JThis is awesome!!!!!!
Jautomatic
Jwhenever @Carl George gets us a new image, we kick off a build.
Ti think they do that on centos-bootc :)
Tthats really nice
JLike, that build is just automated now
Jman dude if we could go cron-less across the board and just build when the stuff actually needs to be built
JHow many hours have we spent after fixing something in akmods to then babysit the build, so we can click main to rebuild, and then click the downstream images. Hours.
TYESYESDYES
Rhttps://github.com/ublue-os/main/pull/792
Starting on this
Won't be ready to merge today, but making a start
Starting on this
Won't be ready to merge today, but making a start
GitHub
Thank you for contributing to the Universal Blue project!
Please read the Contributor's Guide before submitting a pull request.
Please read the Contributor's Guide before submitting a pull request.
Jok even the old ones huh?
RThe YAML isn't the cleanest, but it's not meant to be maintained by people
Jright
RMight as well. It's easier to roll it out across the board than build in the logic to exclude older images
JI met the creator of yaml in london
Jok so question
Jlet's say you fix something on akmods
Jbut some of the builders go red or we get a dud that takes a while.
Jis there a chance that the downstream bot could accidentally do it twice.
Jlike main rebuilds but then the matrix finishes like 10m later or something then would it try to rebuild all of main again?
RYou mean the merge queue builds and pushes an image, but other images fail so the merge queue is cancelled and reran?
Jok so let's say silverblue, kinoite, and base-main for three examples.
Jbot fires off, automerges
Jthey all rebuild.
Jbut say kinoite is red or something.
Jso bazzite sees silverblue updates, and also automerges and builds
Jbut it's behind on kinoite now
Jthough I guess we'll just see how it works, I am overthinking it
RNo, you're right. That could happen...
RThere's a few things we could do.
JI know we're getting rid of it, but basically with a huge matrix like hwe has
JI can see renovate PRing a downstream like 3 times given the churn or something.
Ti think we should gate it behind the merge queue
Tso it wont get automerged if it fails to build
RWe can stop the merge queue from pushing to the "production" tags (latest, stable etc), and re-tag the merge-queue builds as those prod tags in the push trigger.
So:
So:
- Merge queue builds all images, pushes to merge-queue only tags
- Push trigger re-tags merge queue tags with production tags
Jit does, it PRs and if checks fail it doesn't merge
Tso it should be fine then, right?
RThere's things we can do, but we just need to decide what behaviour we would want
JI like grouping them together
Jbut also we could keep the production tags on the daily/weekly timer right?
Jthough I guess that would negate the advantage
Jbut also :latest would legit be latest.
Jlet's see how this feels with main/akmods, that will be convenient right away
Jand aurora needs to follow just kinoite, and bluefin can follow silverblue, bazzite will be more complex
RBazzite could have separate image-versions.yaml files for each DE, and the workflows say "if image-versions.kinoite.yaml is changed, build kinoite images"
Jooooh!
RThis is the sort of thing I did for three years at my last job.
Building out solutions to these annoying problems in GitHub and AWS.
Now I teach people why they need to rotate their passwords if they are committed to GitHub, or write reports on why patching a critical server is important
(pls hire me <big tech company>)
Building out solutions to these annoying problems in GitHub and AWS.
Now I teach people why they need to rotate their passwords if they are committed to GitHub, or write reports on why patching a critical server is important
(pls hire me <big tech company>)
JI mean those 2 things happen all the time
JI think even at big tech companies, heh
TYeah at AWS we had Charlie Bell yelling at people for not rotating certs or patching servers.