Wondering if anyone has any advice on best practices for versioning Mender artifacts so that they have some level of traceability and build repeatability.
Ideally I would like something embedded within the artifact name that can allow me to completely replicate the build environment that the artifact was built with.
I realise that Mender allows setting the artifact name through the
MENDER_ARTIFACT_NAME variable but dislike that this requires manual changing to update. I can set
MENDER_ARTIFACT_NAME to, for eg,
MY_IMAGE_V1 but then if I change packages and configuration and rebuild, the artifact name doesn’t change. I could change the tag every commit, but usually not all commits warrant a release and this also requires that I remember to change it each time.
The previous way I was doing this was to label each artifact with a name (
MY_IMAGE_V1) and the append the name with the git hash of the repo I’m building from using (so it’d look something like
MY_IMAGE_V1-abcdef12). This is a little bit complicated by Yocto builds having many layers all with their own revision though, and I don’t have a way of adding all the hashes to the name.
My current method is to use
image-buildinfo in Yocto which adds a file to
/etc/build with the git hashes of all the layers used to build the image. This is ok, but still not ideal as it requires opening up the rootfs of an artifact to find the metadata and doesn’t allow the Mender management server to differentiate between builds with the same name but different contents.
Would love to hear if anyone has any elegant solutions to this!