docker image security updates

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Because the Docker registry works by accumulating everything checked in
ever, I think we probably _don't_ want to build and push new base images
(even as part of the periodic updates proposal).

Instead, I suggest that we produce one base image in koji at release time,
and have rel-eng push that, and then use Docker's "trusted builds" process
to produce updated layers.

Does this make sense?


-- 
Matthew Miller    --   Fedora Project    --    <mattdm@xxxxxxxxxxxxxxxxx>
                                  "Tepid change for the somewhat better!"
_______________________________________________
cloud mailing list
cloud@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/cloud
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
[Index of Archives]     [Fedora General Discussion]     [Older Fedora Users Archive]     [Fedora Advisory Board]     [Fedora Security]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [ATA RAID]     [Fedora Marketing]     [Fedora Mentors]     [Fedora Package Announce]     [Fedora Package Review]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Coolkey]     [Yum Users]     [Big List of Linux Books]     [Yosemite News]     [Linux Apps]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]

  Powered by Linux