[
https://issues.apache.org/jira/browse/SOLR-15129?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17283393#comment-17283393
]
Houston Putman edited comment on SOLR-15129 at 2/11/21, 9:43 PM:
-----------------------------------------------------------------
[~dsmiley], that's what the _/elasticsearch image looks like. It's a hardcoded
sha reference of the image built within elastic.
{{FROM
docker.elastic.co/elasticsearch/elasticsearch:7.10.1@sha256:5d8f1962907ef60746a8cf61c8a7f2b8755510ee36bdee0f65417f90a38a0139}}
We could certainly make that a part of the ReleaseWizard. It would stop us from
doing incremental updates however for base images. I don't think that's a
sticking point though.
As per Hoss' comments above about the git repository being hosted on apache
hardware, and the binary release being hosted on mirrors, couldn't we use
https://downloads.apache.org/lucene/solr/8.8.0/solr-8.8.0.tgz? That's hosted on
apache hardware. I don't see a large difference in the security provided by the
git repo vs the security provided by the tgz on apache hardware.
I can summarize our master plan and include the options we are looking at
(github and binary release).
was (Author: houston):
[~dsmiley], that's what the _/elasticsearch image looks like. It's a hardcoded
sha reference of the image built within elastic.
{{FROM
docker.elastic.co/elasticsearch/elasticsearch:7.10.1@sha256:5d8f1962907ef60746a8cf61c8a7f2b8755510ee36bdee0f65417f90a38a0139}}
We could certainly make that a part of the ReleaseWizard. It would stop us from
doing incremental updates however for base images. I don't think that's a
sticking point though.
As per Hoss' comments above about the git repository being hosted on apache
hardware, and the binary release being hosted on mirrors, couldn't we use
https://downloads.apache.org/lucene/solr/8.8.0/solr-8.8.0.tgz? That's hosted on
apache hardware. I don't see a large difference in the security provided by the
git repo vs the security provided by the tgz on apache hardware.
I can summarize our master plan and have it be independent of which input we
use (github or binary release), since I doubt that will make a difference in
whether they accept it or not.
> Use the Solr TGZ artifact as Docker context
> -------------------------------------------
>
> Key: SOLR-15129
> URL: https://issues.apache.org/jira/browse/SOLR-15129
> Project: Solr
> Issue Type: Sub-task
> Security Level: Public(Default Security Level. Issues are Public)
> Affects Versions: master (9.0)
> Reporter: Houston Putman
> Priority: Major
>
> As discussed in SOLR-15127, there is a need for a unified Dockerfile that
> allows for release and local builds.
> This ticket is an attempt to achieve this by using the Solr distribution TGZ
> as the docker context to build from.
> Therefore release images would be completely reproducible by running:
> {{docker build -f solr-9.0.0/Dockerfile
> https://www.apache.org/dyn/closer.lua/lucene/solr/9.0.0/solr-9.0.0.tgz}}
> The changes to the Solr distribution would include adding a Dockerfile at
> {{solr-<version>/Dockerfile}}, adding the docker scripts under
> {{solr-<version>/docker}}, and adding a version file at
> {{solr-<version>/VERSION.txt}}.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@lucene.apache.org
For additional commands, e-mail: issues-h...@lucene.apache.org
