Skip to content

ROX-25572: prefetch dependencies for operator-bundle on Konflux#12651

Closed
tommartensen wants to merge 32 commits intomasterfrom
tm/konflux-enable-prefetching-operator-bundle
Closed

ROX-25572: prefetch dependencies for operator-bundle on Konflux#12651
tommartensen wants to merge 32 commits intomasterfrom
tm/konflux-enable-prefetching-operator-bundle

Conversation

@tommartensen
Copy link
Contributor

@tommartensen tommartensen commented Sep 10, 2024
edited
Loading

Description

Changes:

  • pip and setuptools and all their transitive dependencies are installed through requirements-build.txt
  • PyYAML bumped to 6.0.2 to avoid a conflict with Cython 3.x.x.
  • Add python3-devel package to builder-runner that contains headers to compile dependencies

Current status:

TODO

  • undo 'hermetic' setting and Dockerfile build stage changes - must keep the python3-devel install though!
  • some validation, e.g. comparing operator-bundle files from PR to master

User-facing documentation

Testing and quality

  • the change is production ready: the change is GA or otherwise the functionality is gated by a feature flag
  • CI results are inspected

Automated testing

- [ ] added unit tests
- [ ] added e2e tests
- [ ] added regression tests
- [ ] added compatibility tests
- [ ] modified existing tests

  • existing tests suffice

How I validated my change

Builds on Konflux.

@tommartensen tommartensen self-assigned this Sep 10, 2024
@openshift-ci
Copy link

openshift-ci bot commented Sep 10, 2024

Skipping CI for Draft Pull Request.
If you want CI signal for your change, please convert it to an actual PR.
You can still manually trigger a test run with /test all

@rhacs-bot
Copy link
Contributor

rhacs-bot commented Sep 10, 2024
edited
Loading

Images are ready for the commit at 05da7ae.

To use with deploy scripts, first export MAIN_IMAGE_TAG=4.6.x-781-g05da7ae160.

@codecov
Copy link

codecov bot commented Sep 10, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 48.23%. Comparing base (3d63a22) to head (05da7ae).
Report is 141 commits behind head on master.

Additional details and impacted files 
@@            Coverage Diff             @@
##           master   #12651      +/-   ##
==========================================
- Coverage   48.24%   48.23%   -0.01%     
==========================================
  Files        2452     2452              
  Lines      176454   176454              
==========================================
- Hits        85122    85119       -3     
- Misses      84484    84486       +2     
- Partials     6848     6849       +1
Flag Coverage Δ
go-unit-tests 48.23% <ø> (-0.01%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@tommartensen
Copy link
Contributor Author

tommartensen commented Sep 11, 2024

/retest

@openshift-ci
Copy link

openshift-ci bot commented Sep 11, 2024

@tommartensen: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
ci/prow/ocp-4-16-nongroovy-e2e-tests 19d46db link false /test ocp-4-16-nongroovy-e2e-tests
ci/prow/gke-operator-e2e-tests 19d46db link false /test gke-operator-e2e-tests
ci/prow/ocp-4-12-qa-e2e-tests 19d46db link false /test ocp-4-12-qa-e2e-tests
ci/prow/ocp-4-12-nongroovy-e2e-tests 19d46db link false /test ocp-4-12-nongroovy-e2e-tests
ci/prow/ocp-4-12-operator-e2e-tests 19d46db link false /test ocp-4-12-operator-e2e-tests
ci/prow/ocp-4-16-operator-e2e-tests 19d46db link false /test ocp-4-16-operator-e2e-tests
ci/prow/ocp-4-16-qa-e2e-tests 19d46db link false /test ocp-4-16-qa-e2e-tests

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

msugakov added a commit that referenced this pull request Sep 12, 2024
@msugakov
Add Go prefetch for operator-bundle
3cb0fb7 
To overcome build error like
```
Go compliance shim [1209] [rhel-9-golang-1.22][openshift-golang-builder]: invoking real go binary
go: inconsistent vendoring in /stackrox/operator/tools/operator-sdk:
	github.com/operator-framework/operator-lifecycle-manager@v0.27.0: is explicitly required in go.mod, but not marked as explicit in vendor/modules.txt
	github.com/operator-framework/operator-sdk@v1.36.1: is explicitly required in go.mod, but not marked as explicit in vendor/modules.txt
	github.com/AdaLogics/go-fuzz-headers@v0.0.0-20230811130428-ced1acdcaa24: is explicitly required in go.mod, but not marked as explicit in vendor/modules.txt
	github.com/Azure/go-ansiterm@v0.0.0-20230124172434-306776ec8161: is explicitly required in go.mod, but not marked as explicit in vendor/modules.txt
	github.com/BurntSushi/toml@v1.3.2: is explicitly required in go.mod, but not marked as explicit in vendor/modules.txt
	github.com/MakeNowJust/heredoc@v1.0.0: is explicitly required in go.mod, but not marked as explicit in vendor/modules.txt
```

In https://console.redhat.com/application-pipeline/workspaces/rh-acs/applications/acs/pipelineruns/operator-bundle-build-swhjj

Borrowed from #12651 but
excluding Python stuff.
@msugakov msugakov mentioned this pull request Sep 13, 2024
Merged
4 tasks
@gitguardian
Copy link

gitguardian bot commented Sep 16, 2024
edited
Loading

⚠️ GitGuardian has uncovered 1 secret following the scan of your pull request.

Please consider investigating the findings and remediating the incidents. Failure to do so may lead to compromising the associated services or software components.

🔎 Detected hardcoded secret in your pull request
GitGuardian id GitGuardian status Secret Commit Filename
13717494 Triggered Generic Private Key 0f50bbc central/clusterinit/backend/testdata/crs-key.pem View secret
🛠 Guidelines to remediate hardcoded secrets
  1. Understand the implications of revoking this secret by investigating where it is used in your code.
  2. Replace and store your secret safely. Learn here the best practices.
  3. Revoke and rotate this secret.
  4. If possible, rewrite git history. Rewriting git history is not a trivial act. You might completely break other contributing developers' workflow and you risk accidentally deleting legitimate data.

To avoid such incidents in the future consider

🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.

@tommartensen tommartensen changed the title attempt to prefetch dependencies for operator-bundle ROX-25572: prefetch dependencies for operator-bundle on Konflux Sep 20, 2024
msugakov
msugakov reviewed Sep 20, 2024
View reviewed changes
Copy link
Contributor

@msugakov msugakov left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great that you found a way!

operator/bundle_helpers/requirements-build.txt
@@ -0,0 +1,19 @@
attrs==24.2.0
Copy link
Contributor

@msugakov msugakov Sep 20, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I did not know about requirements-build.txt before and it seems to be Cachi2 thing.

What was the reason you decided to build from sdists instead of using wheels (as described here)?

If we stay with requirements-build.txt, we need instructions how to update it when we change versions in requirements.txt or add new dependencies there.

Copy link
Contributor

@msugakov msugakov Sep 24, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I saw wheels support was just announced https://groups.google.com/a/redhat.com/g/konflux-announce/c/QILABamxDtA/m/5wK53cnlAgAJ

@msugakov msugakov mentioned this pull request Oct 9, 2024
Closed
@tommartensen tommartensen deleted the tm/konflux-enable-prefetching-operator-bundle branch September 11, 2025 06:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@msugakov msugakov msugakov left review comments

@rhacs-bot rhacs-bot Awaiting requested review from rhacs-bot rhacs-bot will be requested when the pull request is marked ready for review rhacs-bot is a code owner

Assignees

@tommartensen tommartensen

Labels

area/operator do-not-merge/work-in-progress

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@tommartensen @rhacs-bot @msugakov