[DISCUSSION]: New Release Version Considerations #236
Assignees
AaronFiore
Clear assignees
AaronFiore
No Assignees
Notifications
Due Date
No due date set.
Reference: EvergreenCrypto/docker-finance#236
Reference in New Issue
Block a user
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
This issue will track ongoing discussion from
#docker-finance:matrix.orgregarding a new hybrid semver/rolling release system.2025-11-03
With regard to versioning considerations, there are at least 3 current primary components to the
dfibuild system:-
fetch(php)-
root(c++)-
plugins(bash, c++)- Arch Linux OS
* rolling:
YYYYMMDD.0.build_number- currently we're using latest but that could be changed (but see point 3)
- Ubuntu OS
* rolling:
name-YYYYMMDD- currently we're using latest but that could be changed (but see point 3)
-
dfiimages* tagged by platform:
archlinux/ubuntu/dev-tools- a single tag per platform means no rollback potential (but see point 3)
- This is dependent upon end-user custom build types (
default,slim,tiny,micro)* These are ultimately determined per-module (
fetch,track,root, etc.)Within point 3 are various dependencies (such as
ccxt) that are installed upon first build or every update (their latest stable releases), mostly regardless of whether point 2 is bumped. Also, since point 3 will always update/upgradepacman -Syu/apt-get update/upgrade), tracking by point 2 only seems not very useful at the moment.Simply put: a more tenable
dfisolution (to this relatively uncommon type of cross-platform dependency hell) may be to deploy a hybrid of rolling release/semver.WIP proposals:
MAJOR.MINOR.PATCH+YYYYMMDD.epoch| e.g.,v1.0.0+20251103.1762204451-
MAJOR.MINOR.PATCHtracksdficodebase*
MAJORtracks point 1 above (public APIs)*
MINORandPATCHtracks the rest, as defined by typical semver-
+YYYYMMDDtracks:* date that
dfiremote images are created/pushed-
.epochallows for multiple same-day releases w/out needing to manually increment (e.g.,date --utc +%s)MAJOR+YYYYMMDD.epoch| e.g.,v1.20251103.1762204451- drops
MINORandPATCHfor a more simplified v1 public API (as seen above)-
+YYYYMMDDtracks:* any code changes between previous date release
* date that
dfiremote images are created/pushed- .epoch allows for multiple same-day releases w/out needing to manually increment (e.g.,
date --utc +%s)MAJOR.MINOR.PATCH+YYYYMMDD.epochwhereMAJOR.MINOR.PATCHONLY tracks the public API and+YYYYMMDDtracks any/all code changes between previous date release and that release - includingdfire-built remote images (as seen above)..epochalso still applies.2025-11-04
[Though projects exist that utilize a collection of software,] there are none with these specific constraints that I can find; specifically, programmability and interoperable local builds.
Some other projects will simply go flat (linear) and track a single underlying primary dependency’s version - incrementing metadata for only image rebuilds - but those rebuilds also include all other dependency version changes (e.g.,
docker-swag). I’ve also seen a project completely ditch versioning all together and just work from a single master branch with no tags or releases (working successfully for years now).In all cases, as long as they’re pulling from an OS image where the underlying packages are stable, everything from the top down appears to work until it doesn’t (but this would affect any user of any package at any time). When that happens, like a developer pulling from a different library version, end-users can pull different package version via their various distro channels. As for
dfi, that can easily be done withdfi <platform/${USER}:tag> edit type=buildand then add the subsequent Dockerfile commands to pull from a “working” package (again, very rare for this to be needed, IMHO, and it’s a PITA regardless ofdfi).With that said, I’m leaning towards the 1st proposal but with the following changes/clarifications:
WIP proposal
MAJOR.MINOR.PATCHtracksdfi(and most public-facing API) but all dependency versions are treated as dev dependencies - and thus do not incrementPATCH.dfisystem has always been rolling release and the drawbacks of that have been exceedingly rare. End users can alwaysdfi <platform/${USER}:tag> update type=<type>to stay in sync with upstream stable dependency versions at any time (just like a typical system update).dfireally does act as a quasi-”financial operating system” more-so than an “application” or “library”.+YYYYMMDDtracksdfiremote build imagesdfiv1.0.0 doesn’t see a patch for a month buthledgerhas a point release, we will then update the remotedfiDockerfiles, remotedfiimages are updated/rebuilt/pushed, we then commit thedfichanges and increment build metadata then push the tag.hledgerwould be treated as a dev dependency, only the remotedfiimages will be re-built anddfiwould be tagged as such only to indicate the latest build with latest dependencies are in the remote images. From there, the end-user can get those updates simply withdfi <platform/${USER}:tag> update type=<type>or do a freshbuildif desired..epochor perhaps a simple increment would keep its purpose, AFAICT.The more I think about it, the more simple I think it becomes because it’s really as straightforward as ‘sitting down at your computer and updating your system’. The reliance on public consuming APIs is limited (and would be tracked via semver anyway) so it’s more aligned as an quasi-”financial operating system” with limited contracts than not (with the major exception being hledger rules but that’s mostly internal anyway).
So, to the simplest end-user view would be, in any order:
buildorupdatecommand for the+YYYYMMDD.epochchangesgit pull <branch> --tagsor similar for theMAJOR.MINOR.PATCHchangesdfi <platform/${USER}:tag> version type=<type>exists and makes it easy to see whatdfiand dependency versions are in use (for bugs/issues or general information)