Hi Sijie, >From my view, the approach problem is whether we have permissions to "docker push" images into wanted place. Following the way putting images under "apache", we seems not have permission, While following the "Official <https://docs.docker.com/docker-hub/official_repos/>" way, seems neither.
Since nightly build is mainly for our development, It maybe OK to manage and maintain a dockerhub account by our community to hold the nightly one(maybe also for the release images). On Tue, Aug 15, 2017 at 8:19 AM, Sijie Guo <guosi...@gmail.com> wrote: > On Mon, Aug 14, 2017 at 3:47 AM, Jia Zhai <zhaiji...@gmail.com> wrote: > > > Thanks Sijie for raising these good topics up. > > > > Regarding 1) official image, the Flink one is similar as Zookeeper one, > > which we have discussed before. If the currently approach could not make > > bookkeeper docker image official, we should go this way. > > > > Regarding 2) nightly build, there is already an issue > > <https://github.com/apache/bookkeeper/issues/289> opened. Seems the > issue > > is where to put the nightly build images, since for both way of official > > image, there is limited access to the dockerhub, The first thought in my > > head is to place a nightly build somewhere, such as ( > > https://dist.apache.org/repos/dist/dev/bookkeeper/), and the current > > docker > > file will not changed too much, seems only some env var need change. > > > > currently we don't have any process to produce any nightly built packages. > > If we are planning to use dist/dev for hosting the nightly build, we need > to figure out how to get the credentials to do that. > Because the dist/dev is a svn repo, during a release, the release manager > uses its own credentials to commit the new packages to the svn repo. > > > > > > Regarding 3), the build failure > > <https://hub.docker.com/r/apache/bookkeeper/builds/ > > bvzft3fsnpmmj5i8jnpk3fl/> > > is caused by connection(from dockerhub to gpg key server) issue. It is > also > > one reason to come out PR420 <https://github.com/apache/ > > bookkeeper/pull/420>, > > which wanted to download local KEY to avoid gpg server connection, But we > > agree that it is not very security. > > > > I think there are a few drawbacks that I can see in current approach: > > - building the packages and building the docker images are managed by two > different systems. > - the `latest` image isn't really a tag pointing to the image of latest > release; the latest is actually building from master. any changes pushed to > master unnecessarily trigger auto build in docker hub, even the package > itself isn't changed. > "latest" is some kind of place holder, I thought to use it to point to the nightly version, seems I was mis-understanding of it. > - building a nightly package is not trivial. > > If we step back and revisit my comment in > https://github.com/apache/bookkeeper/pull/197#issuecomment-317831799, if > we > use `docker push` approach and let jenkins build and push docker images, it > seems to be much easier > to address the above issues. > > Thoughts? > > - Sijie > >
