Daily builds? #96
Comments
|
kindof agree to this; only benefit now is up-to-date curl/jq off alpine 3.13.5 repo; similar question here #57 |
|
The alpine jq package hasn't been updated since January 2020 https://pkgs.alpinelinux.org/packages?name=jq&branch=v3.13&repo=&arch=&maintainer= and jq itself hasn't seen an update since 2018, so I wouldn't see that as a benefit.
Regular and automated updates are a necessity in bigger infrastructures, so not using them because of possible bad updates is kind of more irresponsible than keeping possibly exploitable applications in your infrastructure because you need to manually update every time which costs time and resources on your end. Having backups and using snapshots is integral for rolling back bad updates, because manually upgrading won't ever save you from a "bad update". So having a proper workflow that actually updates packages (or docker images in this case) on a regular basis but only when necessary is definitely a better practice than just doing nightlies, especially when these nightlies run under the |
|
I agree. Would it be possible to move current latest build to nightly or edge? |
My watchtower constantly updates autoheal because of the daily builds, which is kind of bothersome since I always get notifications for that.
Now I saw that the Dockerfile uses
alpine:3.13.5hardcoded, so I don't really get why it is built daily when it is always the same EOL alpine image.I think it would make more sense to either use
alpine:latestand just build if alpine:latest is updated or just disable daily builds as they don't bring any benefits in the current state.I wrote a workflow for keepalived that checks if the keepalived package in the alpine repo has updates https://github.com/shawly/docker-keepalived/blob/main/.github/workflows/update-keepalivd-version.yml, you could use this as a starting point for building a workflow that only builds when packages or the main image get updated.
The text was updated successfully, but these errors were encountered: