bootc-image-builder icon indicating copy to clipboard operation
bootc-image-builder copied to clipboard

Published 20 hours ago verified publisher icon osbuild

Tagged releases / multiple releases

Open cdrage opened this issue 1 year ago • 13 comments

We should have tagged releases every X amount of weeks.

We thought we hit a bug and wanted to roll back to a previous release of the image builder, but found that there are no tagged releases / releases on github.

cdrage avatar Jan 11 '24 16:01 cdrage

Related to the discussion #60

lmilbaum avatar Jan 11 '24 16:01 lmilbaum

@ondrejbudai @ochosi As we get closer to an initial 1.0.0 release for https://github.com/containers/podman-desktop-extension-bootc we'll need a release of bootc-image-builder as unfortunately it's difficult to keep track / make sure that quay.io versions of the image are reliably always there.

Are we able to do an initial tagged release of bootc-image-builder container as well as subsequent releases as new features are added?

cdrage avatar Mar 13 '24 12:03 cdrage

Do I understand it correctly that the plugin will have a pinned version of bootc-image-builder when distributed to users? That means that such a version of bib needs to be available basically forever, right? (We currently keep only latest AFAIK)

ondrejbudai avatar Mar 13 '24 17:03 ondrejbudai

Do I understand it correctly that the plugin will have a pinned version of bootc-image-builder when distributed to users? That means that such a version of bib needs to be available basically forever, right? (We currently keep only latest AFAIK)

yes that's right, if we were to release a 1.0.0 release of the extension, it should be pulling from a released version of bootc-image-builder as well, or else it would always pull from latest / whatever image, and reliability could differ between versions.

cdrage avatar Mar 13 '24 17:03 cdrage

Do we really need this or would this be more of keep backwards capabilities. I would figure podman desktop would want fixes that happen to BIB without putting the issue on BIB to continually back port fixes to older versions. Older versions also means supporting the OS that BIB is based on. So if the OS has a CVE then all older BIBs will need to be back ported. This is not a supported product and we should not be putting these kinds of constraints in place. Now if it becomes a supported product, then we would have some kind of time of support.

rhatdan avatar Mar 15 '24 23:03 rhatdan

I would really recommend against this. 'Every PR build is the latest stable release and we'll never have any regressions nor break any existing behaviour' is an extremely high bar that will likely make it hard to evolve, and creates an unnecessarily large number of releases in the field.

We're not asking for back porting, just something more stable than 'latest'. e.g. it's usually a good practise to tag releases and never change those tags, but many teams use another tag like '1.0' that's just moved to the latest 1.0-ifix, 1.1, etc.

deboer-tim avatar Mar 16 '24 14:03 deboer-tim

That is fine, as long as this is understood that there are no back ports and that older images will get stinky IE Could fail image scans because of CVEs from older images.

rhatdan avatar Mar 17 '24 12:03 rhatdan

So today, the Konflux pipeline (as you have discovered, as have I) apparently defaults to doing "tags" of a form (I think they're unix timestamps?). But yes, it clearly makes sense to me to make releases (and generate container images corresponding to those).

It seems like someone who is an admin on this repo could just create a first 0.1.0 release via GH, just to start a ball rolling of a form. We can figure out syncing containers from those releases after. And yes we are not committing to any security updates or even support for those images. Perhaps we could use quay's "expire after" to automatically have them go away after say a year; I think Konflux supports that, but it can be done directly too.

cgwalters avatar Mar 28 '24 15:03 cgwalters

I'm aware of github actions which can perform an auto-release. Maybe that could be of help.

lmilbaum avatar Apr 04 '24 10:04 lmilbaum

To be clear, we weren't asking for releases on GitHub - just to do the equivalent of podman tag on the released container images in quay so that it's clear which is the latest "1.x" release stream image vs other e.g. latest/PR/nightly/v2 images.

But FWIW, this is the action we use to mark releases in Github:

      - name: Create Release
        id: create_release
        uses: ncipollo/release-action@v1
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          tag: ${{ steps.TAG_UTIL.outputs.githubTag }}
          name: ${{ steps.TAG_UTIL.outputs.githubTag }}
          draft: false
          prerelease: false

deboer-tim avatar Apr 04 '24 11:04 deboer-tim

Thank you for the clarification. The release process is handled by Konflux. Tagging is done by configuring a Release resource.

lmilbaum avatar Apr 24 '24 18:04 lmilbaum

This issue is stale because it had no activity for the past 365 days. Remove the "Stale" label or add a comment, otherwise this issue will be closed in 30 days.

github-actions[bot] avatar May 14 '25 04:05 github-actions[bot]

Still relevant

cdrage avatar May 14 '25 10:05 cdrage