WIP: upgrade images from ubi7 to ubi8 and python version from 2 which is deprecated to 3 #1895
Conversation
|
New changes are detected. LGTM label has been removed. |
|
If we upgrade the python so I understand that we can solve the deprecation from #1884 as well. c/c @joelanford @fabianvf |
|
The builds are failing because of missing pip3 |
|
Hi @jmrodri, Thank you for your comment. However, my goal here is to upgrade the version of the python as well. I am trying to find out where it still missing to be done. |
|
This will also fix #1656 |
There was a problem hiding this comment.
I'm not really familiar with python versions. Should we use the latest python3 that's available, rather than pinning to 3.6? Are all python 3.x versions expected to be compatible like go minor versions are?
Is there such thing as python3-* packages that track the latest?
|
|
||
| env: | ||
| global: | ||
| - PATH=/opt/python/3.6.7/bin:$PATH |
There was a problem hiding this comment.
Yes, it is required in order to solve the same scenario https://travis-ci.community/t/please-activate-python-3-by-default-for-non-python-build/3899
Python 3.6 is the default Python when language: python.
But when not language: python, Python 3 can not be used by default.
There is pip (/usr/bin/pip), but not pip3.
.travis.yml
Outdated
| @@ -9,13 +9,27 @@ sudo: required | |||
|
|
|||
| # go modules require xenial for mercurial TLS 1.2 support | |||
| dist: xenial | |||
| python: | |||
| - "3.6" | |||
There was a problem hiding this comment.
It seems like this is not necessary since python 3.6 is installed by default:
https://docs.travis-ci.com/user/reference/xenial/#python-support
Ditto for line 24. Not sure if we have to install python3-pip in line 25 or if that's also installed already for us.
There was a problem hiding this comment.
Pre-installed Python versions: 2.7.15, 3.6.7, and 3.7.1. - Makes sense remove it.
| - &pip3_before_install | ||
| before_install: | ||
| - pip3 install --upgrade pip | ||
|
|
There was a problem hiding this comment.
Any reason this is defined here rather than directly in the ansible test defintion since we don't use it anywhere else?
Seems like we could add pip3 install --upgrade pip into the before_script.
There was a problem hiding this comment.
It is used just in the Ansible one but I think it can be improved by:
# Build and test ansible
- <<: *test
name: Ansible on OpenShift
before_script: pip3 install --upgrade pip && pip3 install --user ansible
script: make test/ci-ansible
There was a problem hiding this comment.
Yep, that's what I was getting at. Just FYI, I think the following is also supported by travis:
# Build and test ansible
- <<: *test
name: Ansible on OpenShift
before_script:
- pip3 install --upgrade pip
- pip3 install --user ansible
script: make test/ci-ansibleWhich can make it easier to visually parse when there's more than one command.
.travis.yml
Outdated
| @@ -78,7 +97,8 @@ jobs: | |||
| # Build and test ansible | |||
| - <<: *test | |||
| name: Ansible on OpenShift | |||
| before_script: sudo pip install ansible | |||
| <<: *pip3_before_install | |||
| before_script: pip3 install --user ansible | |||
There was a problem hiding this comment.
Just flagging that this changes from sudo pip to pip3 --user. If it passes CI, probably no worries, but I'm not familar enough to know if we made a conscious decision one way or the other.
/cc @fabianvf
There was a problem hiding this comment.
Hi @joelanford,
The --user will execute the command with the logged user. In this case, in my understanding, at this point it still in the .trevis's process and the user is root.
There was a problem hiding this comment.
My thought was that pip --user might install things somewhere in ${HOME} and sudo pip somewhere in /usr. Just want to make sure we're all okay with this change.
CHANGELOG.md
Outdated
| @@ -46,6 +46,7 @@ | |||
| ``` | |||
| - [`pkg/test.FrameworkClient`](https://github.com/operator-framework/operator-sdk/blob/master/pkg/test/client.go#L33) methods `List()` and `Delete()` have new signatures corresponding to the homonymous methods of `sigs.k8s.io/controller-runtime/pkg/client.Client`. ([#1876](https://github.com/operator-framework/operator-sdk/pull/1876)) | |||
| - CRD file names were previously of the form `<group>_<version>_<kind>_crd.yaml`. Now that CRD manifest `spec.version` is deprecated in favor of `spec.versions`, i.e. multiple versions can be specified in one CRD, CRD file names have the form `<full group>_<resource>_crd.yaml`. `<full group>` is the full group name of your CRD while `<group>` is the last subdomain of `<full group>`, ex. `foo.bar.com` vs `foo`. `<resource>` is the plural lower-case CRD Kind found at `spec.names.plural`. ([#1876](https://github.com/operator-framework/operator-sdk/pull/1876)) | |||
| - Upgrade image used for Go ad Helm operators and scorecard proxy from `registry.access.redhat.com/ubi7/ubi-minimal:latest` to `Use `registry.access.redhat.com/ubi8/ubi-minimal:latest`. [#1895](https://github.com/operator-framework/operator-sdk/pull/1895) | |||
There was a problem hiding this comment.
| - Upgrade image used for Go ad Helm operators and scorecard proxy from `registry.access.redhat.com/ubi7/ubi-minimal:latest` to `Use `registry.access.redhat.com/ubi8/ubi-minimal:latest`. [#1895](https://github.com/operator-framework/operator-sdk/pull/1895) | |
| - Upgrade base image for Go, Ansible, Helm, and scorecard proxy from `registry.access.redhat.com/ubi7/ubi-minimal:latest` to `registry.access.redhat.com/ubi8/ubi-minimal:latest`. ([#1895](https://github.com/operator-framework/operator-sdk/pull/1895)) |
| && yum install -y epel-release \ | ||
| && (yum update || true) \ | ||
| && curl -O https://rpmfind.net/linux/fedora/linux/releases/30/Everything/x86_64/os/Packages/i/inotify-tools-3.14-16.fc30.x86_64.rpm \ | ||
| && rpm -i inotify-tools-3.14-16.fc30.x86_64.rpm \ |
There was a problem hiding this comment.
Are these lines that download and rpm -i inotify-tools necessary? Looks like we install inotify-tools from epel in line 33.
There was a problem hiding this comment.
rpm -i inotify-tools-3.14-16.fc30.x86_64.rpm -> install the pkg in the redhat image ( regystry )
yum --enablerepo=epel install inotify-tools.x86_64 -> install the lib in the cluster
Added a few comments in the code to make it clear.
| && yum --enablerepo=epel install inotify-tools.x86_64 \ | ||
| && (yum install python3-setuptools || true) \ | ||
| && pip3 install --no-cache-dir --ignore-installed ipaddress \ | ||
| ansible-runner==1.3.4 \ |
There was a problem hiding this comment.
Again, not too familiar with the ansible-operator internals. Is the ansible-runner version bump required/desired? If so, are there any compatibility concerns elsewhere in the ansible-operator?
There was a problem hiding this comment.
Hi @joelanford,
If we check the Changelog I have the impression that these fixes are related to the issue faced before. Also, it should be following the semversion which means that no break changes should be faced with.
@fabianvf I think you are the person who most have knowledge over it, have you any objection? Have any reason for we keep using the old version?
| ansible-runner-http==1.0.0 \ | ||
| openshift==0.8.9 \ | ||
| ansible==2.8 \ | ||
| && yum remove -y gcc \ |
There was a problem hiding this comment.
Do we need to keep python36-devel around or should we remove it like we've been doing?
There was a problem hiding this comment.
I removed it for tests. Let's check if it still working on.
hack/tests/e2e-ansible-molecule.sh
Outdated
| pip install --user molecule==2.20.2 | ||
| pip install --user docker openshift jmespath | ||
| pip3 install --user pyasn1==0.4.7 pyasn1-modules==0.2.6 idna==2.7 ipaddress==1.0.22 | ||
| pip3 install -U git+https://github.com/ansible/molecule |
There was a problem hiding this comment.
Can we pin to a version? We've had issues in the past where non-pinned dependencies change can cause our builds to break.
There was a problem hiding this comment.
Sure, the version is better since it is fixed. Let's see if it will still work if not them we need to wait for a new release of it.
| RUN pip install molecule==2.20.1 | ||
| # sed -i 's|enabled=1|enabled=0|g' /etc/yum/pluginconf.d/product-id.conf && rm -rf /var/yum/cache/* first | ||
| RUN sed -i 's|enabled=1|enabled=0|g' /etc/yum/pluginconf.d/product-id.conf && rm -rf /var/cache/yum/* \ | ||
| && yum install -y python36-devel.x86_64 gcc libffi-devel |
There was a problem hiding this comment.
Can we remove the arch component of the package (here and in other places its used)? This would prevent us from supporting non-x86_64 builds, which we may want to do in the future. See #1533
| && yum install -y python36-devel.x86_64 gcc libffi-devel | |
| && yum install -y python36-devel gcc libffi-devel |
|
Also @camilamacedo86, the ansible changes seem to be more complex, so would it make sense to update the base images for go, helm, and scorecard proxy in a separate PR so we can get those finished sooner? |
Increase the reconciliation time for ansible tests
…o make eaiser the understanding of them
|
@camilamacedo86: The following tests failed, say
Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
|
I am closing this one because since we are facing issue regards the python upgrade we will split it. |
Description of the change:
registry.access.redhat.com/ubi7/ubi-minimal:latesttoregistry.access.redhat.com/ubi8/ubi-minimal:latestIgnore - It was splited.