Fixing dependency versions to avoid future breaks #873
Assignees
Labels
Comments
|
/cc @neuromage As part of this, should we also restore the vendor directory in the repo for GO dependencies? |
|
@vicaire That won't be necessary. The Go dependencies are already pinned via the If I switch everything to Bazel (including the samples), this will be even better IMO :-) |
|
SG. Thanks @neuromage |
|
Most of the dependencies are version fixed. We have not seen such problems for quite some time. |
Linchin
pushed a commit
to Linchin/pipelines
that referenced
this issue
Apr 11, 2023
This was referenced Oct 14, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
We have many breaks recently, be it the components or tests, due to the dependency breaks.
The dependency: dependent software or the base image.
Dependency caused failures: when some dependent software is upgraded, it might've updated its dependency requirement. If new dependency is introduced, our component licenses need to be updated to avoid component image build failure. If the dependency A of the dependency B of our pipeline is upgraded that leads to dependency B failure, our pipeline will also fail. Cases such as these can be enumerated more.
I propose that we pay some efforts now to freeze dependency and base image versions to avoid potential future breaks. I believe this will be a more severe issue as we grow, adding more dependencies to the pipeline system.
I have recently merged two PRs and will send more:
TFDV dependency freeze: #852
Sample test base image freeze: #871
The text was updated successfully, but these errors were encountered: