starting work on file assets builder #3085
Conversation
k8s-ci-robot
added
the
cncf-cla: yes
k8s-github-robot
added
the
approved
pkg/assets/file_builder.go
Outdated
| ) | ||
|
|
||
| // AssetBuilder discovers and remaps assets | ||
| type FileAssetBuilder struct { |
There was a problem hiding this comment.
I think you could incorporate this into AssetBuilder, rather than needing a separate class, but we can see how it plays out..
pkg/assets/file_builder.go
Outdated
| if f.AssetsLocation != nil && f.AssetsLocation.FileRepository != nil { | ||
| fileURL, err := url.Parse(file) | ||
| if err != nil { | ||
| return "", fmt.Errorf("unable to parse file url: %q, %v", file, err) |
There was a problem hiding this comment.
typically ...file url %q: %v but NBD
pkg/assets/file_builder.go
Outdated
| fileRepo += "/" | ||
| } | ||
|
|
||
| fileAsset.File = fileRepo + "/" + fileURL.Path |
There was a problem hiding this comment.
Presumably we don't want the + "/" here given we just added it above?
pkg/assets/file_builder_test.go
Outdated
| kopsAssets *kops.Assets | ||
| }{ | ||
| { | ||
| // FIXME - need https://s3.amazonaws.com/k8s-for-greeks-kops/kubernetes-release/release/v1.7.2/bin/linux/amd64/kubelet |
There was a problem hiding this comment.
I realized that - specifically for S3 - we can use a signed URL
pkg/assets/file_builder.go
Outdated
| } | ||
|
|
||
| // TODO SHA | ||
| // TODO need to map file in the same manner and include vfs and http location |
There was a problem hiding this comment.
Open question I have, and I updated the comment, is do we have the SHA url with the file URL.
| } | ||
|
|
||
| func transferFile(source string, target string, sourceSHA string, sourceSHALocation string) error { | ||
| data, err := vfs.Context.ReadFile(source) |
There was a problem hiding this comment.
Ouch... these files could be big!
There was a problem hiding this comment.
testing worked ok, do we have another method?
There was a problem hiding this comment.
Do you want me to write the file to disk? I think it needs to be in memory in order to compare the SHAs anyways.
There was a problem hiding this comment.
It's fine for now, but streaming is going to be preferable for big files, and that probably does mean a tempfile if you effectively have to do two passes (compare SHAs and then copy to a destination).
upup/pkg/fi/assettasks/copyfile.go
Outdated
|
|
||
| if sha != "" { | ||
|
|
||
| trimmedSHA := strings.TrimSuffix(sha, "\n") |
| return err | ||
| } | ||
|
|
||
| b := bytes.NewBufferString(sha) |
There was a problem hiding this comment.
I think you can just use []byte(sha)
upup/pkg/fi/assettasks/copyfile.go
Outdated
| trimmedSHA := strings.TrimSuffix(sha, "\n") | ||
|
|
||
| in := bytes.NewReader(data) | ||
| dataHash, err := hashing.HashesForResource(in, []hashing.HashAlgorithm{hashing.HashAlgorithmSHA1}) |
There was a problem hiding this comment.
You can use hashing.HashAlgorithmSHA1.Hash(in)
| //path := strings.Join(pathSlice, "/") | ||
|
|
||
| // TODO I am not a huge fan of this, but it would work | ||
| // TODO @justinsb should we require an URL? |
There was a problem hiding this comment.
Yes, I would just have the task expect "real" vfs path strings, i.e. ones that would work with vfs.Context.BuildVfsPath. From a vfs.Path you can get the path using Path()
There was a problem hiding this comment.
Need more context please
|
A few simplifications possible, and it would be great to get at least one usage of RemapFile so we can see whether FileAssetBuilder should be merged with AssetBuilder |
|
@justinsb I can refactor to just use on builder. Doing that now, and I have some questions |
|
@chrislovecnm PR needs rebase |
k8s-github-robot
added
the
needs-rebase
| Assets []*Asset | ||
| ContainerAssets []*ContainerAsset | ||
| FileAssets []*FileAsset | ||
| AssetsLocation *kops.Assets |
There was a problem hiding this comment.
Probably assetsLocation as I would guess no need to export (?), but NBD.
| } | ||
|
|
||
| fileRepo := strings.TrimSuffix(*a.AssetsLocation.FileRepository, "/") | ||
| fileAsset.File = fileRepo + fileURL.Path |
There was a problem hiding this comment.
It may turn out we want the Host in here also, as otherwise we risk collisions (and it'll be more self explanation with the Host I would guess), but we can see how it goes...
| kopsAssets *kops.Assets | ||
| }{ | ||
| { | ||
| // FIXME - need https://s3.amazonaws.com/k8s-for-greeks-kops/kubernetes-release/release/v1.7.2/bin/linux/amd64/kubelet |
There was a problem hiding this comment.
We do, but this only applies to nodeup, right? Because AIUI once we are in nodeup we can (more) easily download from a secured bucket. But nodeup is tricky, and we either want to remap or use a signed URL.
We can also remap on the upload, i.e. we can recognize that a write to https://s3.amazonaws.com/k8s-for-greeks-kops/ becomes a write to s3://k8s-for-greeks-kops/, using a public ACL.
To my mind, a signed URL is going to be best, because I don't think people that want to run mirrors are going to love the idea of public buckets.
Not sure if this FIXME is a blocker for merge? I'm guessing not, because it doesn't cause any regression in existing behaviour (i.e. this doesn't work yet anyway)?
| SourceFile *string | ||
| TargetFile *string | ||
| // @justinsb not sure I like this but the problem is knowing if the sha is a file or a string | ||
| // so I did a location or a sha. We have both SHAs in remote file locations, and SHAs in strings |
There was a problem hiding this comment.
I'm saying when you build CopyFile, you can the SHA URL at that time, so that CopyFile always has a SHA directly in a string value.
| } | ||
|
|
||
| func transferFile(source string, target string, sourceSHA string, sourceSHALocation string) error { | ||
| data, err := vfs.Context.ReadFile(source) |
There was a problem hiding this comment.
It's fine for now, but streaming is going to be preferable for big files, and that probably does mean a tempfile if you effectively have to do two passes (compare SHAs and then copy to a destination).
|
|
||
| b := bytes.NewBufferString(sha) | ||
| if err := writeFile(shaVFS, b.Bytes()); err != nil { | ||
| return fmt.Errorf("Error uploading file %q: %v", shaVFS, err) |
There was a problem hiding this comment.
Writing the target file before writing the target SHA is going to be safer..
|
A few suggestions but can be done as the code evolves. I believe this is additive - only comes in to play if users configure an assetLocation, so LGTM /lgtm |
k8s-ci-robot
added
the
lgtm
chrislovecnm
force-pushed
the
file-asset-tasks
branch
from
6a77fa7
to
15a2c9f
Compare
|
/lgtm cancel //PR changed after LGTM, removing LGTM. @chrislovecnm @justinsb |
k8s-github-robot
added
needs-rebase
|
@chrislovecnm PR needs rebase |
|
Needs rebase again but then LGTM |
chrislovecnm
force-pushed
the
file-asset-tasks
branch
from
15a2c9f
to
ee17e65
Compare
k8s-github-robot
removed
the
needs-rebase
|
@justinsb needs another lgtm, as I do not like self merging :( |
|
/lgtm |
k8s-ci-robot
added
the
lgtm
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: chrislovecnm, justinsb The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these OWNERS Files:
You can indicate your approval by writing |
|
/test all [submit-queue is verifying that this PR is safe to merge] |
|
Automatic merge from submit-queue |
I refactored to the dockerassets pkg to assetstasks, in order to not add yet another package. Added file copy task, that I have tested with s3 locally, but not certain how to add memfs tests.
Fixes: #3086