dotnet-issue-labeler[bot]
commented
1 year ago I couldn't figure out the best area label to add to this issue. If you have write-permissions please help me learn by adding exactly one area label.
Open mthalman opened 1 year ago
dotnet-issue-labeler[bot]
commented
1 year ago I couldn't figure out the best area label to add to this issue. If you have write-permissions please help me learn by adding exactly one area label.
The implementation of the
AzureArtifacts.manifest-generator-task.manifest-generator-task.ManifestGeneratorTaskhas repeatedly broken our pipelines. See https://github.com/dotnet/docker-tools/pull/990, https://github.com/dotnet/docker-tools/issues/1152, https://github.com/dotnet/docker-tools/pull/1045.We need to protect the pipeline from these breaks since they can occur at any point and disrupt a release. I suggest we always have the pipeline YAML pinned to a build-specific version of the task and have a system in place (ideally, automated) that would submit a PR in this repo to update to the latest version. In that case, we need to ensure the PR build does exercise the SBOM generation path. Upon merge, that would then get rolled out to the consuming repos.