like google/clusterfuzzlite#91 are going to pop up anyway. Let's unpin it by analogy with CIFuzz and hope it doesn't break very often. Waiting for google/clusterfuzzlite#96
Thanks for the PR! The "v1" tag always points to the latest anyway, so this isn't actually changing anything. It's intended for major/breaking changes in the base images. |
It does but it's kind of counterintuitive. The idea is to point the action to the main branch and to the latest images explicitly without any tags (by analogy with CIFuzz). |
The "v1" is intended to prevent widespread breakages if we e.g. update to a new Ubuntu distro (as we did previously with 16.04 -> 20.04). If we do this in the future, we'll update this to "v2" and update this reference here also in "main", so if you just point to the main branch, you'll still get the latest images. |
It seems it can help to keep the action and the images used by the action in sync but I'm planning to point |
Right, so our guidance is to just pin to "v1" for everything (both actions and images). This will ensure everything is continuously updated for the foreseeable future (most likely until 2024 when a new Ubuntu LTS is out). If/when a "v2" does come out, we'll announce and users can just s/v1/v2/ and rinse/repeat. Would that work? |
It would as long as google/oss-fuzz#7212 is never implemented. With auto-releaser tagging releases every week or so I'd receive bogus dependabot updates and that's what I'm trying to avoid. |
Right, we'll definitely make sure this doesn't cause unnecessary spam if/when we do this. We may just end up just dropping this completely as well. |
Got it. Thanks! I'll point everything to |
@oliverchang on second thought the images get updated automatically but the action itself doesn't so I can't for example use the "report-unreproducible-crashes" setting if I point to the "v1" tag. |
#87 doesn't seem to be included in "v1" either |
Sorry about that! I just updated the v1 tag to the latest |
CFLite can't be pinned properly so to unpin it it should be
possible to always use the latest images.
This reverts #2
Closes #95