New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
build: track generated CSV, and validate #8862
Conversation
d51c8b6
to
85c5e0e
Compare
85c5e0e
to
1ab776e
Compare
@@ -115,7 +115,7 @@ do.build.platform.%: | |||
|
|||
do.build.parallel: $(foreach p,$(PLATFORMS), do.build.platform.$(p)) | |||
|
|||
build: csv-clean build.common ## Only build for linux platform |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
csv-clean here was causing changes to tracked CSVs on build.
bd2e09b
to
c81f89d
Compare
csv-clean: ## Remove existing OLM files. | ||
@$(MAKE) -C images/ceph csv-clean |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
csv-clean in general was causing changes to tracked CSVs on build, so I just remove it.
@$(MAKE) -C images/ceph csv-clean | ||
|
||
GEN_CRD_TEMP := /tmp/rook-ceph-gen-crds | ||
BUILD_CRDS_INTO_DIR ?= $(GEN_CRD_TEMP) # unless overridden, build CRDs into the temp dir |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
So the intermediate steps don't interfere with tracked CSVs.
@mkdir -p $(CSV_TEMPLATE_DIR) | ||
@cp -a ../../cluster $(CSV_TEMPLATE_DIR)/cluster | ||
@set -eE;\ | ||
@ echo yq=$(YQ) operator-sdk=$(OPERATOR_SDK) | ||
mkdir -p $(CSV_TEMPLATE_DIR) | ||
cp -a ../../cluster $(CSV_TEMPLATE_DIR)/cluster | ||
set -eE;\ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Removing @
symbols here and elsewhere was useful in debugging build issues in the CI for this PR and will be useful in the future as well, so I keep them.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
How is it useful in debuging? Is it printing the commands?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, exactly
cab8f51
to
6ee770b
Compare
Start tracking generated CSV templates, and validate that they don't change in builds. Signed-off-by: Blaine Gardner <blaine.gardner@redhat.com>
6ee770b
to
c961a1f
Compare
This pull request has merge conflicts that must be resolved before it can be merged. @BlaineEXE please rebase it. https://rook.io/docs/rook/latest/development-flow.html#updating-your-fork |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why do we have to track all the RBACs too? This looks like a lot of duplication from common.yaml
, isn't it?
@@ -0,0 +1,151 @@ | |||
# OLM: BEGIN OPERATOR DEPLOYMENT |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why is the operator's configmap gone?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe the OLM generation is broken? I haven't touched any of that code. If it's not here, then I think it hasn't been getting generated for quite some time.
"${YQ_CMD_WRITE[@]}" "$CSV_FILE_NAME" metadata.annotations.externalClusterScript "$(base64 <$CEPH_EXTERNAL_SCRIPT_FILE)" | ||
|
||
if [[ "${GENERATE_ROOK_CSV_FOR_TRACKING_ONLY}" != "true" ]]; then | ||
# base64 has different behavior on linux vs macos |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
what's the difference?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
MacOS's base64
can only produce a hash on a single line. On Linux, it is multi-line by default.
@mkdir -p $(CSV_TEMPLATE_DIR) | ||
@cp -a ../../cluster $(CSV_TEMPLATE_DIR)/cluster | ||
@set -eE;\ | ||
@ echo yq=$(YQ) operator-sdk=$(OPERATOR_SDK) | ||
mkdir -p $(CSV_TEMPLATE_DIR) | ||
cp -a ../../cluster $(CSV_TEMPLATE_DIR)/cluster | ||
set -eE;\ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
How is it useful in debuging? Is it printing the commands?
The RBAC used for CSV is not the same as RBAC from common.yaml. It is a subset. Unless we start providing all the RBAC from |
They should all be the same, if not it could be a bug... |
This pull request has been automatically marked as stale because it has not had recent activity. It will be closed in two weeks if no further activity occurs. Thank you for your contributions. |
I was wanting to revisit this for RBAC generation from the Helm chart (which will/could affect CSV generation). I think it may be best to track the CSV's RBAC for now, then start generating CSV RBAC using a Python script like https://github.com/rook/rook/blob/master/build/rbac/keep-rbac-yaml.py. If your previous comment (#8862 (comment)) is true, then we should be including all the RBAC in the CSV, and we can stop using After that, we can decide if we should stop versioning the CSV RBAC or if we should keep it to verify changes to generated RBAC. Unless you have a better idea for how we can keep track of what changes with generated CSV stuff? |
No, I think tracking the changes as part of git is good. |
Closing in favor of #9200 |
Start tracking the generated CSV, and validate that they don't change in
builds.
Signed-off-by: Blaine Gardner blaine.gardner@redhat.com
Description of your changes:
Which issue is resolved by this Pull Request:
Resolves #
Checklist:
make codegen
) has been run to update object specifications, if necessary.