rules_apko should fail if the lock file is stale or yaml references invalid packages

Question

rules_apko should fail if the lock file is stale or yaml references invalid packages

Opened this issue 4 months ago · 1 comments

rules_apko doesn't fail if my lock file is stale, or if my apko yaml includes malformed packages.

The lock generation target does fail, but if I make a change to a yaml and then forget to lock there is no safeguard to remind me to do so. This can be confusing during development.

It would be nice if apko checked for a stale lockfile before running a build.

Answer 1 · 2024-06-05T21:28:11.000Z

I think chainguard-dev/apko#1012 addresses this. There is no rules_apko release that uses the apko binaries containing that version. But at head, rules_apko use apko v0.14 that contain this feature.

You can grab the rules_apko at specific commit or wait for new release.