ideally the code for building a MediaWiki image with security patches would live in Jenkins Job Builder so git history and code review can happen through the standard process™©.
Description
Description
Status | Subtype | Assigned | Task | ||
---|---|---|---|---|---|
Open | None | T198901 Migrate production services to kubernetes using the pipeline | |||
Resolved | Clement_Goubert | T238770 Deploy MediaWiki to Wikimedia production in containers | |||
Resolved | Jdforrester-WMF | T238771 Get production MW-land images built and published | |||
Resolved | dancy | T271274 Security patch workflow for MediaWiki on k8s | |||
Resolved | dduvall | T273676 Jenkins job exists for building patched MediaWiki image | |||
Resolved | dduvall | T274182 Multi-version MediaWiki image is built and published |
Event Timeline
Comment Actions
The existing .pipeline/config.yaml was extended to patch the production image before publishing to the restricted repo. See T271274: Security patch workflow for MediaWiki on k8s and associated patchsets for implementation details.