Add git sha tags for net10.0 images #1375
Conversation
|
@sbomer - Do you see this as a temporary solution until we can incorporate dependency flow for image digests? I ask because the commit sha is a fairly crude way of versioning, particularly for Dockerfiles that derive from images produced by other Dockerfiles in the repo. For example, changing the content of |
|
@mthalman yes, once we have dependency flow for digests this will be less pressing. The git sha based tags might still be easier to pin manually, but I'd expect that to be less common once the tooling is in place.
That's due to dotnet/docker-tools#1455, right? To me that seems like an independent bug - even with digest-based references, the derived images would get stale. The lack of a new commit sha tag for derived images might actually help us catch cases where we intended to rebuild but didn't. |
No, dotnet/docker-tools#1455 is about triggering the build to include the derived image. Even if the build was triggered to rebuild all the images, the commit sha would be the same because the content of the derived Dockerfile hasn't been changed. So the image would be updated but the tag would be the same. |
|
Ran into this issue: dotnet/docker-tools#1493. I'm working to resolve things to get these tags published. |
We need to update the LLVM version used in our build images. As discussed in #1371, we would like a long-term solution where dotnet/runtime references images by sha, and they get updated via dependency flow PRs. In the meantime, we can temporarily pin dotnet/runtime images to a specific version to avoid build instability while we roll out new images for #1369.
This change adds back git sha based tags to make it easier to manually pin the images (not to a specific build, but to a specific sha - should be good enough for our purposes).