You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently, when you follow the DEB Installation instructions for the OpenTelemetry Collector, you install a specific version that won't be upgraded with apt-get update && apt-get upgrade when the new one comes out.
This places a burden on the administrators, because you have constantly track new Collector versions and update your Ansible Playbooks to include the new .deb URL. This is simply not how things are done normally when administering Debian-based distributions. The same applies to the current state of .rpm packages.
Good news is that since this project already uses GoReleaser and has nfpms configured, providing a repository will be just 2 lines of YAML added to .goreleaser.yml:
furies:
- account: open-telemetry
(this assumes that this project has an access to open-telemetry account on Gemfury and an appropriate FURY_TOKEN is provided when running GoReleaser in CI)
Here's an example of how Cirrus Labs's Vetu project uses GoReleaser's furies: to publish both .deb and .rpm repositories:
I wasn't aware of fury.io and was able to secure both "opentelemetry" and "open-telemetry" there. While I think it's a good idea in general, I think the TC would have to approve the usage of this to host our official artifacts. I think I would be somewhat OK with that only if we provide ways for our users to independently verify that the artifacts are indeed coming from the project, likely by signing the packages/binaries.
Currently, when you follow the DEB Installation instructions for the OpenTelemetry Collector, you install a specific version that won't be upgraded with
apt-get update && apt-get upgrade
when the new one comes out.This places a burden on the administrators, because you have constantly track new Collector versions and update your Ansible Playbooks to include the new
.deb
URL. This is simply not how things are done normally when administering Debian-based distributions. The same applies to the current state of.rpm
packages.To solve this, a repository needs to be provided.
Good news is that since this project already uses GoReleaser and has
nfpms
configured, providing a repository will be just 2 lines of YAML added to.goreleaser.yml
:(this assumes that this project has an access to
open-telemetry
account on Gemfury and an appropriateFURY_TOKEN
is provided when running GoReleaser in CI)Here's an example of how Cirrus Labs's Vetu project uses GoReleaser's
furies:
to publish both .deb and .rpm repositories:.goreleaser.yml
configurationFURY_TOKEN
in CIThe text was updated successfully, but these errors were encountered: