Please provide a unique docker tag: #23
Comments
|
You could do something like.. That would give you something like jammsen/palworld-dedicated-server :latest |
|
Hey @jseiser im about 75% sure what you mean, are you able to talk with me in Discord or Teamspeak to clear a few of my questions? |
jammsen
added
issue-unclear
|
From other projects I've seen, you can accomplish this by triggering a build on tag pushes. Then in your github ci, you can have something that triggers on tag creations ---
name: Create Official Release and Push Artifacts
on:
push:
tags:
- v*
And then use the docker-meta action to create a tagged release and a latest if preferred - name: Docker meta
id: meta
uses: docker/metadata-action@v5
with:
images: docker.io/${{ github.repository }}
flavor: |
latest=${{ fromJSON(inputs.latest) }}
# for some reason can't get this to show up from docker image labels
# placing here for now
labels: |
org.opencontainers.image.description=Prometheus exporter for tdarr
tags: |
## add the event types that should be added as tags
## on release - for use by users
## version ; shorthand for {{major}}.{{minor}}.{{patch}} (can include pre-release)
type=semver,pattern={{ version }} Then you can use the docker-build action to create the new image with - name: Build Docker Image
if: github.event_name != 'pull_request'
uses: docker/build-push-action@v5
with:
context: .
file: ./Dockerfile
platforms: linux/amd64,linux/arm64
push: ${{ fromJSON(inputs.push) }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
build-args: |
VERSION=${{ steps.meta.outputs.version }}
BUILDTIME=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }}
REVISION=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.revision'] }}I've seen a similar pattern in other projects and added it to my own here as a reference: https://github.com/homeylab/tdarr-exporter/blob/main/.github/actions/docker/action.yml |
|
In the end, much of this is personal/project preference based on what you need most. For smaller projects, I would recommend a similar pattern to what I implemented here: https://github.com/homeylab/tdarr-exporter/tree/main/.github/workflows Essentially actions on PR open, branch merge, Tagged release. PR open -> Test/lint, etc. Example:
This pattern works fine (imo) for small projects. Industry CI/CD is much more focused on testing and leveraging temporary/JIT compute to do more integration and E2E testing before reaching production but for github projects, the method I described may work out well for you Hope this helps! |
|
If I get some time, I'll open a PR to get the ball rolling, if needed/wanted, to help get the outline of this process in the yaml github files. |
Hmmm yeah im doing DevOps work at my company i know and teach this, though with 2 other products then GH.
Dont just spend hours of work on a PR that i might not want to use, thats why i asked @jseiser if he has time to do a call in voice to better unterstand this and have someone to brainstorm on this. I would rather have this than the code i maybe dont use and someone is mad at me 😭 |
… to satisfy #23 with short git-sha tag
|
Sorry im traveling for work this week. In our projects we generate tags based off of git commits, thats probably over kill for something of this size. Just any unique tag would be great, so we dont run into issues of docker caching the |
What do you mean by that? Isnt Docker supposed to cache this? Or what do you consider problems? |
|
This looks promising i think: Not sure how this should be helping in your request and the cache-problem i just dont understand, please explain in voice when you back at home. |
|
latest as always, master for branch name and GIT_SHA shortend to 7 chars |
|
what you just posted ill work perfect. |
|
@jseiser happy that helps, but please help me solve my confusion
Please answer this. |
|
The tag
|
Oh yeah then now you can just Hard-Version-Pin by sha-has and make sure you have the right version on every node of your cluster. Seems legit.
Ooooh now i starting to see/get your point, well in my firm where i educate people on using docker and registries we use Harbor all the time, we do always pull from Harbor in ci-context, because it has the information if its current or not and the cache-proxies check on every request in the upstream if the sha has changed and if the new image needs to be downloaded and be cached. I think i just thought about this a little bit to ?"enterprisy"? i guess? 🤔 |
|
Guess it depends on your work bubble then :D In my firm we avoid You have no way of rolling back to a different version if everything is Not to mention, that you can never figure out what version you are actually running, unless you added some different information like docker labels. |
|
We actually use harbor, but anything tagged latest is actually prevented from starting up. https://kyverno.io/policies/best-practices/disallow-latest-tag/disallow-latest-tag/ |
Thats why im trying to teach everyone to hardcore use Version-Pinning and not even like Node:18 tags and stuff like that. |
|
Thanks for the awesome exchange of experiences! I value that very highly! Is this issue resolved? |
Have you read the Important information text above
Current behavior
You tag everything
latestwhich makes pulling new images harder than it needs to beDesired behavior
Every time you push to dockerhub there should be a unique tag.
Links to screenshots
No response
To Reproduce
Steps to reproduce the behavior:
Software setup
Hardware setup
A bunch of nodes
Additional context
https://medium.com/@mccode/the-misunderstood-docker-tag-latest-af3babfd6375
In short, if you are re-using the
latesttag, my system has no idea it should be pulling a newer image. If you do not want to look into versioning, just including the git short sha or something would make pulling the image easier.Thanks.
The text was updated successfully, but these errors were encountered: