arion icon indicating copy to clipboard operation
arion copied to clipboard

Published 20 hours ago verified publisher icon hercules-ci

Enhancement idea: lockfile

Open lunik1 opened this issue 2 years ago • 2 comments

Currently, one advantage of using NixOS containers over DockerHub (or other image repository) is that NixOS containers can be more easily rolled back to a previous state (especially when using flakes). When pulling a from latest container tag, it becomes more difficult to trace what versions of images have been used and recreate the previous state of a project. Of course, you can pin to specific image versions, but this is less ergonomic. A solution could be that arion could track the current external image versions used in a lockfile, which could be automatically updated to point to the latest versions of an image tag, and, when managed with version control, allow easy rollbacks to previously used images.

lunik1 avatar Jun 27 '22 00:06 lunik1

This could either pin with pullImage or the docker way with an image digest sha. The prior could be used as a base image, whereas the latter aligns with https://github.com/safe-waters/docker-lock, which might be usable for implementing this.

This being a Nix-centric project, I'd give preference to a pullImage based solution.

roberth avatar Jun 28 '22 12:06 roberth

This is an awesome idea! I would love to see it implemented

crabdancing avatar Jun 18 '23 22:06 crabdancing