[
https://issues.apache.org/jira/browse/TIKA-4703?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18075466#comment-18075466
]
ASF GitHub Bot commented on TIKA-4703:
--------------------------------------
nddipiazza opened a new pull request, #2779:
URL: https://github.com/apache/tika/pull/2779
## Summary
Pin all `docker/*` GitHub Actions to exact commit SHAs to comply with the
Apache GitHub Actions allowlist policy, as recommended by Dianjin Wang (ASF
Infra) on [INFRA-27837](https://issues.apache.org/jira/browse/INFRA-27837).
This mirrors the same fix applied in
[apache/cloudberry#1688](https://github.com/apache/cloudberry/pull/1688).
## Changes
| Action | Before | After |
|--------|--------|-------|
| `docker/setup-buildx-action` | `@v3` |
`@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f` (v3.12.0) |
| `docker/login-action` | `@v3` |
`@c94ce9fb468520275223c153574b00df6fe4bcc9` (v3.7.0) |
| `docker/build-push-action` | `@v6` |
`@10e90e3645eae34f1e60eeb005ba3a3d33f178e8` (v6.19.2) |
| `docker/setup-qemu-action` | `@v3` action | Native CLI: `docker run
--privileged tonistiigi/binfmt --install all` |
`docker/setup-qemu-action` is replaced with a native CLI step because it is
still not on the ASF allowlist (noted by INFRA team as an open issue).
## Critical Files
- `.github/workflows/docker-snapshot.yml`
- `.github/workflows/docker-release.yml`
> Integrate Docker image builds into apache/tika and deprecate standalone
> Docker repos
> ------------------------------------------------------------------------------------
>
> Key: TIKA-4703
> URL: https://issues.apache.org/jira/browse/TIKA-4703
> Project: Tika
> Issue Type: Task
> Reporter: Nicholas DiPiazza
> Priority: Major
>
> h2. Summary
> Move Docker image building and publishing into the main
> [apache/tika|https://github.com/apache/tika] repository, deprecating the
> standalone Docker repos. This ensures Docker image releases are naturally
> tied to Tika releases through the existing Maven workflow, rather than
> requiring cross-repo coordination.
> h2. Current State
> * [tika-docker|https://github.com/apache/tika-docker] - standalone repo that
> builds the tika-server Docker image, published to [apache/tika on Docker
> Hub|https://hub.docker.com/r/apache/tika]
> * [tika-grpc-docker|https://github.com/apache/tika-grpc-docker] - standalone
> repo that builds the tika-grpc Docker image, published to [apache/tika-grpc
> on Docker Hub|https://hub.docker.com/r/apache/tika-grpc]
> h2. Problem
> Having Docker builds in separate repos means:
> * Docker image releases are decoupled from Tika releases - requires manual
> coordination
> * No guarantee Docker images match the released Tika version
> * Extra maintenance burden across multiple repos
> * Harder for contributors to understand the full release pipeline
> h2. Proposed Approach
> # Move Dockerfiles and related build config from {{tika-docker}} and
> {{tika-grpc-docker}} into the main {{apache/tika}} repo
> # Add GitHub Actions workflows to {{apache/tika}} that build and publish
> Docker images as part of the release process
> # Integrate with the existing Maven workflow so Docker builds happen
> naturally alongside Java artifact publishing
> # Docker images to publish:
> #* {{apache/tika}} (tika-server) to [Docker
> Hub|https://hub.docker.com/r/apache/tika]
> #* {{apache/tika-grpc}} (tika-grpc) to [Docker
> Hub|https://hub.docker.com/r/apache/tika-grpc]
> # Support multi-architecture builds (amd64, arm64) if applicable
> # Proper image tagging tied to Maven release versions (e.g. {{3.1.0}},
> {{latest}})
> # Deprecate {{tika-docker}} and {{tika-grpc-docker}} repos with README
> notices pointing to {{apache/tika}}
> h2. Acceptance Criteria
> * Dockerfiles and build config live in the {{apache/tika}} repo
> * GitHub Actions in {{apache/tika}} build and publish both Docker images on
> release
> * Docker image versions are automatically tied to Tika release versions
> * {{tika-docker}} and {{tika-grpc-docker}} repos are marked as deprecated
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
