MAJOR - Valid Docker image can be altered unexpectedly and break everything

[franck-boullier]

The problem:

The current version of the deployment script (.travis.yml) systematically updates the Docker image and uploads it to Dockerhub without any proper tests or validation.

This is true EVERY TIME Travis CI runs:

• On the master branch for this repo (which is expected) but also,
• On ANY branch of this repo,
• On ANY PR in this repo.

Consequence of the problem:

In the following scenario:

• I create a branch.
• I update the Dockerfile.
• The update I did breaks the Docker image and creates errors and bug.
• I push my new branch to the origin repo on GH (this repo).
• THEN the Docker image in Dockerhub is automatically updated.
• ANY update to the DEV. PROD and DEMO environments from that point on will be done using this latest, incorrect, and potentially harmful Docker image.

Solution:

Option 1 (quick fix):

Make sure that the only Docker image that we push on Dockerhub are images that have been tested and validated.

Option 2 (more complex - more robust):

• create a new tag stable for Docker images on Dockerhub
• Keep building the DEV environment using the latest Docker image on Dockerhub.
• Define a release process to update the stable version of the Docker image.
• Only build the DEMO and PROD environment using the stable image and NOT the latest image.

[kaihendry]

The deploy script for demo/prod can only deploy a tagged release. So I am not sure about the severity of this.