• pHr34kY@lemmy.world
    link
    fedilink
    English
    arrow-up
    27
    ·
    6 months ago

    My company has build scripts that practically pull half an OS from an update mirror every time someone commits a code change.

    It’s maddening how inefficient CI/CD setups are.

    • Stupidmanager@lemmy.world
      link
      fedilink
      English
      arrow-up
      5
      arrow-down
      1
      ·
      6 months ago

      It’s maddening how inefficient CI/CD setups are.

      It’s maddening how inefficient CI/CD setups inexperienced DevOps engineers are. - Fixed that for you.

      Proper pipelines are modular and should run longer validation or updates externally, with only necessary stages executing.

      • code validate - will this code compile
      • code secure - are there any known security flaws introduced
      • code plan/compile - if it’s iac, plan, if it’s application code, compile
      • if it’s prod or like, approve required (human delay). Dev, test, uat - proceed with deploy
      • code deploy - push code live

      Things like: patching, config management, vulnerability scanning, compliance checks, etc… are done outside the pipeline.

      There’s a reason people like me charge a lot! Lazy and/or inexperienced staff will get you in trouble one day.

  • empireOfLove2@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    23
    ·
    edit-2
    6 months ago

    You would think Amazon would do the intelligent thing and host cache mirrors of repos local to their data centers. Not only is it not much data to store relatively speaking, it allows install and deployment at however fast your inner network is (10g+) vastly paying for itself in faster setup saving otherwise wasted time.

    Something tells me they do do that and it just broke, and AWS being AWS, nobody noticed.

    • Max-P@lemmy.max-p.me
      link
      fedilink
      English
      arrow-up
      11
      ·
      6 months ago

      They do at least for Ubuntu. One local to each AWS region even, not just one. Bandwidth is expensive, it’s all in their interest to have as much locally as possible than go out for mirrors. That definitely looks like something broke.

      Those could very well be a bad batch of AMIs and now that they’ve all been spun up as instances there’s no taking it back short of emailing customers and politely asking them to fix the mirrors.

      Or people are just following online guides and adding that particular repo copy pasting the mirror line which goes to the public mirrors.

  • FalseMyrmidon@kbin.run
    link
    fedilink
    arrow-up
    1
    ·
    6 months ago

    AmazonLinux doesn’t have epel on by default afaik? Seems unlikely this is Amazon the company and not their customers