apk-autoupdate icon indicating copy to clipboard operation
apk-autoupdate copied to clipboard

Published 20 hours ago verified publisher icon jirutka

Ready for Prime Time?

Open zacksiri opened this issue 6 years ago • 5 comments

I've been hosting all my stuff on Alpine and was wondering if something like this existed.

After some googling I found this, and it made me super happy. Do you think this is ready for prime time? I'm also happy to start testing the package. How can I help?

zacksiri avatar May 18 '18 08:05 zacksiri

I don’t consider it ready yet.

  • packages_blacklistis currently hack-ish and a bit flawed (see [apk-autoupdate.in:75-98](https://github.com/jirutka/apk-autoupdate/blob/7ec9519818a122fabc2f629a796f6ec7a35a17b1/src/apk-autoupdate.in#L75-L98)). I’m waiting for support ofapk upgrade --exclude` in apk-tools (issue #8792).
  • Parameters services_blacklist and services_whitelist are currently quite confusing, I need to redesign them somehow.

Except these two issues it should be solid.

jirutka avatar Jun 20 '18 00:06 jirutka

I'm abit unsure about the necessity of services_blacklist and services_whitelist I think apk-tools already handles something like this in the post-upgrade script.

If the services should be restarted post-upgrade they should be encouraged to use that hook no? And if it's a sensitive service that need to stay up then, well, they don't need to included the post-upgrade script or write a script that allow the service to be restarted without interruption (like hot code reloading)

seems like it should not be the responsibility of apk-autoupdate but the responsibility of the packages themselves.

zacksiri avatar Jun 21 '18 07:06 zacksiri

Ahoj Kubo! As this topic is few years old, how you see status now? There is apk upgrade --ignore if it changes anything. You probably run apk-autoupdate in production, how do you feel about having updates automated generally?

ernierasta avatar Jan 13 '22 08:01 ernierasta

I know it's been years @zacksiri, but I had the same thought processing at first, but ...

No, it is not the responsibility of the package to restart its installed service, because it doesn't know about openrc. apk-autoupdate most likely calls rc-service $SERVICENAME restart.

Unlike Debian, Alpine doesn't offer a security-upgrade repository. So, apk-autoupdate can never mimic unattended-upgrades, for instance to only install security patches. However, while Debian has only major version branches, Alpine has many minor version branches that will allow you to stay on recent versions with security patches only.

apk-autoupdate should be sufficient if you stay on a "sec fixes" support level branch.

martin-braun avatar Mar 05 '23 03:03 martin-braun