riarenas
commented
8 months ago For build images, we should determine whether we want to just point to a subset of the pipelines for the repos we support, or if we want to create specialized validation pipelines.
Thinking on this a bit more, it's not a good idea to depend on product team pipelines for this, as they can be broken by dev work. Validation pipelines should see low churn so that if we see a break, we can trust it's related to the new image version.
It's also worth noting that we currently don't have validation for build images, so anything we do in that space is already a win.
As 1ES images get rebuilt automatically when there is a base image update, we need to come up with a validation mechanism to determine whether a new image version is ready to be used by the infrastructure that it will support.
The 1ES mechanism for this are validation pipelines which will run using new versions of the image: https://eng.ms/docs/cloud-ai-platform/devdiv/one-engineering-system-1es/1es-docs/1es-managed-images/validation
The concept is simple. Tell the image some pipelines that should run successfully when new image versions have been built, and only make that image version the default if those validations succeed.
For build images, we should determine whether we want to just point to a subset of the pipelines for the repos we support, or if we want to create specialized validation pipelines.
For images that will be used in Helix, we can probably reuse some of the existing queue validation that is part of the helix-machines CI build.
Release Note Category
Release Note Description