How to handle updates?

Question

How to handle updates?

Closed this issue 3 years ago · 5 comments

Every so often, instances should be rebuilt to include the latest changes to packages (non-vital ones like user packages). Ensure that on a rebuild, it runs an update at the end?

Answer 1 · 2021-02-09T23:44:31.000Z

One could naively add sudo apt-get update && sudo apt-get upgrade -y in each of the high-level packer profiles, although this will update everything so care is needed to on a per-profile basis to ensure updates only occur for non-vital packages.

Answer 2 · 2021-02-13T00:34:02.000Z

Upgrading everything doesn't work due to containers-common being broken:

Errors were encountered while processing:
 /tmp/apt-dpkg-install-eFjNBJ/33-containers-common_100%3a1-7_all.deb
E: Sub-process /usr/bin/dpkg returned an error code (1)

Figure out why to allow it to update as this will probably be important for container support into the future

Answer 3 · 2021-04-09T18:05:03.000Z

Create an exclusion list (if feasible) to control certain things manually like Nvidia packages
Get security updates once a day (configure apt for this)

Answer 4 · 2021-04-13T22:06:01.000Z

After some discussion:

Only exclude Nvidia/CUDA packages for now
For security updates, install unattended-upgrades which will install security updates daily
For everything else, update weekly/monthly manually (update the pinned versions of tools and rebuild the images to update)

Answer 5 · 2021-04-14T21:13:10.000Z

Fixed by 7dac3ad and 3100419