New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
run scheduled builds every week #676
base: main
Are you sure you want to change the base?
Conversation
e399cea
to
8720c4f
Compare
Hello @ansnoussi, Thanks for your PR! AFAIK, it overrides the latest versions? Wouldn't it better to create a new minor release instead? |
Hello @gulien , first of all thank you for this awesome project. Following Semantic versioning, a minor release is It's quite common for docker images to be built on schedule without bumping the version, In fact it's even better to re-build all the previous (supported) versions on regular basis. |
Sorry, I meant a PATCH release 😬 I understand why it would make sense in some projects, but Gotenberg relies heavily on its dependencies. That’s why I tend to consider that the dependencies in the Docker image are part of the semantic versioning. |
I understand your point. And ultimately, there could be a system with :
I made the change so there is a someway to keep getting security updates without using the PS: I do know that Gotenberg should not be public-facing, but this keeps triggering automated security alerts, which I believe should be the case for other users too. |
a929b9b
to
dfa116d
Compare
Thanks @ansnoussi and sorry for the delay. I’m still not convinced of the actual implementation. When a bug comes, it’s often great to know the exact version that is affected. If we auto-update IMO, I do think having a dedicated patch release is a better option in our context. |
@gulien I do understand your hesitation, but I think the issue you are talking about can be fixed in 2 ways :
From my POV, having regular updates is mandatory to fix security findings, but releasing a patch version with each re-build of the image is not perfect :
I think to help you make a decision, you can take a look at other OS projects with nightly docker image updates :
|
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. |
Context :
What's added in this PR :
Run scheduled weekly builds to the keep the latest image always up to date (Use the latest release tag for build).