Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Pin dependencies of Rucio containers #315

Open
4 tasks
rdimaio opened this issue May 10, 2024 · 0 comments
Open
4 tasks

Pin dependencies of Rucio containers #315

rdimaio opened this issue May 10, 2024 · 0 comments
Labels
enhancement New feature or request

Comments

@rdimaio
Copy link
Contributor

rdimaio commented May 10, 2024
edited

Rucio containers are mostly used in a server context, so it would be a good idea to pin all dependencies and images involved. Similar to rucio/rucio#6756

Ideally we would do these steps:

  • Pin all dependencies involved
  • Enable Scorecard to ensure no unpinned dependencies are added
  • Enable integ testing on PRs for rucio/containers: Testing: Run rucio/rucio integ tests for PRs in rucio/containers #310
  • Enable Dependabot for security updates (so that pinned dependencies get updated when there's security issues) - the integ test enabled in the prior step will confirm that the containers involved still build fine. As an alternative, it might be better to allow non-security updates for development dependencies, in order to not fall behind.
@rdimaio rdimaio added the enhancement New feature or request label May 10, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@rdimaio