-
Notifications
You must be signed in to change notification settings - Fork 187
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add git2go option to enable Azure DevOps #213
Conversation
In general i think we need better ssh protocol validation for both v1 and v2 implementations |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We need to install libgit2 on the CI VM:
- name: Install libgit2
run: sudo apt-get install -y libgit2-dev
The libgit2 version in apt is very old so we need to find another way to install the latest version. |
Maybe this one will work https://packages.debian.org/experimental/libgit2-1.0 |
That version is too old, see the table here. I am afraid we may have to build it ourselves. |
I have been looking around and it seems like you are right @hiddeco. I really like yak shaving 😄 |
Stefan and I discussed another option: testing from within a Docker container, that would allow us to piggyback on the package that is available for Alpine images. |
Running the whole job in a container is fairly simple with GHA, removing the
I think it's the best approach to keep the build and test environment as close as possible, it should probably be done for all the other components too. |
@relu if we use the container image than we can no longer cache go modules and all the builds will take 5+ minutes. We don't use CGO expect in here, so I don't see why would we give up caching everywhere. |
I don't think it will break caching, at least I remember that was not the case in a previous project I worked on, although it was npm caching that was used rather than go modules, I think the mechanism is the same though. |
Are you saying that GitHub mounts the Go cache from host into the |
Well... technically the cache itself is not on the host, it's kept in GHA caches (limited to 5GB) and restored over the network (really fast on GitHub-operated runners). We use caching even on self-hosted runners and it works the same, though a bit slower as you can imagine. Let me put it to the test, gonna try it out in a separate PR. |
@relu we can't run the whole thing in a container, we need Kubernetes Kind, docker buildx, etc |
Yes, and we probably don't want to mess with dind. Failure log is here: https://github.com/fluxcd/source-controller/pull/216/checks?check_run_id=1458681336 (at least the caching works, so that's something). |
@relu I think we should move only the |
@stefanprodan I agree, I've tested multiple solutions for running everything inside a container and it doesn't look good. It is worth noting that it is possible to get all the tooling installed and caching works just fine, but it seems to fail for some reason during test execution and I think it's not worth digging deeper as long as we can simply just build and run a container for the test step alone. I can help out with that if you don't already have a working example. |
@relu if you can, please open a PR that moves the unit tests and git dirty check inside a container. |
I can probably free up some time during the weekend but if @relu is already on it I can just rebase when his PR gets merged. |
34d61e3
to
ebc3ce8
Compare
d4d2d1e
to
3dd0312
Compare
So I rebased the latest changes to run the test in a container. Could someone have a look and check if there is something else missing before this can be merged? |
Signed-off-by: Philip Laine <philip.laine@xenit.se>
Signed-off-by: Philip Laine <philip.laine@xenit.se>
Signed-off-by: Philip Laine <philip.laine@xenit.se>
Signed-off-by: Philip Laine <philip.laine@xenit.se>
Signed-off-by: Philip Laine <philip.laine@xenit.se>
Signed-off-by: Philip Laine <philip.laine@xenit.se>
Signed-off-by: Philip Laine <philip.laine@gmail.com>
Signed-off-by: Philip Laine <philip.laine@gmail.com>
Signed-off-by: Philip Laine <philip.laine@gmail.com>
7ba8f78
to
47e4e54
Compare
Just to make sure that we have discussed this point.
Looking at alpine it should include openssl 1.1.1 so this should not be an issue. Could I just have someone else verify my thinking. |
I just checked the latest
|
Signed-off-by: Philip Laine <philip.laine@xenit.se>
Signed-off-by: Philip Laine <philip.laine@xenit.se>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just a couple of naming nits from me
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and | |||
limitations under the License. | |||
*/ | |||
|
|||
package git | |||
package v1 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I reckon name the subpackages for the implementations.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do you mean naming the package go-git instead of v1? Would that not create confusion as there would be two packages with the same name.
@@ -39,7 +39,7 @@ deploy: manifests | |||
kustomize build config/default | kubectl apply -f - | |||
|
|||
# Deploy controller dev image in the configured Kubernetes cluster in ~/.kube/config | |||
dev-deploy: manifests |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why was this omitted?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Manifest gen requires libgit2 to be installed which wont work in the CI as this is run outside of the CI container. That is why it had to be removed.
Signed-off-by: Philip Laine <philip.laine@xenit.se>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
Thanks @phillebaba 🥇
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM 🦸
Signed-off-by: Philip Laine <philip.laine@xenit.se>
031951b
to
847499b
Compare
// +kubebuilder:validation:Enum=go-git;libgit2 | ||
// +kubebuilder:default:=go-git | ||
// +optional | ||
GitImplementation string `json:"gitImplementation,omitempty"` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I really like this new property!
Question regarding the off the shelve (OTS) function from kustomize: Will this still work? We use this quite heavily in our applications and found out in e.g. ArgoCD that even their switch to the native CLI it is still breaking in the off the shelve part of the kustomize. Maybe it is more of a concern for kustomize cli.... ? |
So this change has been a long time coming, and has had its ups and downs, but now lets hope that this will be the PR that fixes a major blocker for Azure DevOps users.
The git2go library works with Azure DevOps as it has greater support for more complex capabilities in the git wire protocol. A downside of the library is that it does not support shallow cloning of a git repository, meaning that it needs to fetch whole repository every time. Something that could in theory be expensive both in time and transfer data for very large repositories. As this is a very large downside the compromise solution is to implement a option in the
GitRepository
resource calledgitImplementation
to enable the use of the git2go library. This is turned off to default meaning that source-controller will default to using the usual go-git library people are familiar with.Eventually when shallow cloning is supported in git2go we could consider fully migrating to only using git2go.
libgit2/libgit2#5254
There are a couple of things that have to be done before merging this:
@stefanprodan @hiddeco I would appreciate any early feedback in case there is some major design flaws.
Fixes #104
An additional selling point for this change is that git2go could in the future allow us to do self signed cert verification from memory as it has a certificate validation callback.