From 1c30d02a1bbd8ff98739052c7511bcdc1f5ff942 Mon Sep 17 00:00:00 2001 From: paketo-bot Date: Fri, 17 Nov 2023 20:22:12 +0000 Subject: [PATCH] Deploying --- index.html | 16 +++ index.xml | 12 +- posts/index.xml | 12 +- .../index.html | 129 ++++++++++++++++++ sitemap.xml | 13 +- 5 files changed, 176 insertions(+), 6 deletions(-) create mode 100644 posts/paketo-bionic-builder-is-unsafe/index.html diff --git a/index.html b/index.html index 10c217f..540d08b 100644 --- a/index.html +++ b/index.html @@ -38,6 +38,22 @@

Paketo Buildpacks | Blog

paketo.io
+
+
+

Paketo's Bionic Builder Is Unsafe

+ Paketo’s Bionic Builder Is Unsafe It’s a strange thing for the Paketo Project to call out its builder as being unsafe, but the key detail here is that it’s the Ubuntu Bionic Builder we’re saying is unsafe. +On May 31st, 2023, Ubuntu 18.04 (Bionic Beaver) went out of support for OSS customers (source). At the same time, the Paketo Project stopped supporting its Bionic Stacks and Builders based on Ubuntu 18. + + + +
+
Daniel Mikusa
+ Tuesday, Nov 14, 2023 +
+
+
+ +

Paketo buildpacks team is welcoming new contributors from Hacktoberfest!

diff --git a/index.xml b/index.xml index da943fe..9942dbc 100644 --- a/index.xml +++ b/index.xml @@ -6,7 +6,17 @@ Recent content on Paketo Buildpacks | Blog Hugo -- gohugo.io en-us - Thu, 05 Oct 2023 00:00:00 +0000 + Tue, 14 Nov 2023 00:00:00 +0000 + + Paketo's Bionic Builder Is Unsafe + https://blog.paketo.io/posts/paketo-bionic-builder-is-unsafe/ + Tue, 14 Nov 2023 00:00:00 +0000 + + https://blog.paketo.io/posts/paketo-bionic-builder-is-unsafe/ + Paketo’s Bionic Builder Is Unsafe It’s a strange thing for the Paketo Project to call out its builder as being unsafe, but the key detail here is that it’s the Ubuntu Bionic Builder we’re saying is unsafe. +On May 31st, 2023, Ubuntu 18.04 (Bionic Beaver) went out of support for OSS customers (source). At the same time, the Paketo Project stopped supporting its Bionic Stacks and Builders based on Ubuntu 18. + + Paketo buildpacks team is welcoming new contributors from Hacktoberfest! https://blog.paketo.io/posts/paketo-buildpacks-hacktoberfest-2023/ diff --git a/posts/index.xml b/posts/index.xml index 15f1f5f..7dc2703 100644 --- a/posts/index.xml +++ b/posts/index.xml @@ -6,7 +6,17 @@ Recent content in Posts on Paketo Buildpacks | Blog Hugo -- gohugo.io en-us - Thu, 05 Oct 2023 00:00:00 +0000 + Tue, 14 Nov 2023 00:00:00 +0000 + + Paketo's Bionic Builder Is Unsafe + https://blog.paketo.io/posts/paketo-bionic-builder-is-unsafe/ + Tue, 14 Nov 2023 00:00:00 +0000 + + https://blog.paketo.io/posts/paketo-bionic-builder-is-unsafe/ + Paketo’s Bionic Builder Is Unsafe It’s a strange thing for the Paketo Project to call out its builder as being unsafe, but the key detail here is that it’s the Ubuntu Bionic Builder we’re saying is unsafe. +On May 31st, 2023, Ubuntu 18.04 (Bionic Beaver) went out of support for OSS customers (source). At the same time, the Paketo Project stopped supporting its Bionic Stacks and Builders based on Ubuntu 18. + + Paketo buildpacks team is welcoming new contributors from Hacktoberfest! https://blog.paketo.io/posts/paketo-buildpacks-hacktoberfest-2023/ diff --git a/posts/paketo-bionic-builder-is-unsafe/index.html b/posts/paketo-bionic-builder-is-unsafe/index.html new file mode 100644 index 0000000..25ba294 --- /dev/null +++ b/posts/paketo-bionic-builder-is-unsafe/index.html @@ -0,0 +1,129 @@ + + + + + +Paketo's Bionic Builder Is Unsafe | Paketo Buildpacks | Blog + + + + + + + + + + + + + + + + + + + +
+
+ + +

Paketo Buildpacks | Blog

+ +
+
+

Paketo's Bionic Builder Is Unsafe

+
Daniel Mikusa
+ Tuesday, Nov 14, 2023 +
+

Paketo’s Bionic Builder Is Unsafe

+

It’s a strange thing for the Paketo Project to call out its builder as being unsafe, but the key detail here is that it’s the Ubuntu Bionic Builder we’re saying is unsafe.

+

On May 31st, 2023, Ubuntu 18.04 (Bionic Beaver) went out of support for OSS customers (source). At the same time, the Paketo Project stopped supporting its Bionic Stacks and Builders based on Ubuntu 18.04. This was further communicated in a blog post on July 28, 2023.

+

This means that updates have not been published for the Bionic Builder or any of its buildpacks for almost six months. That’s a long time in the software world, which is why we’re saying that it’s not safe to use this stack.

+

Despite this, we are still seeing users performing builds against the Bionic stacks. This comes up in forum posts, Stack Overflow questions, Slack questions, and other channels. We believe that users are not getting the message or are not noticing that they are still using an old builder.

+

The Plan

+

To help notify users that they need to change, we are going to move forward with a brownout for the Bionic Builder on W, November 27th, 2023. It will run from 10 AM EST to 2 PM EST. We believe this will cover a time range across EMEA, the US East, and the US West. We hope this will be a long enough period that it will break some users' builds/CI systems, and users will notice thus being encouraged to upgrade.

+

This will be implemented by temporarily removing the image tags from the Bionic builder images (full, base, and tiny). Once the brownout is finished, the image tags will be restored. This will fix user builds.

+

We hope this will be sufficient to alert any users still on the Bionic Builder.

+

What Does This Mean for You?

+

Check your Desktop

+

All users should check their systems and confirm the builder that they are using

+

With pack, users should run pack config default-builder. It should say that they are using a Jammy builder.

+
> pack config default-builder
+The current default builder is paketobuildpacks/builder-jammy-base
+

If it does not, then run pack config default-builder paketobuildpacks/builder-jammy-base (or -full or -tiny, based on your needs).

+

Check your CI pipelines

+

Users should also check their CI pipelines, build scripts, and other automations for the usage of the Bionic Builders.

+
    +
  • Users may call pack build with the -B or --builder flag to set a builder.
    • +
  • Users may include a project.toml file which might have a builder = <builder> property set in the [build] block to set a builder.
    • +
  • It is less likely, but users can also call pack config default-builder <builder> to set a builder in CI.
    • +
+

Users may also want to check for the names of the older builders in your CI/pipelines:

+
    +
  • paketobuildpacks/builder:tiny
    • +
  • paketobuildpacks/builder:base
    • +
  • paketobuildpacks/builder:full
    • +
  • paketobuildpacks/builder:buildpackless-tiny
    • +
  • paketobuildpacks/builder:buildpackless-base
    • +
  • paketobuildpacks/builder:buildpackless-full
    • +
+

Any usage of these builders should be replaced with the equivalent Jammy builder.

+
    +
  • paketobuildpacks/builder-jammy-tiny:latest
    • +
  • paketobuildpacks/builder-jammy-base:latest
    • +
  • paketobuildpacks/builder-jammy-full:latest
    • +
  • paketobuildpacks/builder-jammy-buildpackless-tiny:latest
    • +
  • paketobuildpacks/builder-jammy-buildpackless-base:latest
    • +
  • paketobuildpacks/builder-jammy-buildpackless-full:latest
    • +
+

Upgrade your Spring Boot Apps

+

Spring Boot Users will continue to default to the Bionic Stack until Spring Boot 3.2. Please read the Spring Blog post and perform the actions listed there. That will upgrade your app to use the Jammy stack.

+

Please also consider upgrading to Spring Boot 3.2 when it is available. Spring Boot 3.2+ will default to using the Jammy builders.

+

Help! I need Bionic

+

We hope that everyone will be able to upgrade, but we recognize that there may be cases where a user cannot upgrade or cannot upgrade immediately.

+

For these users:

+
    +
  1. +

    Your builds will break during the brownout. Don’t panic! They will start working again when the brownout is over. Grab your towel or a Pan Galactic Gargle Blaster, you can just wait it out.

    +
    2. +
  2. +

    When the brownout is over, you will need to switch the image tag on your builder to the following:

    +
      +
    • paketobuildpacks/builder:tiny-unsafe
      • +
    • paketobuildpacks/builder:base-unsafe
      • +
    • paketobuildpacks/builder:full-unsafe
      • +
    • paketobuildpacks/builder:buildpackless-tiny-unsafe
      • +
    • paketobuildpacks/builder:buildpackless-base-unsafe
      • +
    • paketobuildpacks/builder:buildpackless-full-unsafe
      • +
    +

    In fact, we have added the -unsafe tags to the builder images as of this article being posted, so you don’t strictly need to wait. If you want to get ahead of things, you could switch to the -unsafe tag now and avoid downtime during the brownout.

    +
    3. +
  3. +

    Starting Jan 1, 2024, we will permanently remove the original image tags (i.e. those without -unsafe) from the Bionic builder images (full, base, and tiny). If you have not switched to using the -unsafe tags, then your builds will be broken until you switch.

    +
    4. +
+ +
+
+ +
+ + diff --git a/sitemap.xml b/sitemap.xml index f4bc6fd..1193af1 100644 --- a/sitemap.xml +++ b/sitemap.xml @@ -3,17 +3,22 @@ xmlns:xhtml="http://www.w3.org/1999/xhtml"> - https://blog.paketo.io/posts/paketo-buildpacks-hacktoberfest-2023/ - 2023-10-05T00:00:00+00:00 + https://blog.paketo.io/ + 2023-11-14T00:00:00+00:00 - https://blog.paketo.io/ - 2023-10-05T00:00:00+00:00 + https://blog.paketo.io/posts/paketo-bionic-builder-is-unsafe/ + 2023-11-14T00:00:00+00:00 https://blog.paketo.io/posts/ + 2023-11-14T00:00:00+00:00 + + + + https://blog.paketo.io/posts/paketo-buildpacks-hacktoberfest-2023/ 2023-10-05T00:00:00+00:00