Keep dockerfiles up to date #919
Conversation
There was a problem hiding this comment.
Thanks for this PR @janisz! I left a few comments on some directories we probably don't want to have dependabot auto-update images.
The ones that don't have comments are mostly for CI and internal tooling, so we could have them auto-updated but I don't think it is 100% needed (and might lead to some unexpected errors in our tests, or might not 🤷🏻♂️ ). @stackrox/collector-team what do you guys think? Do we want to add auto-updating CI images?
| - package-ecosystem: 'docker' | ||
| directory: collector/container/ |
There was a problem hiding this comment.
We have 2 dockerfiles here:
Dockerfile.template uses ARGs to set the image being used as base and I'm not sure dependabot will pick up on it.
Dockefile.ubi is not being used right now, so updating it would not really have any effect.
There was a problem hiding this comment.
It should dependabot/feedback#145
There was a problem hiding this comment.
That link talks about dependabot finding files with names other than Dockerfile, I'm more concerned about the actual content of the dockerfile:
collector/collector/container/Dockerfile.template
Lines 1 to 5 in 3433fd8
There was a problem hiding this comment.
I give it a test and you are right, args are not updated https://github.com/janisz/collector/pulls
There was a problem hiding this comment.
If Dockefile.ubi is not being used right now, why not deleting it?
There was a problem hiding this comment.
Sorry for the delayed response. Basically, that image was used as a mirror to the downstream release, it fell out of use because OSCI is similar enough to downstream and we didn't bother to re-implement it. But now we are considering going to GHA, so it might make sense to go back to building this image.
Results for Performance Benchmarks on build #
|
|
@Molter73 PTAL |
Description
Monitor docker images and update them with @dependabot
Refs: dependabot/feedback#145