Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Checkout Standard Capabilities #15671

Merged
merged 3 commits into from
Jan 7, 2025
Merged

Checkout Standard Capabilities #15671

merged 3 commits into from
Jan 7, 2025

Conversation

justinkaseman
Copy link
Contributor

@justinkaseman justinkaseman commented Dec 12, 2024

No description provided.

@justinkaseman justinkaseman marked this pull request as ready for review December 12, 2024 22:08
@justinkaseman justinkaseman requested review from a team as code owners December 12, 2024 22:08
@justinkaseman justinkaseman requested review from pavel-raykov and removed request for pavel-raykov December 12, 2024 22:08
@justinkaseman justinkaseman added build-publish Build and Publish image to SDLC and removed build-publish Build and Publish image to SDLC labels Dec 12, 2024
@justinkaseman justinkaseman requested review from a team as code owners December 12, 2024 23:47
@justinkaseman justinkaseman force-pushed the CAPPL-54 branch 8 times, most recently from a9eec4d to 87559f9 Compare December 16, 2024 22:37
Copy link
Contributor

github-actions bot commented Dec 16, 2024

AER Report: CI Core ran successfully ✅

aer_workflow , commit

AER Report: Operator UI CI ran successfully ✅

aer_workflow , commit

@justinkaseman justinkaseman force-pushed the CAPPL-54 branch 6 times, most recently from 132d149 to ca00b4f Compare December 17, 2024 00:23
@justinkaseman justinkaseman removed the build-publish Build and Publish image to SDLC label Dec 17, 2024
@justinkaseman justinkaseman force-pushed the CAPPL-54 branch 6 times, most recently from e8aa15c to 5d377da Compare December 17, 2024 06:08
build_standard_capabilities() {
cd ./capabilities
npx [email protected] init
./nx run-many -t build
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@HenryNguyen5 @chainchad should I be using actions/cache to cache these binaries?

Copy link
Contributor Author

@justinkaseman justinkaseman Dec 18, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Also no manifest right now. Is a manifest necessary for phase 1? Or can it come with phase 2 as we harden?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

WDYM by manifest?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The setup-go action should already cache the intermediate artifacts to the binaries, if not the binaries themselves. Probably best to leave it as-is. If build times continue to be an issue, it's better to publish the binaries on the capabilities repo side then pull down the pre-built binaries in here.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

WDYM by manifest?

Originally @chainchad @cedric-cordenier and I talked about the first iteration of this having:

"
Some manifest file which has the plugin name, version, url, and checksum. For ex.

version: 1.0
dependencies:
- name: dependency1
version: 1.2.3
url: [https://example.com/dependency1/v1.2.3/dependency1.tar.gz](https://www.google.com/url?q=https://example.com/dependency1/v1.2.3/dependency1.tar.gz&sa=D&source=docs&ust=1734635936940744&usg=AOvVaw16wDn9XzQdSKoTtxHG6Po1)
checksum: sha256:abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890

"

But currently it just builds from the latest head in the capabilities repo without doing any checks

Copy link
Contributor

@HenryNguyen5 HenryNguyen5 Dec 20, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

got it, makes sense. Ill leave this up to @chainchad

Copy link
Collaborator

@chainchad chainchad Dec 23, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If we don't have a manifest, the implication is that we'll always build this with the latest standard capabilities? I suppose that's fine for this image which is a "develop" image. If we want to release this, I suppose we'll need that manifest then. Would that work?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If we don't have a manifest, the implication is that we'll always build this with the latest standard capabilities? I suppose that's fine for this image which is a "develop" image. If we want to release this, I suppose we'll need that manifest then. Would that work?

Yes. That plan sounds good to me.

@justinkaseman justinkaseman changed the title [WIP] Checkout Capabilities Checkout Standard Capabilities Dec 17, 2024
@justinkaseman justinkaseman force-pushed the CAPPL-54 branch 2 times, most recently from 8d39792 to 229ef44 Compare December 17, 2024 06:30
pavel-raykov
pavel-raykov previously approved these changes Dec 17, 2024
build_standard_capabilities() {
cd ./capabilities
npx [email protected] init
./nx run-many -t build
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

WDYM by manifest?

build_standard_capabilities() {
cd ./capabilities
npx [email protected] init
./nx run-many -t build
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The setup-go action should already cache the intermediate artifacts to the binaries, if not the binaries themselves. Probably best to leave it as-is. If build times continue to be an issue, it's better to publish the binaries on the capabilities repo side then pull down the pre-built binaries in here.

aws-role-arn: ${{ secrets.AWS_OIDC_GLOBAL_READ_ONLY_TOKEN_ISSUER_ROLE_ARN }}
aws-lambda-url: ${{ secrets.AWS_INFRA_RELENG_TOKEN_ISSUER_LAMBDA_URL }}
aws-region: ${{ secrets.AWS_REGION }}
set-git-config: "true"
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
set-git-config: "true"

I think we can remove this since you're using the token explicitly in the next step?

@@ -13,6 +13,7 @@ before_hook() {
install_local_plugins
install_remote_plugins
mkdir -p "$lib_path/plugins"
build_standard_capabilities
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we want to always include these plugins going forward versus making it optional? If so, this makes sense.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Always include them, yes. At least in this first iteration. The ones that are included are the bare minimum capabilities. In the next iteration it may be a subset of the plugins.

build_standard_capabilities() {
cd ./capabilities
npx [email protected] init
./nx run-many -t build
Copy link
Collaborator

@chainchad chainchad Dec 23, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If we don't have a manifest, the implication is that we'll always build this with the latest standard capabilities? I suppose that's fine for this image which is a "develop" image. If we want to release this, I suppose we'll need that manifest then. Would that work?

@cl-sonarqube-production
Copy link

Quality Gate passed Quality Gate passed

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarQube

@justinkaseman justinkaseman added this pull request to the merge queue Jan 7, 2025
Merged via the queue into develop with commit aabd54d Jan 7, 2025
101 of 102 checks passed
@justinkaseman justinkaseman deleted the CAPPL-54 branch January 7, 2025 16:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
build-publish Build and Publish image to SDLC
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants