cartography icon indicating copy to clipboard operation
cartography copied to clipboard
verified publisher icon lyft

[Bug] RC Docker images are incorrectly tagged as latest

Open jychp opened this issue 4 months ago • 2 comments

Description

  • Docker images built for release candidates (e.g., v0.x.y-rc.1) are being tagged as latest on publication.
  • Python packages for the same versions are correctly marked as pre-releases, but Docker consumers pulling latest receive an unstable RC image.

Impact:

  • docker pull ghcr.io/cartography-cncf/cartography:latest may return an RC build.

  • Automation tools (e.g., Dependabot/Renovate) that watch container tags may treat the RC as the newest release, triggering updates downstream.

Expected behavior:

latest must point only to the most recent stable release (no pre-release identifiers).

Steps to Reproduce

  1. Push a tag like v0.110.0-rc.1.

  2. CI publishes container images and applies tags.

  3. Pull latest: docker pull ghcr.io/cartography-cncf/cartography:latest

  4. Observe that latest resolves to the RC digest instead of the last stable release.

jychp avatar Aug 21 '25 07:08 jychp

Hi, I noticed this issue and was wondering if anyone is currently working on it. If not, can I take this up?

Roniscend avatar Aug 21 '25 08:08 Roniscend

Already working on it as part of a larger refactoring.

jychp avatar Aug 21 '25 08:08 jychp