This is one of those areas that was shared understanding for a long time, and seems less "shared" now that we've grown and added new projects to the community. I intended to prepare a governance resolution *after* having some public discussion, so that we can restore that common understanding through documentation. I didn't prepare the resolution as a first step, because if the consensus is that we've changed our collective minds about whether publishing binary artifacts is a good idea then the wording of the resolution needs to reflect that.
Doug Excerpts from Davanum Srinivas (dims)'s message of 2017-05-16 09:25:56 -0400: > Steve, > > We should not always ask "if this is a ruling from the TC", the > default is that it's a discussion/exploration. If it is a "ruling", it > won't be on a ML thread. > > Thanks, > Dims > > On Tue, May 16, 2017 at 9:22 AM, Steven Dake (stdake) <std...@cisco.com> > wrote: > > Dims, > > > > The [tc] was in the subject tag, and the message was represented as > > indicating some TC directive and has had several tc members comment on the > > thread. I did nothing wrong. > > > > Regards > > -steve > > > > > > -----Original Message----- > > From: Davanum Srinivas <dava...@gmail.com> > > Reply-To: "OpenStack Development Mailing List (not for usage questions)" > > <openstack-dev@lists.openstack.org> > > Date: Tuesday, May 16, 2017 at 4:34 AM > > To: "OpenStack Development Mailing List (not for usage questions)" > > <openstack-dev@lists.openstack.org> > > Subject: Re: [openstack-dev] > > [tc][infra][release][security][stable][kolla][loci][tripleo][docker][kubernetes] > > do we want to be publishing binary container images? > > > > Why drag TC into this discussion Steven? If the TC has something to > > say, it will be in the form of a resolution with topic "formal-vote". > > So please Stop! > > > > Thanks, > > Dims > > > > On Tue, May 16, 2017 at 12:22 AM, Steven Dake (stdake) > > <std...@cisco.com> wrote: > > > Flavio, > > > > > > Forgive the top post – outlook ftw. > > > > > > I understand the concerns raised in this thread. It is unclear if > > this thread is the feeling of two TC members or enough TC members care > > deeply about this issue to permanently limit OpenStack big tent projects’ > > ability to generate container images in various external artifact storage > > systems. The point of discussion I see effectively raised in this thread > > is “OpenStack infra will not push images to dockerhub”. > > > > > > I’d like clarification if this is a ruling from the TC, or simply an > > exploratory discussion. > > > > > > If it is exploratory, it is prudent that OpenStack projects not be > > blocked by debate on this issue until the TC has made such ruling as to > > banning the creation of container images via OpenStack infrastructure. > > > > > > Regards > > > -steve > > > > > > -----Original Message----- > > > From: Flavio Percoco <fla...@redhat.com> > > > Reply-To: "OpenStack Development Mailing List (not for usage > > questions)" <openstack-dev@lists.openstack.org> > > > Date: Monday, May 15, 2017 at 7:00 PM > > > To: "OpenStack Development Mailing List (not for usage questions)" > > <openstack-dev@lists.openstack.org> > > > Subject: Re: [openstack-dev] > > [tc][infra][release][security][stable][kolla][loci][tripleo][docker][kubernetes] > > do we want to be publishing binary container images? > > > > > > On 15/05/17 12:32 -0700, Michał Jastrzębski wrote: > > > >On 15 May 2017 at 12:12, Doug Hellmann <d...@doughellmann.com> > > wrote: > > > > > > [huge snip] > > > > > > >>> > I'm raising the issue here to get some more input into how > > to > > > >>> > proceed. Do other people think this concern is overblown? > > Can we > > > >>> > mitigate the risk by communicating through metadata for the > > images? > > > >>> > Should we stick to publishing build instructions > > (Dockerfiles, or > > > >>> > whatever) instead of binary images? Are there other options > > I haven't > > > >>> > mentioned? > > > >>> > > > >>> Today we do publish build instructions, that's what Kolla is. > > We also > > > >>> publish built containers already, just we do it manually on > > release > > > >>> today. If we decide to block it, I assume we should stop > > doing that > > > >>> too? That will hurt users who uses this piece of Kolla, and > > I'd hate > > > >>> to hurt our users:( > > > >> > > > >> Well, that's the question. Today we have teams publishing those > > > >> images themselves, right? And the proposal is to have infra do > > it? > > > >> That change could be construed to imply that there is more of a > > > >> relationship with the images and the rest of the community > > (remember, > > > >> folks outside of the main community activities do not always > > make > > > >> the same distinctions we do about teams). So, before we go > > ahead > > > >> with that, I want to make sure that we all have a chance to > > discuss > > > >> the policy change and its implications. > > > > > > > >Infra as vm running with infra, but team to publish it can be > > Kolla > > > >team. I assume we'll be responsible to keep these images > > healthy... > > > > > > I think this is the gist of the concern and I'd like us to focus > > on it. > > > > > > As someone that used to consume these images from kolla's > > dockerhub account > > > directly, I can confirm they are useful. However, I do share > > Doug's concern and > > > the impact this may have on the community. > > > > > > From a release perspective, as Doug mentioned, we've avoided > > releasing projects > > > in any kind of built form. This was also one of the concerns I > > raised when > > > working on the proposal to support other programming languages. > > The problem of > > > releasing built images goes beyond the infrastructure > > requirements. It's the > > > message and the guarantees implied with the built product itself > > that are the > > > concern here. And I tend to agree with Doug that this might be a > > problem for us > > > as a community. Unfortunately, putting your name, Michal, as > > contact point is > > > not enough. Kolla is not the only project producing container > > images and we need > > > to be consistent in the way we release these images. > > > > > > Nothing prevents people for building their own images and > > uploading them to > > > dockerhub. Having this as part of the OpenStack's pipeline is a > > problem. > > > > > > Flavio > > > > > > P.S: note this goes against my container(ish) interests but it's a > > > community-wide problem. > > > > > > -- > > > @flaper87 > > > Flavio Percoco > > > > > > > > > > > __________________________________________________________________________ > > > OpenStack Development Mailing List (not for usage questions) > > > Unsubscribe: > > openstack-dev-requ...@lists.openstack.org?subject:unsubscribe > > > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev > > > > > > > > -- > > Davanum Srinivas :: https://twitter.com/dims > > > > > > __________________________________________________________________________ > > OpenStack Development Mailing List (not for usage questions) > > Unsubscribe: > > openstack-dev-requ...@lists.openstack.org?subject:unsubscribe > > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev > > > > > > __________________________________________________________________________ > > OpenStack Development Mailing List (not for usage questions) > > Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe > > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev > __________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
