incubator-general mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Chris Lambertus <...@apache.org>
Subject Re: Tying Dockerhub into development and release management
Date Fri, 08 Feb 2019 02:30:43 GMT


> On Feb 7, 2019, at 5:53 PM, Justin Mclean <justin@classsoftware.com> wrote:
> 
> Hi,
> 
>> Infra manages the u/apache dockerhub org. We provide this service with the express
caveat that projects note that these are UNOFFICIAL releases, and CONVENIENCE BINARIES ONLY.
> 
> By that I assume you mean only connivance binaries only created from an official approved/voted
on ASF releases. Does that also suggest that release candidates, snapshot and nightlys (even
if tagged and/or clearly described) would not be allowed there

Infra has little control over what the project publishes. We expect their good will and knowledge
of the Apache Release Policy will guide them. As these releases are UNOFFICIAL, they could
have dockerhub packages built for any branch or tag on their repo. This is a social construct,
not a technical one, but that of course means absolutely nothing to the end user consumer
of these packages. 

Infra does not police what projects deploy on their dockerhub repos. Do we need to?

Most projects historically have played by the rules. This touches a bit on what it really
means to be an Apache Project. My thought here is that the Incubator needs to be a bit more
circumspect with regards to onboarding projects before they fully understand the Apache Way.
We’ve seen this play out with a significant percentage of projects over the last few years.
I don’t know what the solution here is, but the gap between “old school” projects that
fall into the Apache Way fairly easily, and the “new school” github-based projects that
fly fast and loose seems to be growing by the day.

> If so doesn’t that just encourage podlings to go make their own https://hub.docker.com/r/apache<project>/<project>
and put them there? And if they do what do we do about it? If a TLP project or podling is
found to be using u/apache and placing unapproved releases there what should be done? (Would
you like to be informed for starters?)	

I don’t see how this “encourages” any action one way or the other. Many new podlings
find the restrictions imposed by joining the ASF to be extremely detrimental to their community,
and are often very surprised to find that things that “used to work” on github are now
verboten due to our legal policies.


>> Until that juxtaposition is well and truly addressed, these discussions will continue
to happen ad nauseam.
> 
> Well that is problematic.

I agree. This is a topic that comes up frequently, but has yet to be really addressed as far
as I know.

> Thanks,
> Justin

-Chris
ASF Infra


---------------------------------------------------------------------
To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
For additional commands, e-mail: general-help@incubator.apache.org


Mime
View raw message