Improve documentation around maintenance, building, and packaging#46772
Improve documentation around maintenance, building, and packaging#46772vvoland merged 4 commits intomoby:masterfrom
Conversation
neersighted
requested review from
AkihiroSuda,
akerouanton,
bsousaa,
corhere,
cpuguy83,
estesp,
laurazard,
rumpl,
samuelkarp,
tianon and
vvoland
Signed-off-by: Bjorn Neergaard <[email protected]>
Note that this entire document needs a modernization pass, both for current best practices as well as something approximating s/Docker/Moby/. In the interest of making some forward progress, we'll make minimal changes for now, however. Signed-off-by: Bjorn Neergaard <[email protected]>
Signed-off-by: Bjorn Neergaard <[email protected]>
neersighted
force-pushed
the
project_docs
branch
from
fbb90c5 to
a52aab8
Compare
| - **Maintained** - actively developed by project maintainers; accepting contributions and backports; in-scope for security advisories | ||
| - **Maintained (security)** - no longer actively developed; may accept contributions and backports for critical security issues; in-scope for security advisories | ||
| - **Unmaintained** - no longer actively developed; not accepting contributions; out-of-scope for security advisories |
There was a problem hiding this comment.
containerd describes these as "Active", "Extended", and "End of Life" in case you wanted to keep terminology consistent across projects.
| The Moby Project is widely packaged by many independent software distributors, | ||
| generally under the name 'docker' or 'docker.io.' | ||
|
|
||
| A non-exhuastive list of known software packagers and distributions includes: |
There was a problem hiding this comment.
How exhaustive do you want this list to be? Repology has a fairly long list (though it isn't fully normalized). Beyond those lists, I also know of Bottlerocket and Google Container-Optimized OS.
There was a problem hiding this comment.
This is definitely pretty initial; it definitely would be helpful to at least document say, the top 10 Linux distributions with packaging, and any non-distribution distributions that are well known.
Interesting to know that Bottlerocket has separate packaging from AL -- thanks for pointing that out! I'll try and add some more entries from the links you have provided.
| exact version for each. | ||
|
|
||
| Note that this project is **not** a Go module. To properly build the project, | ||
| `GOPATH` mode must be used. The project is migrating to Go modules, but `vendor.mod` |
There was a problem hiding this comment.
This seems like strange wording.
The issue with go.mod is more about people importing the project, not building it.
We absolutely use vendor.mod as a stand-in for go.mod:
Line 85 in 6fd893b
We also don't use GOPATH mode (or rather don't require it), hence the hack/with-go-mod.sh.
There was a problem hiding this comment.
There are issues with go.mod in building; while we do some trickery with vendor.mod here, it's worth noting that renaming vendor.mod to go.mod doesn't work; this is a special case where the Go toolchain requires a stub go.mod to be bent the way we want.
In general I see a lot of #44618 coming up; when it comes to advice for packagers, I think we really should express GOPATH is the supported way to build.
There was a problem hiding this comment.
Our own build scripts are turning on module mode, though.
If someone builds with hack/make.sh [binary|dynbyinary] they are building with module mode.
There was a problem hiding this comment.
It can be used correctly with the wrapper for sure; I just don't know that is something that we want to expose. Do you think it's worth documenting how to build in module mode (with the wrapper/correct arguments) and making that a "stable" interface for people to depend on?
There was a problem hiding this comment.
hack/make.sh is the interface we have always expected people to use.
I think it is fair to mention that in this doc?
| Any public release of a compiled binary, with the logical exception of nightly builds, should have | ||
| a corresponding tag in the repository. | ||
| All releases of The Moby Project should have a corresponding tag in the repository. | ||
| The project generally attempts to adhere to [Semantic Versioning](https://semver.org) whenever possible. |
There was a problem hiding this comment.
| The project generally attempts to adhere to [Semantic Versioning](https://semver.org) whenever possible. | |
| The project generally attempts to adhere to [Semantic Versioning](https://semver.org) whenever possible since v23, and until v1.13. | |
| v17.03-v20.10 releases were following CalVer. |
| | Branch Name | Sponsoring Maintainer(s) | Contribution Status | Expected End of Maintenance | Known Distributors | | ||
| |------------------------------------------------|------------------------------------------------|-----------------------|------------------------------|----------------------------------------------------------------------| | ||
| | master (development branch) | The Moby Project [MAINTAINERS](../MAINTAINERS) | N/A | - | N/A | | ||
| | 24.0 | @thaJeztah, @rumpl, @neersighted | Maintained | TBD | [Docker, Inc.](https://docker.com) | |
There was a problem hiding this comment.
| | 24.0 | @thaJeztah, @rumpl, @neersighted | Maintained | TBD | [Docker, Inc.](https://docker.com) | | |
| | 24.0 | [@thaJeztah](https://github.com/thaJeztah), @rumpl, @neersighted | Maintained | TBD | [Docker, Inc.](https://docker.com) | |
For clickability and for clarifying that these are not Twitter (X) IDs
There was a problem hiding this comment.
I was for some reason expecting GitHub to linkify these; I agree we should link them to the GitHub profiles.
There was a problem hiding this comment.
Hello,
are there any informations about the versions beyond 24.0? Is 24 still maintained?
There was a problem hiding this comment.
24.0 is not maintained; currently maintained branches;
master/main27.0(which will be renamed to27.x) - current release (v27.x.x)25.0(will be used as base for the next LTS version of Mirantis Container Runtime)23.0(branch used as base for current LTS version of Mirantis Container Runtime)
With the disclaimer that older branches depend on versions of the BuildKit dependency that are no longer maintained (the BuildKit project currently doesn't provide maintained long-lived branches)
There was a problem hiding this comment.
I should also add that the 25.0 branch is not yet used by Mirantis; normally, we consider branches with no "owner" (no maintainer involved in maintaining the branch) to be "frozen", however Mirantis maintainers have indicated their intent to use that branch for their next LTS release.
@austinvazquez (working at AWS) is not (yet) a maintainer, but requested some backports, and with the knowledge that Mirantis (who does provide maintainers) has the commitment to use that branch in future, we accepted those backports.
There was a problem hiding this comment.
Is all of this information hidden in the documentation or somewhere else? I searched about 1h before asking here with many different answers but non from docker or moby
| // around SemVer, which this repo cannot abide by as it uses CalVer. | ||
| // There is no 'go.mod' file, as the project has not yet completed the migration | ||
| // to a Go module. This project should be built in GOPATH mode, and not module mode, | ||
| // until the migration is complete and this file becomes 'go.mod.' |
There was a problem hiding this comment.
Can we have a link to an issue to track the blockers for the migration?
There was a problem hiding this comment.
I've been bugging @thaJeztah about making one; I'll link it in these places once we have one 👍
tianon
left a comment
tianon
left a comment
There was a problem hiding this comment.
In this case, IMO good is better than perfect, and this is pretty good -- at most maybe this needs an update to that table of supported versions/branches to be unstuck and more improvements could be separate PRs?
(Right now we're in the fun state where I, a Moby maintainer and Docker employee, don't even know which versions are actively "supported" which isn't a great state to be in.)
vvoland
left a comment
vvoland
left a comment
There was a problem hiding this comment.
LGTM; as Bjorn is currently out of office, I went ahead and updated the version table
| | Branch Name | Sponsoring Maintainer(s) | Contribution Status | Expected End of Maintenance | Known Distributors | | ||
| |-----------------------------------|---------------------------------------------------------|-----------------------|------------------------------|-------------------------------------| | ||
| | master (development branch) | The Moby Project [MAINTAINERS](../MAINTAINERS) | N/A | - | N/A | | ||
| | 27.0 | The Moby Project [MAINTAINERS](../MAINTAINERS) | Maintained | After 28.0 | [Docker, Inc.](https://docker.com) | |
There was a problem hiding this comment.
| | 27.0 | The Moby Project [MAINTAINERS](../MAINTAINERS) | Maintained | After 28.0 | [Docker, Inc.](https://docker.com) | | |
| | 27.0 | The Moby Project [MAINTAINERS](../MAINTAINERS) | Maintained | After 28.0 | [Docker, Inc.](https://docker.com) | |
I put The Moby Project as the sponsoring maintainers for the latest release branch to avoid listing every individual maintainer that happens to do the backports.
Alternative would be to create a team in the Moby org with people that do backports (which would be at least Docker Inc. maintainers?) and reference the whole group there.
@thaJeztah @cpuguy83 @corhere WDYT?
| |-----------------------------------|---------------------------------------------------------|-----------------------|------------------------------|-------------------------------------| | ||
| | master (development branch) | The Moby Project [MAINTAINERS](../MAINTAINERS) | N/A | - | N/A | | ||
| | 27.0 | The Moby Project [MAINTAINERS](../MAINTAINERS) | Maintained | After 28.0 | [Docker, Inc.](https://docker.com) | | ||
| | 26.1 | @cpuguy83 | Maintained (security) | TBD | [Microsoft](https://microsoft.com) | |
| | master (development branch) | The Moby Project [MAINTAINERS](../MAINTAINERS) | N/A | - | N/A | | ||
| | 27.0 | The Moby Project [MAINTAINERS](../MAINTAINERS) | Maintained | After 28.0 | [Docker, Inc.](https://docker.com) | | ||
| | 26.1 | @cpuguy83 | Maintained (security) | TBD | [Microsoft](https://microsoft.com) | | ||
| | 25.0 | @corhere | Maintained | TBD | [Mirantis](https://mirantis.com) | |
24.x is no longer maintained as of February 1, 2024[1]. It did not (yet?) receive a fix for CVE-2024-41110. [1] moby/moby#46772 (comment)
|
I don't understand why this PR closes #46761 =/ |
|
I think that's because it includes language that addresses the frequently asked question that issue represents -- we do need to create something (a proper issue, documentation, a project board, etc) that tracks what needs to happen for us to make the transition (as noted both in this PR's discussion and in that issue's discussion). |
24.x is no longer maintained as of February 1, 2024[1]. It did not (yet?) receive a fix for CVE-2024-41110. According to [1] 25.x will be the next LTS version, use that version to reduce risk of possible breakage. [1] moby/moby#46772 (comment)
Signed-off-by: Paweł Gronowski <[email protected]>
11 participants
Attempt to better document the state of the project. This is incremental progress, but I'm hoping this can help "unstick" us and get a little more momentum going on documentation and improved transparency.
I'm only married to the intent of this PR, and not the specific phrasing, so please do suggest edits liberally. Likewise, I've guessed a bit as to intent/content with the branch documentation; please do suggest improvements/corrections if my mental model differs from reality (especially for those I have called out by name!).