github/kata-containers
1
0
Fork 2
mirror of https://github.com/kata-containers/kata-containers.git synced 2026-03-18 02:32:26 +00:00
Code Issues Projects Releases Wiki Activity
Files
a35dcf952eee565cfc176ef012bd4617df5e86d3
kata-containers/docs/Toochain-Guidance.md
stevenhorsman b9cb667687 doc: Document our Toolchain policy 
Create an initial version of our toolchain policy as agreed in
Architecture Committee meetings and the PTG

Fixes: #9841
Signed-off-by: stevenhorsman <steven@uk.ibm.com>
2025-12-02 14:28:29 +00:00

2.4 KiB
Raw Blame History

Toolchains

As a community we want to strike a balance between having up-to-date toolchains, to receive the latest security fixes and to be able to benefit from new features and packages, whilst not being too bleeding edge and disrupting downstream and other consumers. As a result we have the following guidelines (note, not hard rules) for our go and rust toolchains that we are attempting to try out:

Go toolchain

Go is released every six months with support for the last two major release versions. We always want to ensure that we are on a supported version so we receive security fixes. To try and make things easier for some of our users, we aim to be using the older of the two supported major versions, unless there is a compelling reason to adopt the newer version.

In practice this means that we bump our major version of the go toolchain every six months to version (1.x-1) in response to a new version (1.x) coming out, which makes our current version (1.x-2) no longer supported. We will bump the minor version whenever required to satisfy dependency updates, or security fixes.

Our go toolchain version is recorded in versions.yaml under .languages.golang.version and should match with the version in our go.mod files.

Rust toolchain

Rust has a six week release cycle and they only support the latest stable release, so if we wanted to remain on a supported release we would only ever build with the latest stable and bump every 6 weeks. However feedback from our community has indicated that this is a challenge as downstream consumers often want to get rust from their distro, or downstream fork and these struggle to keep up with the six week release schedule. As a result the community has agreed to try out a policy of "stable-2", where we aim to build with a rust version that is two versions behind the latest stable version.

In practice this should mean that we bump our rust toolchain every six weeks, to version 1.x-2 when 1.x is released as stable and we should be picking up the latest point release of that version, if there were any.

The rust-toolchain that we are using is recorded in rust-toolchain.toml.

Reference in New Issue View Git Blame Copy Permalink