Unfortunately, if most projects follow a similar workflow, we will be unable to sustain this given the limitations of dockerHub. We have a 200 user max, and 300+ projects.
I've not been impressed with their support either, they cannot even tell us a 'last accessed' date for the users in our Org. I realize dockerHub is the center of the docker ecosystem at this point being the primary registry. Would providing alternative registries help us in any way? I believe our jFrog artifactory instance can act as a docker registry. -Chris > On Jan 21, 2022, at 9:30 AM, Jarek Potiuk <ja...@potiuk.com> wrote: > > We are pushing DockerHub images using personal accounts in Airflow. I > believe we have three "active" users - Kaxil, Jarek, Ash, likely some more > seasoned PMC members (those can be removed), Basically everyone who is a > member of the "airflow" team in DockerHub. > But we also would like to add one or two more people as we have several > people who can assume the release manager role. > > Is there a way we can keep the workflow where several release managers > prepare (and sign) images manually and push the images there? > > I also have a comment about autobuilds - I heartily recommend not to use > them and especially not to rely on them if you rely on fast and reliable > providing images to your users. > > We used autobuilds in the past but they are terribly slow and unreliable > (we had multiple cases where the autobuilds were hanging and actually > blocking our release). Sometimes the queue was not cleared for days without > help or response from DockerHub. > > * GitHub issue with 48 comments about stuck/pending builds : > https://github.com/docker/hub-feedback/issues/1935 (last one Dec 2021) > * Builds stuck in pending: > https://forums.docker.com/t/build-stuck-in-pending-on-docker-hub/1360 > * Slow builds: > https://forums.docker.com/t/why-does-it-take-so-long-for-the-docker-hub-automated-builds-to-upload-the-built-image/1653/29 > > * Duplicated and slow builds: > https://forums.docker.com/t/in-docker-auto-build-images-building-duplicates-please-fix-this-images-building-very-long-it-was-taking-more-than-1-hour/87705/2 > * Duplicated builds (I raised this) > https://forums.docker.com/t/duplicate-builds-again/93127 > > I raised and commented and followed up about it in a number of issues > (follow the links) a number of times, None of the issues raised for ~ 1 > year (with follow-ups) got any reasonable response from DockerHub (I was > following it very closely). After those experiences I do not trust > autobuilds at all. > Autobuilds caused us major pain and long delays in providing reference > images to our users. > > This was a major problem for us therefore eventually we switched to Github > Registry for CI and we only use DockerHub to do manual pushing of the > images (we experienced pretty much no problems since). > > We only use DockerHub to push "release images" and it's part of the release > process of ours - we treat the images the same way as "source releases" - > we prepare it on the "hardware" owned by the release manager > (semi-automatically using the same scripts as are used on CI) and push them > from there (I actually plan to sign those images very soon too with private > keys). > > > J > > > On Fri, Jan 21, 2022 at 5:57 PM Chris Lambertus <c...@apache.org> wrote: > >> Hi folks, >> >> We have reached our 200 seat maximum for dockerhub users in the Apache >> organization, and Docker Hub is unable to provide any activity records for >> those users, so we do not know who to cull. >> >> Do we have any internal contacts amongst the list at DockerHub who might >> be able to assist? >> >> If not, we'll need to start removing users at more-or-less random as >> needed. >> >> Infra will be moving to a more conservative process for adding dockerhub >> users in the future. We will request that: >> >> - autobuilds be used where possible instead of manual creation >> - user access to dockerhub/teams be limited to a max of 2 per project >> - all use of dockerhub for pushing artifacts from build servers be limited >> to the Infra-provided accounts for this purpose (e.g don't use personal >> accounts to push artifacts) >> >> If your project falls into any of the above categories, please let us know >> ASAP so we can trim excess users. >> >> Thanks, >> Chris >> ASF Infra >> >> >> >>
