docker-maven icon indicating copy to clipboard operation
docker-maven copied to clipboard

Published 20 hours ago verified publisher icon carlossg

Consider introducing a fourth coordinate in image versioning scheme

Open demaniak opened this issue 7 years ago • 4 comments

#53 highlights the potential for wide spread disaster if something is broken in an important, fundamental base image such as this.

I would humbly suggest that a fourth coordinate be introduced into the image version scheme. The idea would be to:

  • enable bug fixes and updates
  • BUT without the danger of breaking downstream users (as long as they are using specific image versions).

My current idea would be to append a -[number] to the current existing version tags. This would maintain the maven version tracking, and allow a user to specify a (then immutable) image to base their system on.

For example (image versions numbers choose randomly for illustration):

  • maven:3-jdk-8-alpine has a maven:3-10-jdk-8-alpine variant
  • maven:3.5-jdk-8-alpine has a maven:3.5-99-jdk-8-alpine variant
  • maven:3.5.2-jdk-8-alpine has a maven:3.5.2-66-jdk-8-alpine variant

For (example), maven:3-jdk-8-alpine may then be updated as needed.

maven:3-10-jdk-8-alpine may NEVER be changed. Ever. Under no circumstances. The only way it "changes" is to create a new image : maven:3-11-jdk-8-alpine.

The main problem I can think of at this point is that management of all these versions streams might become a nightmare...

demaniak avatar Nov 01 '17 19:11 demaniak

Isn't that what the SHA-Hashes are for? Like docker pull ubuntu@sha256:45b23dee08af5e43a7fea6c4cf9c25ccf269ee113168c19722f87876677c5cb2?

See: https://docs.docker.com/engine/reference/commandline/pull/#pull-an-image-by-digest-immutable-identifier

scrayos avatar Nov 01 '17 19:11 scrayos

Yes, that's what shas are for, ie. maven@sha256:c4c0f4b442d110b344f1ff759b945be03734596f76f7b164b567edabd8841594 for maven:3.5.0-jdk-8-alpine

carlossg avatar Nov 01 '17 20:11 carlossg

Isn't that what the SHA-Hashes are for? Like docker pull ubuntu@sha256:45b23dee08af5e43a7fea6c4cf9c25ccf269ee113168c19722f87876677c5cb2?

Fair point @Scrayos and @carlossg .

To date I have viewed the image hashes as "docker internals", not something really intended to push through into your Dockerfile / CI-config (or your eyeballs).

Following the argument through, why not just drop tags completely, and just use hashes instead? The answer (for me at least) is that hashes are not human friendly. at all.

I mean, the hashes are not even displayed on docker hub. You literally have to dig in with docker inspect or some such to get at the thing, and even if you have it, can you quickly tell me if 45b23dee08af5e43a7fea6c4cf9c25ccf269ee113168c19722f87876677c5cb refers to the image tag you need?

demaniak avatar Nov 01 '17 20:11 demaniak

@demaniak You could put the tag in before where you reference the sha hash.

docker pull maven:3.5.0-jdk-8-alpine@sha256:c4c0f4b442d110b344f1ff759b945be03734596f76f7b164b567edabd8841594

But it doesn't actually affect anything. Bogus tags can be used it seems.

docker pull maven:asdf@sha256:c4c0f4b442d110b344f1ff759b945be03734596f76f7b164b567edabd8841594

So it's essentially a comment.

sixcorners avatar Dec 05 '17 03:12 sixcorners