Skip to content

Upgrade all dependencies #6287

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 7 commits into from
Aug 25, 2023
Merged

Upgrade all dependencies #6287

merged 7 commits into from
Aug 25, 2023

Conversation

inteon
Copy link
Member

@inteon inteon commented Aug 21, 2023
edited
Loading

This does not include upgrading go to 1.21 and pebble to the latest commit, because those upgrades were causing issues.
They will have to be upgraded in another PR.

For us to have a unit test which initializes logging multiple times, we have to call the new logsapi.ResetForTest function.

Kind

/kind cleanup

Release Note

NONE

@jetstack-bot jetstack-bot added release-note-none Denotes a PR that doesn't merit a release note. dco-signoff: yes Indicates that all commits in the pull request have the valid DCO sign-off message. needs-kind Indicates a PR lacks a `kind/foo` label and requires one. size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. area/acme Indicates a PR directly modifies the ACME Issuer code area/testing Issues relating to testing approved Indicates a PR has been approved by an approver from all required OWNERS files. labels Aug 21, 2023
@inteon inteon force-pushed the upgrade_dependencies branch 6 times, most recently from 6c1cf6b to 3513a8e Compare August 22, 2023 16:29
patkinson01
patkinson01 reviewed Aug 22, 2023
View reviewed changes
@inteon inteon force-pushed the upgrade_dependencies branch 2 times, most recently from 765c1ca to 502c1e6 Compare August 23, 2023 08:47
@jetstack-bot jetstack-bot added dco-signoff: no Indicates that at least one commit in this pull request is missing the DCO sign-off message. and removed dco-signoff: yes Indicates that all commits in the pull request have the valid DCO sign-off message. labels Aug 23, 2023
@inteon inteon force-pushed the upgrade_dependencies branch from 502c1e6 to 24d8b2a Compare August 23, 2023 09:05
@jetstack-bot jetstack-bot added dco-signoff: yes Indicates that all commits in the pull request have the valid DCO sign-off message. area/deploy Indicates a PR modifies deployment configuration and removed dco-signoff: no Indicates that at least one commit in this pull request is missing the DCO sign-off message. labels Aug 23, 2023
@inteon inteon force-pushed the upgrade_dependencies branch from 24d8b2a to a922109 Compare August 23, 2023 10:25
This was referenced Aug 23, 2023
Merged
Merged
@inteon inteon added this to the 1.13 milestone Aug 23, 2023
@inteon inteon force-pushed the upgrade_dependencies branch from 66418bf to d3345f9 Compare August 24, 2023 17:29
inteon
inteon commented Aug 24, 2023
View reviewed changes
make/tools.mk

# re-download all tools and replace the sha values if changed
# useful for determining the sha values after upgrading
learn-sha-tools:
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks to this new target, we can "learn" shas.

inteon
inteon commented Aug 24, 2023
View reviewed changes
hack/util/checkhash.sh
if [ $SHASUM != "$2" ]; then
# When running 'make learn-sha-tools', we don't want this script to fail.
# Instead we log what sha values are wrong, so the make.mk file can be updated.
if [ "$SHASUM" != "$2" ] && [ "${LEARN_FILE:-}" != "" ]; then
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

see https://github.com/cert-manager/cert-manager/pull/6287/files#r1304657678

@jetstack-bot jetstack-bot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Aug 24, 2023
inteon added 5 commits August 24, 2023 19:54
@inteon
upgrade all dependencies
3fc1f8a 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
@inteon
downgrade pebble
29e834d 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
@inteon
downgrade go version
75afb4f 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
@inteon
add ResetForTest
d8b3888 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
@inteon
fix changed slices.SortFunc signature
6a159bb 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
@inteon inteon force-pushed the upgrade_dependencies branch from 1586e31 to 6a159bb Compare August 24, 2023 17:54
@inteon
upgrade KUBEBUILDER_TOOLS
8bc621d 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
@jetstack-bot jetstack-bot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Aug 25, 2023
wallrj
wallrj requested changes Aug 25, 2023
View reviewed changes
Copy link
Member

@wallrj wallrj left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reading the commits in the PR this is not simply "Upgrade all dependencies".

Please explain and document:

  • downgraded pebble,
  • downgraded go,
  • added logsapi reset,
  • document the use of learn-shas in the README for the benefit of contributors and in the self-documenting Makefile style....and add comments explaining how learn-shas works, because I can't understand it.

@inteon
fix the makefile self-documentation for learn-sha-tools
4c2e191 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
inteon
inteon commented Aug 25, 2023
View reviewed changes
make/tools.mk
learn-sha-tools:
rm -rf ./$(BINDIR)
mkdir ./$(BINDIR)
$(eval export LEARN_FILE=$(PWD)/$(BINDIR)/learn_file)
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

By setting the LEARN_FILE environment variable, ./hack/util/checkhash.sh will write a "replace hash x with y" command to the learn file instead of throwing an error on mismatch.

At the end of this make target, we use this learn file to update the tools.mk file and replace all the old hashes with the desired new hashes.

@inteon
Copy link
Member Author

inteon commented Aug 25, 2023
edited
Loading

Reading the commits in the PR this is not simply "Upgrade all dependencies".

Please explain and document:

  • downgraded pebble,
  • downgraded go,
  • added logsapi reset,
  • document the use of learn-shas in the README for the benefit of contributors and in the self-documenting Makefile style....and add comments explaining how learn-shas works, because I can't understand it.

I updated the PR description with answers to 1, 2 & 3.
I also updated the makefile and fixed the self-documentation. In https://github.com/cert-manager/cert-manager/pull/6287/files#r1305414341, I explain how the target works (it is not very easy to explain in a Makefile how a target works).

@inteon
Copy link
Member Author

inteon commented Aug 25, 2023

/test pull-cert-manager-master-e2e-v1-28

@inteon inteon requested a review from wallrj August 25, 2023 09:24
@inteon
Copy link
Member Author

inteon commented Aug 25, 2023

/retest

wallrj
wallrj approved these changes Aug 25, 2023
View reviewed changes
Copy link
Member

@wallrj wallrj left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I updated the PR description with answers to 1, 2 & 3.
I also updated the makefile and fixed the self-documentation. In https://github.com/cert-manager/cert-manager/pull/6287/files#r1305414341, I explain how the target works (it is not very easy to explain in a Makefile how a target works).

Thanks Tim,

/lgtm

@jetstack-bot jetstack-bot added the lgtm Indicates that a PR is ready to be merged. label Aug 25, 2023
@jetstack-bot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: inteon, wallrj

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@inteon
Copy link
Member Author

inteon commented Aug 25, 2023

/test pull-cert-manager-master-make-test

@jetstack-bot jetstack-bot merged commit 1bc7182 into cert-manager:master Aug 25, 2023
@inteon inteon deleted the upgrade_dependencies branch August 25, 2023 10:41
@inteon inteon mentioned this pull request Aug 25, 2023
Closed
@wallrj wallrj mentioned this pull request Aug 25, 2023
Merged
wallrj
wallrj reviewed Oct 26, 2023
View reviewed changes
hack/latest-kind-images.sh
LATEST_127_DIGEST=sha256:3966ac761ae0136263ffdb6cfd4db23ef8a83cba8a463690e98317add2c9ba72
# k8s 1.28 is manually added to ensure that we use the exact documented tag as per kind recommendation
LATEST_128_TAG=v1.28.0
LATEST_128_DIGEST=sha256:9f3ff58f19dcf1a0611d11e8ac989fdb30a28f40f236f59f0bea31fb956ccf5c
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is the digest of the image rather than the multi-arch manifest.

$ crane digest --platform linux/amd64 docker.io/kindest/node:v1.28.0
sha256:9f3ff58f19dcf1a0611d11e8ac989fdb30a28f40f236f59f0bea31fb956ccf5c

$ crane digest docker.io/kindest/node:v1.28.0
sha256:b7a4cad12c197af3ba43202d3efe03246b3f0793f162afb40a33c923952d5b31

The previous digest was for the multi-arch digest:

$ crane digest docker.io/kindest/node:v1.27.3
sha256:3966ac761ae0136263ffdb6cfd4db23ef8a83cba8a463690e98317add2c9ba72

This didn't become apparent until I merged #6440 in which I saw this new digest and assumed that kindest images were supposed to be referenced by image digest rather than multi-arch digest.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@wallrj you are correct, these image digest might be wrong. I think I updated them using the "If it isn't failing, don't fix it" method.

@wallrj wallrj mentioned this pull request Jun 1, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@wallrj wallrj wallrj approved these changes

@patkinson01 patkinson01 patkinson01 left review comments

Assignees

@wallrj wallrj

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. area/acme Indicates a PR directly modifies the ACME Issuer code area/deploy Indicates a PR modifies deployment configuration area/testing Issues relating to testing dco-signoff: yes Indicates that all commits in the pull request have the valid DCO sign-off message. lgtm Indicates that a PR is ready to be merged. needs-kind Indicates a PR lacks a `kind/foo` label and requires one. release-note-none Denotes a PR that doesn't merit a release note. size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files.
Projects
None yet
Milestone
1.13
Development

Successfully merging this pull request may close these issues.
4 participants
@inteon @jetstack-bot @wallrj @patkinson01