Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CI check for undesired dependencies #4982

Closed
KnVerey opened this issue Jan 13, 2023 · 9 comments
Closed

CI check for undesired dependencies #4982

KnVerey opened this issue Jan 13, 2023 · 9 comments
Assignees
@antoooks
Labels
kind/test-coverage Categorizes issue or PR as related to a gap in or problem with our test coverage. triage/accepted Indicates an issue or PR is ready to be actively worked on.

Comments

@KnVerey
Copy link
Contributor

KnVerey commented Jan 13, 2023

kubernetes/kubernetes has a list of unacceptable dependencies that they check in CI. Since we are subject to the same requirements, we should add the same check. This would help us avoid surprises when we go to update kustomize in kubectl.

https://github.com/kubernetes/kubernetes/blob/e51fe4a61cca7f4a0875630da433f280b52c138a/hack/lint-dependencies.sh

We will need to think carefully about how to source the dependencies list itself. If we pick it up live, everyones PR will instantly start to fail if k/k adds something we already depend on to the list, which happened with a few archived packages recently. Do we want that?
@k8s-ci-robot k8s-ci-robot added needs-kind Indicates a PR lacks a `kind/foo` label and requires one. needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. labels Jan 13, 2023
@k8s-ci-robot
Copy link
Contributor

@KnVerey: This issue is currently awaiting triage.

SIG CLI takes a lead on issue triage for this repo, but any Kubernetes member can accept issues by applying the triage/accepted label.

The triage/accepted label can be added by org members by writing /triage accepted in a comment.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@KnVerey KnVerey added kind/test-coverage Categorizes issue or PR as related to a gap in or problem with our test coverage. triage/accepted Indicates an issue or PR is ready to be actively worked on. and removed needs-kind Indicates a PR lacks a `kind/foo` label and requires one. needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. labels Jan 13, 2023
@natasha41575
Copy link
Contributor

We will need to think carefully about how to source the dependencies list itself. If we pick it up live, everyones PR will instantly start to fail if k/k adds something we already depend on to the list, which happened with a few archived packages recently. Do we want that?

One option is to leave this CI check as optional. If we see it failing, we file an issue for the problematic dependency and mark that issue as release blocking.

@antoooks
Copy link
Contributor

antoooks commented Nov 29, 2023
edited

/assign

@antoooks
Copy link
Contributor

antoooks commented Dec 30, 2023
edited

The script on k/k checks 4 things:

  1. undesired dependencies listed on unwanted-dependencies.json. I believe this file is updated manually and unless we have exactly the same blocked dependencies as k/k we have to maintain our own block list or create a merged list combining k/k's block list + ours.
  2. outdated dependencies
  3. non-canonical dependencies
  4. unused dependencies

Should we cover all things for this issue or just the undesired dependencies? @natasha41575 @annasong20.

@koba1t
Copy link
Member

koba1t commented Jan 3, 2024
edited

I feel this problem is scoped in upgrading kustomize in Kubectl.
I think it is enough to check the dependencies list in the unwanted-dependencies.json file.

Kubectl is currently importing kustomize with go pkg. I feel we are not required to care about other dependency problems in Kubectl.

@antoooks
Copy link
Contributor

antoooks commented Jan 4, 2024
edited

@koba1t are you referring to k/k's unwanted-dependencies.json file or you agree that we should maintain our own?

@koba1t
Copy link
Member

koba1t commented Jan 5, 2024

I think that is enough to refer to unwanted-dependencies.json in the k/k repo.

@antoooks antoooks mentioned this issue Jan 8, 2024
Closed
@antoooks antoooks mentioned this issue Feb 7, 2024
Closed
9 tasks
@koba1t
Copy link
Member

koba1t commented Jun 19, 2024

/close

@k8s-ci-robot
Copy link
Contributor

@koba1t: Closing this issue.

In response to this:

/close

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@antoooks antoooks

Labels
kind/test-coverage Categorizes issue or PR as related to a gap in or problem with our test coverage. triage/accepted Indicates an issue or PR is ready to be actively worked on.
Projects
Kustomize CI, release Improvements, telemetry, & refactors
Status: Done
Milestone
No milestone
Development

No branches or pull requests
5 participants
@KnVerey @natasha41575 @antoooks @k8s-ci-robot @koba1t