Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore: group tools/mod updates and update only direct dependencies #18992

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

mmorel-35
Copy link
Contributor

Concerning tools update it seems more appropriate to update only direct dependencies.
They can also be grouped in one PR update.

@k8s-ci-robot
Copy link

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: mmorel-35
Once this PR has been reviewed and has the lgtm label, please assign ivanvc for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot
Copy link

Hi @mmorel-35. Thanks for your PR.

I'm waiting for a etcd-io member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>
@mmorel-35 mmorel-35 changed the title chore: group tools/mod and update only direct dependencies chore: group tools/mod updates and update only direct dependencies Dec 3, 2024
Copy link

codecov bot commented Dec 3, 2024

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 68.75%. Comparing base (b038739) to head (cbb9450).
Report is 12 commits behind head on main.

Additional details and impacted files

see 22 files with indirect coverage changes

@@            Coverage Diff             @@
##             main   #18992      +/-   ##
==========================================
- Coverage   68.82%   68.75%   -0.08%     
==========================================
  Files         420      420              
  Lines       35621    35621              
==========================================
- Hits        24517    24492      -25     
- Misses       9683     9699      +16     
- Partials     1421     1430       +9     

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update b038739...cbb9450. Read the comment docs.

@ahrtr
Copy link
Member

ahrtr commented Dec 4, 2024

/ok-to-test

@mmorel-35
Copy link
Contributor Author

/test pull-etcd-integration-1-cpu-amd64

Comment on lines +21 to +25
- dependency-type: direct
groups:
tools-mod:
patterns:
- "*"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This seems reasonable to me, most of our purely indirect dependencies come from tools so we end up closing them. Thanks for proposing it @mmorel-35, it should reduce weekly spam pr's. What do you think @ivanvc?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this PR has some overlap with the work from issue #18925.

That aside, I tested it in my fork, and it seems like dependabot is tidying the module correctly (ivanvc#450), as there is only a single directory specified (it looks like the tidying bug is only present when there is more than one directory specified).

The only potential risk I see is that if we have a dependency in /tools/mod that is also used in other submodule (i.e., github.com/gogo/protobuf, go.etcd.io/raft/v3, github.com/grpc-ecosystem/grpc-gateway/v2), our CI check pull-etcd-verify (verify-dep), will fail because the dependencies won't be at the same version.

@ivanvc
Copy link
Member

ivanvc commented Dec 5, 2024

Link to #18925.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Development

Successfully merging this pull request may close these issues.

5 participants