Add an import verification tool #15620
Conversation
openshift-merge-robot
added
the
size/L
|
As we will soon see in the test output... |
|
@deads2k give me a good review and I'll push it upstream too |
stevekuznetsov
force-pushed
the
skuznets/import-verifier
branch
from
e249e88
to
fcbbf98
Compare
| func resolvePackageTree(treeBase string) ([]Package, error) { | ||
| cmd := "go" | ||
| args := []string{"list", "-json", fmt.Sprintf("%s...", treeBase)} | ||
| stdout, err := exec.Command(cmd, args...).Output() |
There was a problem hiding this comment.
Yeah, real bummer that we don't get a Go API for this, but grabbing the JSON and decoding it is good enough.
|
supersedes #15608 |
stevekuznetsov
force-pushed
the
skuznets/import-verifier
branch
from
fcbbf98
to
4fc3f6b
Compare
| @@ -0,0 +1,9 @@ | |||
| [ | |||
| { | |||
| "baseImportPath" : "pkg/image", | |||
There was a problem hiding this comment.
can we place that as .import-restrictions in the respective directories. Then the OWNER/REVIEWER logic automatically applies.
| type ImportRestriction struct { | ||
| // BaseImportPath is the root of the package tree | ||
| // that is restricted by this configuration | ||
| BaseImportPath string `json:"baseImportPath"` |
There was a problem hiding this comment.
we need exceptions for that path very soon. E.g.:
everything under staging/src/k8s.io/kube-gen, but do not apply the restrcitions to staging/src/k8s.io/kube-gen/test/....
Compare kubernetes/kubernetes@3d94b5f
Compare my comment about the exception. And dotfiles please. We don't want to poke hack/ OWNERs for every subpackage. |
|
Oh, overall looks very good! Well done! |
| // - is not of the base import path or a sub-package of it | ||
| // - is not of an allowed path or a sub-package of one | ||
| func (i *ImportRestriction) isForbidden(imp string) bool { | ||
| importsBelowRoot := strings.HasPrefix(imp, rootPackage) |
There was a problem hiding this comment.
if it has the prefix, then its not below the root, is it?
There was a problem hiding this comment.
My variable name may not be the best here -- but github.com/openshift/origin/pkg/util has the prefix of github.com/openshift/origin/ and is thereby an import to something "below" the Origin root
There was a problem hiding this comment.
Interesting. I read that as "under", not "below" when clearly they have very similar meanings.
There was a problem hiding this comment.
@deads2k do you have a suggestion for a more technically clear name here?
There was a problem hiding this comment.
I would use "below" as well. But the choice of the name here probably not that critical ;-)
I'm disinclined to force additional requirements on this before its initial merge. @stevekuznetsov said he didn't want bash, I said that bash is what I had on and hand and I wasn't going to rewrite it for beauty, so @stevekuznetsov delivered an equivalent tool. Also, I've heard rumors of bazel in our future and that comes with some kind of import protection, so this gets us over the initial hump. |
I'll find a better home for it before I start enforcing. It probably needs to be pretty restrictive since this is about forcing better structure on the repo. @sttts I'm not clear on the exception. Why would I want to allow exceptions? It seems like that cold produce cycle problems for me. |
We create clients in client-gen, but that package should not depend on apimachinery in general, only the test output. |
That "exception" requirement is fulfilled any moment in master, when my kube-gen dependency PR merges. |
| // IgnoredSubTrees are roots of sub-trees of the | ||
| // BaseImportPath for which we do not want to enforce | ||
| // any import restrictions whatsoever | ||
| IgnoredSubTrees []string `json:"ignoredSubTrees,omitempty"` |
|
/lgtm |
|
I'll make the verify soft-fail, so this can actually merge lol |
In order to ensure that selected package trees in our source import only from other package trees, we need a tool that will determine the imports for a package tree and verify them all. Signed-off-by: Steve Kuznetsov <skuznets@redhat.com>
stevekuznetsov
force-pushed
the
skuznets/import-verifier
branch
from
da67a37
to
506ada9
Compare
|
/lgtm |
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: stevekuznetsov, sttts Assign the PR to them by writing No associated issue. Update pull-request body to add a reference to an issue, or get approval with The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these OWNERS Files:
You can indicate your approval by writing |
|
/retest |
|
/test extended_conformance_install_update |
|
/test extended_conformance_install_update |
1 similar comment
|
/test extended_conformance_install_update |
|
Automatic merge from submit-queue |
In order to ensure that selected package trees in our source import only
from other package trees, we need a tool that will determine the imports
for a package tree and verify them all.
Signed-off-by: Steve Kuznetsov skuznets@redhat.com
/cc @deads2k @sttts