Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

🔄 synced file(s) with upbound/sa-up #39

Merged
merged 5 commits into from
Nov 28, 2024
Merged

🔄 synced file(s) with upbound/sa-up #39

merged 5 commits into from
Nov 28, 2024

Conversation

upbound-bot
Copy link

@upbound-bot upbound-bot commented Nov 28, 2024
edited
Loading

synced local file(s) with upbound/sa-up.

Changed files
  • synced local Makefile with remote shared/configurations/Makefile
  • synced local .github/renovate.json5 with remote shared/configurations/renovate.json5
  • synced local .gitmodules with remote shared/configurations/.gitmodules
  • created local .github/CODEOWNERS from remote .github/CODEOWNERS

This PR was created automatically by the repo-file-sync-action workflow run #12071962598

@village-labs-bot Village Labs Bot
Copy link

upbound/configuration-gcp-network #39

Change Summary

  • Major Makefile overhaul with comprehensive updates to development tooling, testing frameworks, and documentation
  • Addition of CODEOWNERS file assigning ownership to the customer success team
  • Update to renovate.json5 configuration with enhanced package grouping and git submodule support
  • Switch of build submodule from upbound/build to crossplane/build.git

Potential Vulnerabilities

  1. Git Submodule Configuration Change:
    • File: .gitmodules:3
    • Code: url = https://github.com/crossplane/build.git
    • Explanation: Changing git submodule source could introduce security risks if the new repository is not properly vetted or maintained. Verification of the crossplane/build.git repository's security practices should be performed.

Code Smells

  1. Redundant Package Rules:

    • File: .github/renovate.json5:16-34
    • Code: ```json
      packageRules: [
      {
      matchFileNames: [
      '.github/**',
      ],
      groupName: 'github-actions dependencies',
      },
      // ... other similar rules
      ]
    • Explanation: The package rules section contains multiple similar blocks with repetitive structure. Could be simplified using a more consolidated configuration approach.

  2. Hard-coded Timeout Values:

    • File: Makefile:240
    • Code: UPTEST_DEFAULT_TIMEOUT ?= 2400s
    • Explanation: Magic numbers in code should be explained or configurable through environment variables with proper documentation.

Debug Logs

No debug logs identified in the changes.

Unintended Consequences

  1. Breaking Change in Build System:

    • File: .gitmodules:3
    • Code: url = https://github.com/crossplane/build.git
    • Explanation: Switching from upbound/build to crossplane/build.git could cause CI/CD pipeline failures or incompatibilities with existing build processes.

  2. Version Constraint Changes:

    • File: Makefile:117-120
    • Code: ```makefile
      UP_VERSION = v0.35.0
      UP_CHANNEL = stable
      CROSSPLANE_CLI_VERSION = v1.18.0
      CROSSPLANE_VERSION = v1.18.0-up.1
    • Explanation: Major version updates to multiple dependencies could introduce compatibility issues with existing configurations or workflows.

  3. Team Ownership Impact:

    • File: .github/CODEOWNERS:1
    • Code: * @upbound/team-customer-success
    • Explanation: Blanket ownership assignment to customer success team could create bottlenecks in PR reviews and potentially slow down development velocity.

Risk Score: 6

The relatively high risk score is primarily due to the fundamental build system changes and multiple version updates. While the changes appear well-structured, the switch in build submodule source and comprehensive tooling updates could potentially impact existing workflows and deployments significantly.

@upbound-bot upbound-bot force-pushed the repo-sync/sa-up/default branch 2 times, most recently from bb8eb67 to 5721b66 Compare November 28, 2024 16:07
@kaessert kaessert force-pushed the repo-sync/sa-up/default branch from 5721b66 to 5bc762e Compare November 28, 2024 16:13
@kaessert
Copy link
Contributor

/test-examples

@kaessert
Copy link
Contributor

Local testing:

$> make render.validate
18:29:24 [ .. ] validating ./examples/configuration.yaml
18:29:24 [WARN] render produced empty output for: ./examples/configuration.yaml
18:29:24 [ .. ] validating ./examples/network-xr.yaml
schemas does not exist, downloading:  xpkg.upbound.io/upbound/provider-gcp-compute:v1.0.1
[!] could not find CRD/XRD for: gcp.platform.upbound.io/v1alpha1, Kind=XNetwork
[✓] compute.gcp.upbound.io/v1beta1, Kind=Network, ref-gcp-network-from-xr validated successfully
[✓] compute.gcp.upbound.io/v1beta1, Kind=Subnetwork, subnetwork validated successfully
Total 3 resources: 1 missing schemas, 2 success cases, 0 failure cases
18:29:32 [ OK ] validated ./examples/network-xr.yaml
18:29:32 [ .. ] validating ./examples/functions.yaml
18:29:32 [WARN] render produced empty output for: ./examples/functions.yaml

$> make check-examples
18:29:57 [ .. ] Checking if package versions in dependencies match examples
18:29:57 [ OK ] Package versions are sane

$> make render.show
---
apiVersion: gcp.platform.upbound.io/v1alpha1
kind: XNetwork
metadata:
  annotations:
    render.crossplane.io/composition-path: apis/default/composition.yaml
    render.crossplane.io/function-path: examples/functions.yaml
  name: ref-gcp-network
spec:
  parameters:
    id: ref-gcp-network-from-xr
    region: us-west2
status:
  conditions:
  - lastTransitionTime: "2024-01-01T00:00:00Z"
    message: 'Unready resources: network, subnetwork'
    reason: Creating
    status: "False"
    type: Ready
---
apiVersion: compute.gcp.upbound.io/v1beta1
kind: Network
metadata:
  annotations:
    crossplane.io/composition-resource-name: network
  generateName: ref-gcp-network-
  labels:
    crossplane.io/composite: ref-gcp-network
    networks.gcp.platform.upbound.io/network-id: ref-gcp-network-from-xr
  name: ref-gcp-network-from-xr
  ownerReferences:
  - apiVersion: gcp.platform.upbound.io/v1alpha1
    blockOwnerDeletion: true
    controller: true
    kind: XNetwork
    name: ref-gcp-network
    uid: ""
spec:
  forProvider:
    autoCreateSubnetworks: false
    routingMode: REGIONAL
---
apiVersion: compute.gcp.upbound.io/v1beta1
kind: Subnetwork
metadata:
  annotations:
    crossplane.io/composition-resource-name: subnetwork
  generateName: ref-gcp-network-
  labels:
    crossplane.io/composite: ref-gcp-network
    networks.gcp.platform.upbound.io/network-id: ref-gcp-network-from-xr
  ownerReferences:
  - apiVersion: gcp.platform.upbound.io/v1alpha1
    blockOwnerDeletion: true
    controller: true
    kind: XNetwork
    name: ref-gcp-network
    uid: ""
spec:
  forProvider:
    ipCidrRange: 172.16.0.0/16
    networkSelector:
      matchControllerRef: true
    privateIpGoogleAccess: true
    region: us-west2
    secondaryIpRange:
    - ipCidrRange: 10.200.0.0/14
      rangeName: pods
    - ipCidrRange: 10.204.0.0/16
      rangeName: services

@kaessert kaessert requested a review from ytsarev November 28, 2024 17:33
@ytsarev ytsarev merged commit fe4def5 into main Nov 28, 2024
2 checks passed
@ytsarev ytsarev deleted the repo-sync/sa-up/default branch November 28, 2024 22:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ytsarev ytsarev ytsarev approved these changes

Assignees
No one assigned
Labels
sync
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@upbound-bot @kaessert @ytsarev