Skip to content

fix: add user defined volumes to make targets#15347

Merged
BradLugo merged 2 commits intomasterfrom
blugo/additional-volumes
May 28, 2025
Merged

fix: add user defined volumes to make targets#15347
BradLugo merged 2 commits intomasterfrom
blugo/additional-volumes

Conversation

@BradLugo
Copy link
Contributor

@BradLugo BradLugo commented May 19, 2025

Description

The *-dockerized make targets will map, among other volumes, the current working directory to /src. Some scripts used by these make targets will run git commands against /src. However, a developer will be met with an error if the current working directory is a git worktree that references a git directory outside of the current directory.

These changes allow developers to set a new variable, ADDITIONAL_LOCAL_VOLUME_ARGS, that will be appended to LOCAL_VOLUME_ARGS.

User-facing documentation

Testing and quality

  • [ ] the change is production ready: the change is GA, or otherwise the functionality is gated by a feature flag
  • CI results are inspected

Automated testing

Current automated testing should be sufficient.

How I validated my change

Before:

❯ make main-build-dockerized
+ main-build-dockerized
docker run --user "501" -i -e RACE -e CI -e BUILD_TAG -e SHORTCOMMIT -e GOTAGS -e DEBUG_BUILD -e CGO_ENABLED --rm -w /src -e GOPATH=/go -e GOCACHE=/linux-gocache -e GIT_CONFIG_COUNT=1 -e GIT_CONFIG_KEY_0=safe.directory -e GIT_CONFIG_VALUE_0='/src' -v ~/dev/stackrox/stackrox/work:/src:delegated -v ~/dev/stackrox/stackrox/work/linux-gocache:/linux-gocache:delegated -v ~/go:/go:delegated docker.io/library/golang:1.23 make main-build-nodeps
fatal: not a git repository: ~/dev/stackrox/stackrox/.bare/worktrees/work
fatal: not a git repository: ~/dev/stackrox/stackrox/.bare/worktrees/work
+ central-build-nodeps
/src/scripts/go-build.sh central
fatal: not a git repository: ~/dev/stackrox/stackrox/.bare/worktrees/work
fatal: not a git repository: ~/dev/stackrox/stackrox/.bare/worktrees/work
fatal: not a git repository: ~/dev/stackrox/stackrox/.bare/worktrees/work
Malformed status.sh output line STABLE_MAIN_VERSION
make: *** [Makefile:244: central-build-nodeps] Error 1
make: *** [Makefile:484: main-build-dockerized] Error 2

After (note the variable export at the start):

❯ export ADDITIONAL_LOCAL_VOLUME_ARGS="-v $PWD/..:$PWD/.."
❯ make main-build-dockerized
+ main-build-dockerized
docker run --user "501" -i -e RACE -e CI -e BUILD_TAG -e SHORTCOMMIT -e GOTAGS -e DEBUG_BUILD -e CGO_ENABLED --rm -w /src -e GOPATH=/go -e GOCACHE=/linux-gocache -e GIT_CONFIG_COUNT=1 -e GIT_CONFIG_KEY_0=safe.directory -e GIT_CONFIG_VALUE_0='/src' -v ~/dev/stackrox/stackrox/work:/src:delegated -v ~/dev/stackrox/stackrox/work/linux-gocache:/linux-gocache:delegated -v ~/go:/go:delegated -v ~/dev/stackrox/stackrox/work/..:~/dev/stackrox/stackrox/work/.. docker.io/library/golang:1.23 make main-build-nodeps
+ central-build-nodeps
/src/scripts/go-build.sh central
CGO_ENABLED is not 0. Compiling with -linkmode=external
Compiling Go source in ./central to bin/linux_arm64/central
+ migrator-build-nodeps
/src/scripts/go-build.sh migrator
CGO_ENABLED is not 0. Compiling with -linkmode=external
Compiling Go source in ./migrator to bin/linux_arm64/migrator
+ config-controller-build-nodeps
/src/scripts/go-build.sh config-controller
CGO_ENABLED is not 0. Compiling with -linkmode=external
Compiling Go source in ./config-controller to bin/linux_arm64/config-controller
/src/scripts/go-build.sh sensor/kubernetes sensor/admission-control compliance/cmd/compliance
CGO_ENABLED is not 0. Compiling with -linkmode=external
Compiling Go source in ./sensor/kubernetes to bin/linux_arm64/kubernetes
Compiling Go source in ./sensor/admission-control to bin/linux_arm64/admission-control
Compiling Go source in ./compliance/cmd/compliance to bin/linux_arm64/compliance
/src/scripts/go-build.sh sensor/upgrader
CGO_ENABLED is not 0. Compiling with -linkmode=external
Compiling Go source in ./sensor/upgrader to bin/linux_arm64/upgrader
/src/scripts/go-build.sh sensor/init-tls-certs
CGO_ENABLED is not 0. Compiling with -linkmode=external
Compiling Go source in ./sensor/init-tls-certs to bin/linux_arm64/init-tls-certs
CGO_ENABLED=0 /src/scripts/go-build.sh roxctl
Compiling Go source in ./roxctl to bin/linux_arm64/roxctl

sourcery-ai[bot]
sourcery-ai bot reviewed May 19, 2025
View reviewed changes
Copy link
Contributor

@sourcery-ai sourcery-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey @BradLugo - I've reviewed your changes - here's some feedback:

  • Add a brief comment in the Makefile explaining the purpose and usage of the ADDITIONAL_LOCAL_VOLUME_ARGS variable so it's easy for future maintainers to discover.
  • Consider using LOCAL_VOLUME_ARGS += $(ADDITIONAL_LOCAL_VOLUME_ARGS) (with a default ?= for the new var) instead of embedding the conditional in the := assignment to improve readability.
Here's what I looked at during the review
  • 🟢 General issues: all looks good
  • 🟢 Testing: all looks good
  • 🟢 Complexity: all looks good
  • 🟢 Documentation: all looks good
Sourcery is free for open source - if you like our reviews please consider sharing them ✨
Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.

@rhacs-bot
Copy link
Contributor

rhacs-bot commented May 19, 2025
edited
Loading

Images are ready for the commit at df3cfb7.

To use with deploy scripts, first export MAIN_IMAGE_TAG=4.8.x-737-gdf3cfb7874.

@codecov
Copy link

codecov bot commented May 19, 2025
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 49.23%. Comparing base (bc46716) to head (df3cfb7).
Report is 100 commits behind head on master.

Additional details and impacted files 
@@            Coverage Diff             @@
##           master   #15347      +/-   ##
==========================================
+ Coverage   49.13%   49.23%   +0.10%     
==========================================
  Files        2569     2573       +4     
  Lines      188638   188845     +207     
==========================================
+ Hits        92680    92978     +298     
+ Misses      88646    88549      -97     
- Partials     7312     7318       +6
Flag Coverage Δ
go-unit-tests 49.23% <ø> (+0.10%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@msugakov
Copy link
Contributor

msugakov commented May 19, 2025
edited
Loading

if the current working directory is a git worktree that references a git directory outside of the current directory.

Got me curious because I know very little about this. What was a scenario when you ran in this error? I see what you did in testing but I cannot figure what the real usage might have been.

Also, what Sourcery suggests seems like an improvement to me.

  • Consider using LOCAL_VOLUME_ARGS += $(ADDITIONAL_LOCAL_VOLUME_ARGS) (with a default ?= for the new var) instead of embedding the conditional in the := assignment to improve readability.

Also, I'd call these LOCAL_VOLUME_ARGS_EXTRA or EXTRA_LOCAL_VOLUME_ARGS.

davdhacs
davdhacs reviewed May 20, 2025
View reviewed changes
@BradLugo
Copy link
Contributor Author

BradLugo commented May 20, 2025

if the current working directory is a git worktree that references a git directory outside of the current directory.

Got me curious because I know very little about this. What was a scenario when you ran in this error? I see what you did in testing but I cannot figure what the real usage might have been.

I've been testing out a new workflow for larger projects I contribute to on a regular basis. The structure looks like this:

❯ eza --tree --level 1 --icons never stackrox
stackrox
├── master
├── review
└── work

To achieve this structure:

❯ git clone --bare <url> .bare
❯ echo "gitdir: ./.bare" > .git
❯ git config remote.origin.fetch '+refs/heads/*:refs/remotes/origin/*'
# git config remote.upstream.fetch '+refs/heads/*:refs/remotes/upstream/*' # For forks
❯ git worktree add main # or master
❯ git worktree add review
❯ git worktree add work
❯ git -C main branch -u upstream/main # s/main/master/

This will create a bare git directory in the top-level stackrox directory that contains references to all branches.

The idea behind each of these directories:

  • main/master: An explicitly clean version of the project. This is usually to look up something specific or figure out some functionality with the repo in a good known state. Sometimes I'll switch this to a release branch/version, but it usually stays on master for my local stackrox project.
  • review: Only used for code reviews.
  • work: Only used for changes I'm working on.

Having these separate worktrees helps avoid needing to keep track of stashes, temporary branches/commits, and otherwise clutter versions of the project I want to keep clean (I often have a lot of junk lying around my work directory), while also leveraging the git internals, such as avoiding the storage requirements of having completely separate copies of the project or fetching once and having the main branch available to all version of the project.

@BradLugo BradLugo requested a review from davdhacs May 20, 2025 17:02
davdhacs
davdhacs approved these changes May 27, 2025
View reviewed changes
Copy link
Contributor

@davdhacs davdhacs left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

+1

@BradLugo BradLugo merged commit c259042 into master May 28, 2025
92 checks passed
@BradLugo BradLugo deleted the blugo/additional-volumes branch May 28, 2025 15:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sourcery-ai sourcery-ai[bot] sourcery-ai[bot] left review comments

@davdhacs davdhacs davdhacs approved these changes

@msugakov msugakov Awaiting requested review from msugakov

@tommartensen tommartensen Awaiting requested review from tommartensen

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@BradLugo @rhacs-bot @msugakov @davdhacs