build: track generated CSV, and validate #8862
Conversation
BlaineEXE
force-pushed
the
generate-and-track-csv
branch
13 times, most recently
from
d51c8b6
to
85c5e0e
Compare
BlaineEXE
force-pushed
the
generate-and-track-csv
branch
from
85c5e0e
to
1ab776e
Compare
| @@ -115,7 +115,7 @@ do.build.platform.%: | |||
|
|
|||
| do.build.parallel: $(foreach p,$(PLATFORMS), do.build.platform.$(p)) | |||
|
|
|||
| build: csv-clean build.common ## Only build for linux platform | |||
There was a problem hiding this comment.
csv-clean here was causing changes to tracked CSVs on build.
BlaineEXE
force-pushed
the
generate-and-track-csv
branch
3 times, most recently
from
bd2e09b
to
c81f89d
Compare
| csv-clean: ## Remove existing OLM files. | ||
| @$(MAKE) -C images/ceph csv-clean |
There was a problem hiding this comment.
csv-clean in general was causing changes to tracked CSVs on build, so I just remove it.
| @$(MAKE) -C images/ceph csv-clean | ||
|
|
||
| GEN_CRD_TEMP := /tmp/rook-ceph-gen-crds | ||
| BUILD_CRDS_INTO_DIR ?= $(GEN_CRD_TEMP) # unless overridden, build CRDs into the temp dir |
There was a problem hiding this comment.
So the intermediate steps don't interfere with tracked CSVs.
| @mkdir -p $(CSV_TEMPLATE_DIR) | ||
| @cp -a ../../cluster $(CSV_TEMPLATE_DIR)/cluster | ||
| @set -eE;\ | ||
| @ echo yq=$(YQ) operator-sdk=$(OPERATOR_SDK) | ||
| mkdir -p $(CSV_TEMPLATE_DIR) | ||
| cp -a ../../cluster $(CSV_TEMPLATE_DIR)/cluster | ||
| set -eE;\ |
There was a problem hiding this comment.
Removing @ symbols here and elsewhere was useful in debugging build issues in the CI for this PR and will be useful in the future as well, so I keep them.
There was a problem hiding this comment.
How is it useful in debuging? Is it printing the commands?
BlaineEXE
force-pushed
the
generate-and-track-csv
branch
5 times, most recently
from
cab8f51
to
6ee770b
Compare
Start tracking generated CSV templates, and validate that they don't change in builds. Signed-off-by: Blaine Gardner <blaine.gardner@redhat.com>
BlaineEXE
force-pushed
the
generate-and-track-csv
branch
from
6ee770b
to
c961a1f
Compare
|
This pull request has merge conflicts that must be resolved before it can be merged. @BlaineEXE please rebase it. https://rook.io/docs/rook/latest/development-flow.html#updating-your-fork |
| @@ -0,0 +1,151 @@ | |||
| # OLM: BEGIN OPERATOR DEPLOYMENT | |||
There was a problem hiding this comment.
Why is the operator's configmap gone?
There was a problem hiding this comment.
Maybe the OLM generation is broken? I haven't touched any of that code. If it's not here, then I think it hasn't been getting generated for quite some time.
| "${YQ_CMD_WRITE[@]}" "$CSV_FILE_NAME" metadata.annotations.externalClusterScript "$(base64 <$CEPH_EXTERNAL_SCRIPT_FILE)" | ||
|
|
||
| if [[ "${GENERATE_ROOK_CSV_FOR_TRACKING_ONLY}" != "true" ]]; then | ||
| # base64 has different behavior on linux vs macos |
There was a problem hiding this comment.
MacOS's base64 can only produce a hash on a single line. On Linux, it is multi-line by default.
| @mkdir -p $(CSV_TEMPLATE_DIR) | ||
| @cp -a ../../cluster $(CSV_TEMPLATE_DIR)/cluster | ||
| @set -eE;\ | ||
| @ echo yq=$(YQ) operator-sdk=$(OPERATOR_SDK) | ||
| mkdir -p $(CSV_TEMPLATE_DIR) | ||
| cp -a ../../cluster $(CSV_TEMPLATE_DIR)/cluster | ||
| set -eE;\ |
There was a problem hiding this comment.
How is it useful in debuging? Is it printing the commands?
The RBAC used for CSV is not the same as RBAC from common.yaml. It is a subset. Unless we start providing all the RBAC from |
They should all be the same, if not it could be a bug... |
|
This pull request has been automatically marked as stale because it has not had recent activity. It will be closed in two weeks if no further activity occurs. Thank you for your contributions. |
|
I was wanting to revisit this for RBAC generation from the Helm chart (which will/could affect CSV generation). I think it may be best to track the CSV's RBAC for now, then start generating CSV RBAC using a Python script like https://github.com/rook/rook/blob/master/build/rbac/keep-rbac-yaml.py. If your previous comment (#8862 (comment)) is true, then we should be including all the RBAC in the CSV, and we can stop using After that, we can decide if we should stop versioning the CSV RBAC or if we should keep it to verify changes to generated RBAC. Unless you have a better idea for how we can keep track of what changes with generated CSV stuff? |
No, I think tracking the changes as part of git is good. |
|
Closing in favor of #9200 |
Start tracking the generated CSV, and validate that they don't change in
builds.
Signed-off-by: Blaine Gardner blaine.gardner@redhat.com
Description of your changes:
Which issue is resolved by this Pull Request:
Resolves #
Checklist:
make codegen) has been run to update object specifications, if necessary.