Upgraded dnsmasq to 2.82-r0 #24
Conversation
|
sure, do you know if this version of dnsmasq is fully backward compatible?
…On Thu, 20 Aug 2020 at 18:16, Ivan Kurnosov ***@***.***> wrote:
The last image was built 2 years ago, can we please get a newer alpine and
the current dnsmasq please?
------------------------------
You can view, comment on, or merge this pull request online at:
#24
Commit Summary
- Upgraded dnsmasq to 2.82-r0
File Changes
- *M* Dockerfile
<https://github.com/jpillora/docker-dnsmasq/pull/24/files#diff-3254677a7917c6c01f55212f86c57fbf>
(5)
Patch Links:
- https://github.com/jpillora/docker-dnsmasq/pull/24.patch
- https://github.com/jpillora/docker-dnsmasq/pull/24.diff
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#24>, or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAE2X45UZX64I2R233DZKVLSBTLU3ANCNFSM4QFY57DQ>
.
|
|
It would be hard to guarantee, but from the changelog it looks there were no breaking changes: http://www.thekelleys.org.uk/dnsmasq/CHANGELOG |
|
Because this image has millions of downloads, and unfortunately, only 1
latest tag. It would definitely break some people’s deployments if it did...
…On Fri, 21 Aug 2020 at 7:59 am Ivan Kurnosov ***@***.***> wrote:
It would be hard to guarantee, but from the changelog it looks there were
no breaking changes: http://www.thekelleys.org.uk/dnsmasq/CHANGELOG
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#24 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAE2X447GVD6KQZ7CDYW3ALSBWME3ANCNFSM4QFY57DQ>
.
|
|
When somebody makes a decision to use a non-immutable tag - they need to weight the potential risks. |
Users should know better than to rely on Looking for a dnsmasq image myself, and while this was one of the first results listed in the DockerHub search, I was not sure if the 2 years since the last update justified it as a good choice (dnsmasq releases are infrequent, but keeping the alpine image updated is nice to have). I figured it was still worth checking the project activity on github, so nice to see this discussion! A similar image would be andyshinn/dnsmasq, last updated 4 days ago, which is slightly different(no Web UI) but quite popular too. Maybe consider updating this image every 6 months too with the latest alpine? EDIT: Oh... just noticed you're using |
There was a problem hiding this comment.
The changes here aren't providing any real benefit towards the intended goal of updating dnsmasq. Unless you need 2.82 before Alpine 3.13 is released, I'd advise changing the base image to Alpine 3.12 and using dnsmasq 2.81 for now.
This Dockerfile is not reliable and likely to break for future builds.
| # webproc release settings | ||
| ENV WEBPROC_VERSION 0.2.2 | ||
| ENV WEBPROC_URL https://github.com/jpillora/webproc/releases/download/$WEBPROC_VERSION/webproc_linux_amd64.gz | ||
| # fetch dnsmasq and webproc binary | ||
| RUN apk update \ | ||
| && apk --no-cache add dnsmasq \ | ||
| && apk --no-cache add dnsmasq=$DNSMASQ_VERSION \ |
There was a problem hiding this comment.
For the same reasons that I don't advise edge builds beyond local use/testing, I would advise against version pinning, especially on edge repo. See official docs warning:
It is important to understand your package repo's version retention rules.
For example, most Alpine package repos contain an "edge" branch, which may drop package versions that are not deemed fit to make it into a stable branch.
This means that pinning to a version on the edge branch may stop working after the package version is revoked from the repo.
Always pin to a package version that is intended for your current Alpine Linux version.
Thus, this will likely break in future should anyone try to build this Dockerfile after releasing to Dockerhub. Which has tags that don't match dnsmasq releases either mind you.
| @@ -1,11 +1,14 @@ | |||
| FROM alpine:edge | |||
| LABEL maintainer="[email protected]" | |||
|
|
|||
| ENV DNSMASQ_VERSION 2.82-r0 | |||
There was a problem hiding this comment.
You're using the package manager, you shouldn't need to do this. If you build this Dockerfile again, edge has been updated since the DockerHub build from 2 years ago, this will automatically use the newer package version, which is exactly what you've specified here.
You can either just trigger a new build of the Dockerfile without this PR and have a new release on DockerHub pushed, or build to the current Alpine stable 3.12 release in May, which provides dnsmasq 2.81, 2.82 will become available near the end of the year with Alpine 3.13.
There was a problem hiding this comment.
"Fix crash under heavy TCP connection load introduced in 2.81.
Thanks to Frank for good work chasing this down." dnsmasq CHANGELOG
If I'm going to bump dnsmasq, I'd rather just go with 2.82
There was a problem hiding this comment.
It's your image, if you want to continue building your Dockerfile on alpine:edge go for it. Your image isn't all that complicated, nor will it be updating that frequently, so the risk of such is fairly minimal.
|
So based on the comments above. The plan is to tag the current My main priority is not breaking the build of existing users, though it appears the changes to dnsmasq are backwards compatible. |
You can't bump Since you want to go with dnsmasq 2.82, continue to use |
|
Yes the tag is rolling though this image has not been rebuilt in quite some
time. So yes, I would be bumping “up” with pretty much any alpine version I
chose.
Since you want to go with dnsmasq 2.82, continue to use alpine:edge and
switch to alpine:3.13 next year.
The reason it’s using edge in the first place was to use 2.78. However, I’m
no alpine expert - I just after a small image. So if there’s good reason
not to use edge, I’m all ears. If not, I think edge until next year is the
way to go 👍
…On Fri, 21 Aug 2020 at 9:53 pm Brennan Kinney ***@***.***> wrote:
Bump alpine up, and lock to an explicit version
You can't bump alpine:edge up, it's rolling. The current release is 3.12,
but that will restrict you to dnsmasq 2.81.
Since you want to go with dnsmasq 2.82, continue to use alpine:edge and
switch to alpine:3.13 next year.
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#24 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAE2X44K52WD5DZIRY3BK53SBZN4JANCNFSM4QFY57DQ>
.
|
It is the same reason you would not use The same applies with It was more a complicated Dockerfile, so fixing that was more work. Yours is very simple, so the risk is low. It would only matter if someone tried to build it in a year or so and thought they would get the same dnsmasq version as the DockerHub tagged version provided, which they can no longer do if they wanted to troubleshoot something. I don't think you'll experience that problem. Just document on DockerHub/README what your tagged version uses for dnsmasq and webproc, that's basically all there is that matters in this image.
Agreed. |
The last image was built 2 years ago, can we please get a newer alpine and the current dnsmasq please?