valve-infra-container: switch from Archlinux to Fedora (!625) · Merge requests · gfx-ci / CI-tron

Martin Roukala requested to merge valve_infra_container_fedora into master Aug 14, 2023

ArchLinux has served us well so far, but it has some limitations.

First of all, only the AMD64 architecture is officially supported, which prevents using cheap single-board computers to host CI farms. It would be possible to use the unofficial ArchLinux-ARM project, but I found it to be extremely broken (missing packages, or dependencies).

Secondly, the rolling-release model is not a great fit: We currently try to reduce the size of the regular updates of the valve-infra container by having a base container providing all the base-OS and binaries, while the valve-infra container brings all our software. Due to ArchLinux's lack of partial-update support, installing security or bug fixes would inevitably bring a host of other updates... which may themselves bring regressions. With Fedora as a base, we could easily add task that would only update packages with bug or security fixes, without also updating new packages. This would increase the security of the container, at virtually no development cost.

TODO:

Add yq
Remove dead/commented tasks
Test in my farm
Finish the security/bugfix updates code

Edited Aug 21, 2023 by Martin Roukala

valve-infra-container: switch from Archlinux to Fedora

Merge request reports