Closed pandafy closed 1 month ago
@pandafy can you double check if this fixes it? https://github.com/openwisp/docker-openwisp/commit/319ff0568b437c0d60d603294853683e76fb0d40, I think the main problem is that the tag used in the Dockerfile dependency was "latest", so the image would always be based on the latest alpine image available, so when a new one is released, builds start failing because the version of packages change.
I think the changes in https://github.com/openwisp/docker-openwisp/commit/319ff0568b437c0d60d603294853683e76fb0d40 should solve this bug too. We can close this issue and re-open it later if we see that the CI build starts failing due to a similar reason.
When a package is yanked from alpine it's for security reasons. I am afraid we can't do much about that.
The versions for system dependencies has been pinned in alpine based images. This makes the image build process fail when a package version in removed from the Alpine's package repository. We have to then manually update the dependency version in those images (#247 #250).
Upgrading the dependency version to whatever is available from the package repository defies the purpose of pinning the dependencies in the first place. We will have to find a solution which allows us to keep using the pinned version of the package and does not force us to make changes to our images whenever something is changed in Alpine's package repository.
As a last resort, we can remove version from system dependencies altogether. So, the images will have whatever version available from Alpine's package repositiory.