Skip to content

Rebase to alpine 3.22, install thin-provisioning-tools from main repo#3705

Merged
dims merged 1 commit intogoogle:masterfrom
aptalca:patch-1
Dec 2, 2025
Merged

Rebase to alpine 3.22, install thin-provisioning-tools from main repo#3705
dims merged 1 commit intogoogle:masterfrom
aptalca:patch-1

Conversation

@aptalca
Copy link
Contributor

@aptalca aptalca commented Jun 18, 2025

This PR rebases the build and runtime base images to the latest stable Alpine 3.22. Golang version is still the same 1.24. It also installs thin-provisioning-tools from the 3.22 repo instead of edge.

It looks like thin-provisioning-tools was being installed from the edge repo 5 years ago, presumably because at the time the edge repo contained a newer version that was required. At this point the edge repo contains the same exact version as the 3.22 repo so there is no need to install from edge.

Plus, installing packages from the edge repo is usually not recommended unless absolutely necessary. Even then, the base version needs to be recent enough to prevent dep clashes. Currently, the base image used is still 3.18, which is several years old. Edge on the other hand is a rolling branch, so it is trying to install a brand new package on a base from several years ago, which is not an ideal situation.

@aptalca
Rebase to alpine 3.22, install thin-provisioning-tools from main repo
a8e0102 
It looks like thin-provisioning-tools was being installed from the edge repo 5 years ago, presumably because at the time the edge repo contained a newer version that was required.
At this point the edge repo contains the same exact version as the 3.22 repo so there is no need to install from edge.
@google-cla
Copy link

google-cla bot commented Jun 18, 2025

Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

View this failed invocation of the CLA check for more information.

For the most up to date status, view the checks section at the bottom of the pull request.

This was referenced Jun 18, 2025
Draft
Open
@PathAbhi
Copy link

PathAbhi commented Sep 2, 2025

Is there any plan for this PR to be merged? Alpine Linux v3.18 reached End-of-support on 2025-05-09, and security scanning tools are flagging vulnerabilities for this base image.

@henry-chen-ai
Copy link

henry-chen-ai commented Nov 20, 2025

Is there any plan for this PR to be merged? Alpine Linux v3.18 reached End-of-support on 2025-05-09, and security scanning tools are flagging vulnerabilities for this base image.

+1 on this. Any blocker or timeline as to when this will be merged?

@aptalca
Copy link
Contributor Author

aptalca commented Nov 21, 2025

The last person to commit to this repo did so on June 16. Then in July, they got a new job at Nvidia (per their LinkedIn profile). Not sure if they still have write access to this repo. No clue who else has write access. There hasn't been any maintainer activity here in 5 months. I see a couple of others who commmited here in the last year but they have very few public github commits overall, and they don't seem to be Google employees.

@henry-chen-ai
Copy link

henry-chen-ai commented Nov 24, 2025

@iwankgb Would you be the right point of contact for merging and deploying this change? If not, can you kindly point the the correct person?

@dims dims merged commit 99fb2a3 into google:master Dec 2, 2025
7 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@iwankgb iwankgb iwankgb approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@aptalca @PathAbhi @henry-chen-ai @iwankgb @dims