.gitlab-ci.d/container-template.yml | 4 ++-- .gitlab-ci.d/opensbi.yml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-)
The 'stable' and 'stable-dind' tags are not documented as supported
tags at:
https://hub.docker.com/_/docker
Looking at their content they reflect docker 19.x.x release series,
were last built in Dec 2020, and have 3 critical and 20 high rated
CVEs unfixed. This obsolete status is attested by this commit:
https://github.com/docker-library/docker/commit/606c63960a4845af7077721eb3900c706f5d0c5e
The 'stable-dind' tag in particular appears buggy as it is unable to
resolve DNS for Fedora repos:
- Curl error (6): Couldn't resolve host name for https://mirrors.fedoraproject.org/metalink?repo=fedora-37&arch=x86_64&countme=1 [getaddrinfo() thread failed to start]
We used the 'stable' tag previously at the recommendation of GitLab
docs, but those docs are wrong and pending a fix:
https://gitlab.com/gitlab-org/gitlab/-/issues/409430
Fixes: 5f63a67adb58478974b91f5e5c2b1222b5c7f2cc
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
.gitlab-ci.d/container-template.yml | 4 ++--
.gitlab-ci.d/opensbi.yml | 4 ++--
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/.gitlab-ci.d/container-template.yml b/.gitlab-ci.d/container-template.yml
index 9ac4a0ee25..8c1370b8f0 100644
--- a/.gitlab-ci.d/container-template.yml
+++ b/.gitlab-ci.d/container-template.yml
@@ -1,9 +1,9 @@
.container_job_template:
extends: .base_job_template
- image: docker:stable
+ image: docker:latest
stage: containers
services:
- - docker:stable-dind
+ - docker:dind
before_script:
- export TAG="$CI_REGISTRY_IMAGE/qemu/$NAME:latest"
- export COMMON_TAG="$CI_REGISTRY/qemu-project/qemu/qemu/$NAME:latest"
diff --git a/.gitlab-ci.d/opensbi.yml b/.gitlab-ci.d/opensbi.yml
index 2e9d51764e..b4d7eef688 100644
--- a/.gitlab-ci.d/opensbi.yml
+++ b/.gitlab-ci.d/opensbi.yml
@@ -42,9 +42,9 @@
docker-opensbi:
extends: .opensbi_job_rules
stage: containers
- image: docker:stable
+ image: docker:latest
services:
- - docker:stable-dind
+ - docker:dind
variables:
GIT_DEPTH: 3
IMAGE_TAG: $CI_REGISTRY_IMAGE:opensbi-cross-build
--
2.40.1
On 5/31/23 07:06, Daniel P. Berrangé wrote: > The 'stable' and 'stable-dind' tags are not documented as supported > tags at: > > https://hub.docker.com/_/docker > > Looking at their content they reflect docker 19.x.x release series, > were last built in Dec 2020, and have 3 critical and 20 high rated > CVEs unfixed. This obsolete status is attested by this commit: > > https://github.com/docker-library/docker/commit/606c63960a4845af7077721eb3900c706f5d0c5e > > The 'stable-dind' tag in particular appears buggy as it is unable to > resolve DNS for Fedora repos: > > - Curl error (6): Couldn't resolve host name for https://mirrors.fedoraproject.org/metalink?repo=fedora-37&arch=x86_64&countme=1 [getaddrinfo() thread failed to start] > > We used the 'stable' tag previously at the recommendation of GitLab > docs, but those docs are wrong and pending a fix: > > https://gitlab.com/gitlab-org/gitlab/-/issues/409430 > > Fixes: 5f63a67adb58478974b91f5e5c2b1222b5c7f2cc > Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Excellent. Applied to master directly, and it fixed all of our container issues. We're now only a few regressions shy of green! https://gitlab.com/qemu-project/qemu/-/pipelines/885058571 r~
On Wed, May 31, 2023 at 3:07 PM Daniel P. Berrangé <berrange@redhat.com> wrote: > > The 'stable' and 'stable-dind' tags are not documented as supported > tags at: > > https://hub.docker.com/_/docker > > Looking at their content they reflect docker 19.x.x release series, > were last built in Dec 2020, and have 3 critical and 20 high rated > CVEs unfixed. This obsolete status is attested by this commit: > > https://github.com/docker-library/docker/commit/606c63960a4845af7077721eb3900c706f5d0c5e > > The 'stable-dind' tag in particular appears buggy as it is unable to > resolve DNS for Fedora repos: > > - Curl error (6): Couldn't resolve host name for https://mirrors.fedoraproject.org/metalink?repo=fedora-37&arch=x86_64&countme=1 [getaddrinfo() thread failed to start] > > We used the 'stable' tag previously at the recommendation of GitLab > docs, but those docs are wrong and pending a fix: > > https://gitlab.com/gitlab-org/gitlab/-/issues/409430 > > Fixes: 5f63a67adb58478974b91f5e5c2b1222b5c7f2cc > Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> > --- > .gitlab-ci.d/container-template.yml | 4 ++-- > .gitlab-ci.d/opensbi.yml | 4 ++-- > 2 files changed, 4 insertions(+), 4 deletions(-) > > diff --git a/.gitlab-ci.d/container-template.yml b/.gitlab-ci.d/container-template.yml > index 9ac4a0ee25..8c1370b8f0 100644 > --- a/.gitlab-ci.d/container-template.yml > +++ b/.gitlab-ci.d/container-template.yml > @@ -1,9 +1,9 @@ > .container_job_template: > extends: .base_job_template > - image: docker:stable > + image: docker:latest > stage: containers > services: > - - docker:stable-dind > + - docker:dind > before_script: > - export TAG="$CI_REGISTRY_IMAGE/qemu/$NAME:latest" > - export COMMON_TAG="$CI_REGISTRY/qemu-project/qemu/qemu/$NAME:latest" > diff --git a/.gitlab-ci.d/opensbi.yml b/.gitlab-ci.d/opensbi.yml > index 2e9d51764e..b4d7eef688 100644 > --- a/.gitlab-ci.d/opensbi.yml > +++ b/.gitlab-ci.d/opensbi.yml > @@ -42,9 +42,9 @@ > docker-opensbi: > extends: .opensbi_job_rules > stage: containers > - image: docker:stable > + image: docker:latest > services: > - - docker:stable-dind > + - docker:dind > variables: > GIT_DEPTH: 3 > IMAGE_TAG: $CI_REGISTRY_IMAGE:opensbi-cross-build > -- > 2.40.1 > Reviewed-by: Camilla Conte <cconte@redhat.com>
© 2016 - 2024 Red Hat, Inc.