-
Notifications
You must be signed in to change notification settings - Fork 1.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Auto-update docker dependency image SHAs #118
Labels
Comments
At that point, is there any advantage to using fixed tags in the dockerfiles? We can accomplish the same thing using a symbolic tag and making the scripts ensure the symbolic tag is up-to-date. |
Per offline convo, the requirements:
|
siggy
added a commit
that referenced
this issue
Jan 9, 2018
Previously if dependencies changed but dep image SHAs were not updated, the build could succeed, creating docker images with indeterminate dependencies. This change checks the dependency image SHAs hard-coded in Dockerfile's against the current source tree. If the SHAs do not match, the build fails. Fixes #118
siggy
added a commit
that referenced
this issue
Jan 9, 2018
Previously if dependencies changed but dep image SHAs were not updated, the build could succeed, creating docker images with indeterminate dependencies. This change checks the dependency image SHAs hard-coded in Dockerfile's against the current source tree. If the SHAs do not match, the build fails. Fixes #118 Signed-off-by: Andrew Seigner <andrew@sig.gy>
siggy
added a commit
that referenced
this issue
Jan 10, 2018
Previously if dependencies changed but dep image SHAs were not updated, the build could succeed, creating docker images with indeterminate dependencies. This change checks the dependency image SHAs hard-coded in Dockerfile's against the current source tree. If the SHAs do not match, the build fails. Fixes #118 Signed-off-by: Andrew Seigner <andrew@sig.gy>
siggy
added a commit
that referenced
this issue
Jan 10, 2018
Previously if dependencies changed but dep image SHAs were not updated, the build could succeed, creating docker images with indeterminate dependencies. This change checks the dependency image SHAs hard-coded in Dockerfile's against the current source tree. If the SHAs do not match, the build fails. Fixes #118 Signed-off-by: Andrew Seigner <andrew@sig.gy>
siggy
added a commit
that referenced
this issue
Jan 10, 2018
Previously if dependencies changed but dep image SHAs were not updated, the build could succeed, creating docker images with indeterminate dependencies. This change checks the dependency image SHAs hard-coded in Dockerfile's against the current source tree. If the SHAs do not match, the build fails. Fixes #118 Signed-off-by: Andrew Seigner <andrew@sig.gy>
siggy
added a commit
that referenced
this issue
Jan 10, 2018
Previously if dependencies changed but dep image SHAs were not updated, the build could succeed, creating docker images with indeterminate dependencies. This change checks the dependency image SHAs hard-coded in Dockerfile's against the current source tree. If the SHAs do not match, the build fails. Fixes #118 Signed-off-by: Andrew Seigner <andrew@sig.gy>
khappucino
pushed a commit
to Nordstrom/linkerd2
that referenced
this issue
Mar 5, 2019
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Followup from #115.
The Rust proxy and Go Docker images rely on base dependency images with
hard-coded SHA's:
gcr.io/runconduit/go-deps
depends onGopkg.lock
Dockerfile-go-deps
gcr.io/runconduit/proxy-deps
depends onCargo.lock
proxy/Dockerfile-deps
If any of these files change, we should auto-update all relevant Dockerfile's:
The text was updated successfully, but these errors were encountered: