RThe YAML isn't the cleanest, but it's not meant to be maintained by people
Jright
RMight as well. It's easier to roll it out across the board than build in the logic to exclude older images
JI met the creator of yaml in london
Jok so question
Jlet's say you fix something on akmods
Jbut some of the builders go red or we get a dud that takes a while.
Jis there a chance that the downstream bot could accidentally do it twice.
Jlike main rebuilds but then the matrix finishes like 10m later or something then would it try to rebuild all of main again?
RYou mean the merge queue builds and pushes an image, but other images fail so the merge queue is cancelled and reran?
Jok so let's say silverblue, kinoite, and base-main for three examples.
Jbot fires off, automerges
Jthey all rebuild.
Jbut say kinoite is red or something.
Jso bazzite sees silverblue updates, and also automerges and builds
Jbut it's behind on kinoite now
Jthough I guess we'll just see how it works, I am overthinking it
RNo, you're right. That could happen...
RThere's a few things we could do.
JI know we're getting rid of it, but basically with a huge matrix like hwe has
JI can see renovate PRing a downstream like 3 times given the churn or something.
Ti think we should gate it behind the merge queue
Tso it wont get automerged if it fails to build
RWe can stop the merge queue from pushing to the "production" tags (latest, stable etc), and re-tag the merge-queue builds as those prod tags in the push trigger.
So:
So:
- Merge queue builds all images, pushes to merge-queue only tags
- Push trigger re-tags merge queue tags with production tags
Jit does, it PRs and if checks fail it doesn't merge
Tso it should be fine then, right?
RThere's things we can do, but we just need to decide what behaviour we would want
JI like grouping them together
Jbut also we could keep the production tags on the daily/weekly timer right?
Jthough I guess that would negate the advantage
Jbut also :latest would legit be latest.
Jlet's see how this feels with main/akmods, that will be convenient right away
Jand aurora needs to follow just kinoite, and bluefin can follow silverblue, bazzite will be more complex
RBazzite could have separate image-versions.yaml files for each DE, and the workflows say "if image-versions.kinoite.yaml is changed, build kinoite images"
Jooooh!
RThis is the sort of thing I did for three years at my last job.
Building out solutions to these annoying problems in GitHub and AWS.
Now I teach people why they need to rotate their passwords if they are committed to GitHub, or write reports on why patching a critical server is important
(pls hire me <big tech company>)
Building out solutions to these annoying problems in GitHub and AWS.
Now I teach people why they need to rotate their passwords if they are committed to GitHub, or write reports on why patching a critical server is important
(pls hire me <big tech company>)
JI mean those 2 things happen all the time
JI think even at big tech companies, heh
TYeah at AWS we had Charlie Bell yelling at people for not rotating certs or patching servers.
TUBlue got a shoutout in the official F42 announcement!
https://fedoramagazine.org/whats-new-for-fedora-atomic-desktops-in-fedora-42/
https://fedoramagazine.org/whats-new-for-fedora-atomic-desktops-in-fedora-42/
Fedora MagazineTimothée Ravier
Description of new variants of Fedora Atomic Desktops, and new features and changes in current variants.
RPlease could anybody with access to Podman check if you're able to pull an image using both the tag and digest?
I.E.
Or does it only allow using one or the other?
I.E.
podman pull <image>:<tag>@<digest>Or does it only allow using one or the other?
TFINALLY
Tthey are finally using bootupd oh my GOD
Tdo you have an example?
Rpodman pull quay.io/fedora/fedora:42@sha256:999c32a870abe038e2694d838d0109f47838fb4f433c7f5597c59853bf0624c8works!
MCan docker do that as well?
MNo. Apparently. Digest only
RThis seems to be working now.
https://github.com/ublue-os/main/pull/792
It may turn out to be a terrible idea, or saturate the builders... If that's the case, it's an easy revert.
https://github.com/ublue-os/main/pull/792
It may turn out to be a terrible idea, or saturate the builders... If that's the case, it's an easy revert.
Tlets see!
