Dusty Mabe <du...@dustymabe.com> writes: >>> - create a projectatomic-devel organization and put them under there >>> - put them under projectatomic/ but add devel or upstream in the name of >>> each image. >> >> would a tag be enough? > > My personal opinion is no. Not many people inspect tags when using images.
they will still need to specify the tag when pulling or installing the image. It is something like: atomic pull --storage ostree docker.io/projectatomic/etcd:devel instead of: atomic pull --storage ostree docker.io/projectatomic/etcd-devel >> Most of the time, changes to the image are bug fixes. There is not >> really much development happening in the system container itself, so I >> don't see much disadvantage if these changes are propagated quickly. > > If there's not much changes going on then why can't we use the distro > registry which has a process for rebuilding images periodically to account > for CVEs? I know the Fedora registry is not perfect, but would like for us > not to fragment and have so many different places to pull a system container > from. do we prevent in some way that users using an image from registry.fedoraproject.org/f26/* will not keep using it once the new versions, that have a complete different name, are out? We want a centralized place where we can find all the updated binaries based on what we have in the upstream repository without any human intervention to sync them. Some of the images are not based on Fedora, so we would need at least to split them between the Fedora and the CentOS registries. Giuseppe
