Commit c1e91323 authored by Emanuele Aina's avatar Emanuele Aina

long-term-reproducibility: List recommendations for product team

Provide more explicit and actionable guidelines for product teams.
Signed-off-by: Emanuele Aina's avatarEmanuele Aina <emanuele.aina@collabora.com>
parent cd49c23a
......@@ -248,6 +248,37 @@ the recipe commit hash and the Docker image hash can be identified, however in
the [](#implementation-plan) section a few improvements are described to make
that information easier to retrieve and use.
# Recommendations for product teams
Builds for production should:
1. pick a specific stable channel (for instance, `v2020`)
1. version control the build pipelines using branches specific
to a stable channel
1. in the build pipeline, use the latest Docker image for that specific
channel, for instance `v2020-image-builder` or a product-specific
downstream image based on that
1. use the main OBS projects for the release channel, for instance
`apertis:v2020:target`, with the security fixes from
`apertis:v2020:security:target` layered on top
1. store the product-specific packages in OBS projects targeting a specific
release channel, layered on top of the projects mentioned in the
previous point
1. use the matching APT archives during the image build process
1. deploy fixes from the stable channels as often as possible
Development builds are encouraged to also use the contents from the
non-security updates (for instance, `apertis:v2020:updates:target`) to get a
preview of non time-critical updates that will folded in the main archive
on a quarterly basis.
The assumption is that products will use custom build pipelines tailored
to the specific hardware and software needs of the product. However, product
teams are strongly encouraged to reuse as much as possible from the reference
Apertis build pipelines using the GitLab CI and Debos include mechanisms,
and to follow the same best-practices about metadata tracking and build
reproducibility described in this document.
# Implementation plan
## Snapshot the package archive
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment