Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

improved process for users to update wis2box to latest release #777

Open
maaikelimper opened this issue Sep 24, 2024 · 7 comments
Open

improved process for users to update wis2box to latest release #777

maaikelimper opened this issue Sep 24, 2024 · 7 comments
Assignees
Labels
security Security
Milestone

Comments

@maaikelimper
Copy link
Collaborator

Based on the feedback from users during the recent WIS2 Training workshop, we should review how to improve the process of updating wis2box to the latest release

@maaikelimper maaikelimper added this to the sprint-016 milestone Sep 24, 2024
@maaikelimper maaikelimper self-assigned this Sep 24, 2024
@maaikelimper maaikelimper added the security Security label Nov 3, 2024
@maaikelimper
Copy link
Collaborator Author

adding the label "security" as we need a process to allow users to easily update wis2box when vulnerabilities are found.

@tomkralidis
Copy link
Collaborator

2024-11-21: brainstorming:

  • define a process to pull updates between releases
  • add a "check for updates" capability to identify new releases

Delineate update concepts:

  • software updates

  • content updates (configurations, tables)

  • major/minor/patch

  • patch releases are for:

    • bugfixes
    • configuration updates
    • tables/schemas updates

WMO FT cycle:

  • 2x/year

  • WIS2

  • WIGOS

  • BUFR/GRIB

  • wis2box updates would listen on bugfix releases only (based on WMO FT)

  • wis2box image stable branches

What is a patch

  • artifacts
    • anything resulting from WMO FT
    • wis2box configurations
  • software
    • bug fixes

Decisions

  • all wis2box repositories are managed with branches:
    • main branch (master/tip)
    • stable branches (patch releases)
  • in each repository, changes to stable branches can feed into a patch release via backporting
  • wis2box-ctl.py script updated to include the following:
    • for a given MINOR release, compare/detect available update
    • present the user with the list of images that can be updated
    • user accepts, docker pull, wis2box-ctl restart
  • any updates of this type are bound to the same MINOR release version only

@tomkralidis tomkralidis self-assigned this Dec 19, 2024
@tomkralidis tomkralidis modified the milestones: sprint-016, sprint-017 Dec 19, 2024
@tomkralidis
Copy link
Collaborator

  • add release management documentation
  • update wis2box-ctl.py

@tomkralidis tomkralidis modified the milestones: sprint-017, sprint-016 Jan 9, 2025
@tomkralidis
Copy link
Collaborator

@maaikelimper to implement:

  • process docker-compose.yml (create backup)
  • for all services whose image is in the wmo-im namespace
    • compare current version against the latest minor version (git tags)
    • if latest minor version > current version, update to latest minor version and delete current version of image on host
    • save
  • add clean subcommand to prune images

@maaikelimper
Copy link
Collaborator Author

maaikelimper commented Jan 10, 2025

feedback from my investigation on how implement this:

  • ghcr.io does not support an API to request tags that does works without a personal github-token
  • docker-hub does have a public API to support this

I wrote a POC on how the update command would work if we reference images from docker-hub, this is what running the 'update' command would look like:

PS C:\Users\maaik\Documents\GitHub\wis2box> python wis2box-ctl.py update
Get latest image tag for wis2box-ui
Found 1 tags for image 'wis2box-ui: ['0.5.3']'
Set wis2box-ui to 0.5.3
Get latest image tag for wis2box-webapp
Found 1 tags for image 'wis2box-webapp: ['wis2box-1.0b5']'
Set wis2box-webapp to wis2box-1.0b5
Get latest image tag for wis2box-api
Found 4 tags for image 'wis2box-api: ['1.0b8-dev', 'wis2box-1.0b5', '0.5.1-training', '0.5.1']'
Set wis2box-api to wis2box-1.0b5
Get latest image tag for wis2box-broker
Found 11 tags for image 'wis2box-broker: ['1.0b8', '1.0b8-dev', '1.0b7', '1.0b7.dev0', '1.0b6', '1.0b5', '1.0b4', '1.0b3', '1.0b2', 'test', '1.0.beta1']'
Set wis2box-broker to 1.0b8
Get latest image tag for wis2box-management
Found 13 tags for image 'wis2box-management: ['1.0b8', '1.0b8-dev', '1.0b7', '1.0b7.dev0', '1.0b6', 'bugfix', 'test', '1.0b5', '1.0b4', '1.0b3-training', '1.0b3', '1.0b2', '1.0.beta1']'  
Set wis2box-management to 1.0b8
Get latest image tag for wis2box-mqtt-metrics-collector
Found 9 tags for image 'wis2box-mqtt-metrics-collector: ['1.0b8', '1.0b8-dev', '1.0b7', '1.0b7.dev0', '1.0b6', '1.0b5', '1.0b4', '1.0b3', '1.0b2']'
Set wis2box-mqtt-metrics-collector to 1.0b8
Get latest image tag for wis2box-auth
Found 1 tags for image 'wis2box-auth: ['0.5.0']'
Set wis2box-auth to 0.5.0
Get latest image tag for wis2downloader
Found 1 tags for image 'wis2downloader: ['1.0b8-dev']'
Set wis2downloader to 1.0b8-dev

To move forward with this approach we need to ensure we have properly tagged images per release in https://hub.docker.com/u/wmoim

@tomkralidis what do you think ?

@maaikelimper
Copy link
Collaborator Author

maaikelimper commented Jan 17, 2025

Update on latest discussion between @tomkralidis and @maaikelimper

We agreed to use a separate repository "wis2box-release" that stores a manifest of wis2box-images for a wis2box-release.

A patch-releases of the wis2box-release (1.0.0 -> 1.0.1) will constitute an update of the manifest of the wis2box-images only, and will be tracked as new patch-release on the "wis2box-release"-repository.

To develop functionality whereby "wis2box-ctl.py update" references the wis2box-images manifest from a separate repository I will temporarily reference: https://github.com/maaikelimper/wis2box-release/
This repository can be created in wmo-im after the new functionality in the PR for issue-777 has been reviewed

@maaikelimper
Copy link
Collaborator Author

@tomkralidis I created a new PR for issue-777 .

In this PR I am using a docker-compose file as the image manifest :
https://github.com/maaikelimper/wis2box-release/blob/main/docker-compose.images.yml

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
security Security
Projects
None yet
Development

No branches or pull requests

2 participants