Handling package related issues occuring upstream
Recently, we had issues with our UBI images because RedHat bumped the version of perl
and cmake
in their ubi-8-appstream
repo without properly ensuring all the dependencies are updated. This resulted in us pinning dependencies and caused a bit of stress as release was near - gitlab-org/build/CNG!671 (merged), gitlab-org/build/CNG!673 (merged).
Pinning worked here only because RedHat only added new versions to the repo and didn't actually purge any of the older versions. Also, pinning is not ideal for us because it can cause us not to have security releases of these packages.
We should think of a solution for this problem.