Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[TODO]: CI - Support builds that can opt-out of cache #3740

Open
polarathene opened this issue Jan 2, 2024 · 1 comment
Open

[TODO]: CI - Support builds that can opt-out of cache #3740

polarathene opened this issue Jan 2, 2024 · 1 comment
Labels
area/ci kind/bug/report A report about a bug meta/help wanted The OP requests help from others - chime in! :D priority/medium stale-bot/ignore Indicates that this issue / PR shall not be closed by our stale-checking CI

Comments

@polarathene
Copy link
Member

polarathene commented Jan 2, 2024
edited

Description

  • We should add a new input for the manual dispatch of the image build workflow that allows skipping the actions/cache step.
  • Additionally, the scheduled workflow should perform those builds without cache. Then the edge updates it publishes would receive any package updates like security fixes too.
  • Since PR caches won't be usable by the master branch cache, we may also want to consider always building without cache for the publish workflow too.
    • That way concerns like described below wouldn't slip through a PR, but regress on publishing :edge / tagged releases.
    • The concern is rare, dependent upon the base image / package install technically. We could potentially resolve it via:
      • Context or conditional (seems fragile, easy to forget).
      • Targeting a specific stage of the Dockerfile (not too helpful in this case as it's the first stage).

This change is motivated by a recent PR that updated the Postfix main.cf with a new parameter for preventing a recently announced vulnerability.

We currently have to purge the actions cache to update the Postfix package, as builds would use the last compatible cache - which can cache every layer in the Dockerfile up until our new config change (that required a new patch release update).
@polarathene polarathene added the meta/help wanted The OP requests help from others - chime in! :D label Jan 2, 2024
@polarathene polarathene mentioned this issue Jan 2, 2024
Merged
8 tasks
@polarathene polarathene added area/ci kind/bug/report A report about a bug labels Jan 2, 2024
@georglauterbach
Copy link
Member

Yes, this is actually important. I'll add a label.

@github-actions github-actions bot added the meta/stale This issue / PR has become stale and will be closed if there is no further activity label Jan 25, 2024
@docker-mailserver docker-mailserver deleted a comment from github-actions bot Jan 25, 2024
@polarathene polarathene added stale-bot/ignore Indicates that this issue / PR shall not be closed by our stale-checking CI and removed meta/stale This issue / PR has become stale and will be closed if there is no further activity labels Jan 25, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/ci kind/bug/report A report about a bug meta/help wanted The OP requests help from others - chime in! :D priority/medium stale-bot/ignore Indicates that this issue / PR shall not be closed by our stale-checking CI
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@polarathene @georglauterbach