-
Notifications
You must be signed in to change notification settings - Fork 2.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add updateCLI/automated dependency management to other k3s repos #7040
Comments
example implementation: |
I am going to add dependabot separately from updatecli so that the changes are atomic. |
I want to see how @macedogm feels about k3s-io/kine#166 as sort of a generic way to get updatecli into every repo where we see it as useful. Then, once it is in, I will start having updatecli look at different files based on what the repo needs. I think that breaks things up so that the reviews are small and simple and the changes can be reasoned about easily without being too granular. |
@macedogm pointed out k3s-io/klipper-lb#45 (comment), which highlights that sometimes versions are in places we don't expect them to be. Dependabot will only manage the dockerfile lines that are structured as part of the build, we need to make sure to check the dockerfile for unstructured versions. |
@matttrach in some of the PRs that I reviewed I mentioned about adding UpdateCLI. Your approach in separating them makes sense 👍🏻 |
@matttrach here are also some examples with regexes to match patterns inside a file, which is very useful for such unstructured version bumps. |
@matttrach I made a few comments in the PR, but overall the approach is really great. From what I saw in K3s repos, most of the updates required, expect a few, are the same, so having a central config for UpdateCLI will greatly speed up the time to add it to more repos. |
Updatecli PRs have been added, dependabot PRs have been merged. Next up: adding updatecli configs to update unstructured Dockerfile lines to Kine first, then the other repos. |
While working on the kine updates I ran into an issue where we need a better representation for how we keep a module up to date. The "go get" tool uses the "goproxy" tool to get modules from repos, but it uses a query system to retrieve the version requested. The query system expects repos to follow valid semver. The repo we want to keep up to date (goimports /w gopls) does not follow valid semver, so we need a better way to facilitate pulling that data. Instead of using tags information you can pull git commit hash and the "go get" tool will pull that directly. We need the commit hash from a git tag query to make this happen, so I generated a PR in updatecli to get the hash from a git tag query. updatecli/updatecli#1275 |
This will allow us to automatically update go get/install commands with valid information that can be reliably pulled from module cache without bypassing the go proxy, which should speed up build times as well as facilitate easier automatic updates. |
Marking this issue as done since the initial setup is complete. Follow-on work will be in additional issues. |
We currently have automation to bump dependencies in k3s-io/k3s itself, but we don't have it for other repos we maintain (i.e kine, k3s-upgrade, etc). Please follow the decisions highlighted in this ADR for the following repos:
The text was updated successfully, but these errors were encountered: