github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-08-01 07:47:56 +00:00
Code Issues Projects Releases Wiki Activity

Change verify-imports to use new setup_env

Browse Source 
Also clean up the tool a bit and drop vendor as an explicit thing to
be handled.
This commit is contained in:
Tim Hockin 2023-12-11 22:13:50 -08:00
parent 3be358ecc1
commit 7a7dff1eeb
No known key found for this signature in database
3 changed files with 67 additions and 86 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

75
cmd/importverifier/importverifier.go
View File

@ -33,7 +33,7 @@ import (
// Package is a subset of cmd/go.Package // Package is a subset of cmd/go.Package
type Package struct { type Package struct {
Dir string `yaml:",omitempty"` // directory containing package sources Dir string `yaml:",omitempty"` // directory containing package sources
ImportPath string `yaml:",omitempty"` // import path of package in dir ImportPath string `yaml:",omitempty"` // import path of package
Imports []string `yaml:",omitempty"` // import paths used by this package Imports []string `yaml:",omitempty"` // import paths used by this package
TestImports []string `yaml:",omitempty"` // imports from TestGoFiles TestImports []string `yaml:",omitempty"` // imports from TestGoFiles
XTestImports []string `yaml:",omitempty"` // imports from XTestGoFiles XTestImports []string `yaml:",omitempty"` // imports from XTestGoFiles
@ -42,19 +42,18 @@ type Package struct {
// ImportRestriction describes a set of allowable import // ImportRestriction describes a set of allowable import
// trees for a tree of source code // trees for a tree of source code
type ImportRestriction struct { type ImportRestriction struct {
// BaseDir is the root of the package tree that is // BaseDir is the root of a package tree that is restricted by this
// restricted by this configuration, given as a // configuration, given as a relative path from the root of the repository.
// relative path from the root of the repository // This is a directory which `go list` might not consider a package (if it
// has not .go files)
BaseDir string `yaml:"baseImportPath"` BaseDir string `yaml:"baseImportPath"`
// IgnoredSubTrees are roots of sub-trees of the // IgnoredSubTrees are roots of sub-trees of the BaseDir for which we do
// BaseDir for which we do not want to enforce // not want to enforce any import restrictions whatsoever, given as
// any import restrictions whatsoever, given as // relative paths from the root of the repository.
// relative paths from the root of the repository
IgnoredSubTrees []string `yaml:"ignoredSubTrees,omitempty"` IgnoredSubTrees []string `yaml:"ignoredSubTrees,omitempty"`
// AllowedImports are roots of package trees that // AllowedImports are roots of package trees that are allowed to be
// are allowed to be imported from the BaseDir, // imported from the BaseDir, given as paths that would be used in a Go
// given as paths that would be used in a Go // import statement.
// import statement
AllowedImports []string `yaml:"allowedImports"` AllowedImports []string `yaml:"allowedImports"`
// ExcludeTests will skip checking test dependencies. // ExcludeTests will skip checking test dependencies.
ExcludeTests bool `yaml:"excludeTests"` ExcludeTests bool `yaml:"excludeTests"`
@ -126,9 +125,8 @@ func (i *ImportRestriction) forbiddenImportsFor(pkg Package) []string {
imports = append(imports, append(pkg.TestImports, pkg.XTestImports...)...) imports = append(imports, append(pkg.TestImports, pkg.XTestImports...)...)
} }
for _, imp := range imports { for _, imp := range imports {
path := extractVendorPath(imp) if i.isForbidden(imp) {
if i.isForbidden(path) { forbiddenImportSet[imp] = struct{}{}
forbiddenImportSet[path] = struct{}{}
} }
} }
@ -139,16 +137,6 @@ func (i *ImportRestriction) forbiddenImportsFor(pkg Package) []string {
return forbiddenImports return forbiddenImports
} }
// extractVendorPath removes a vendor prefix if one exists
func extractVendorPath(path string) string {
vendorPath := "/vendor/"
if !strings.Contains(path, vendorPath) {
return path
}
return path[strings.Index(path, vendorPath)+len(vendorPath):]
}
// isForbidden determines if an import is forbidden, // isForbidden determines if an import is forbidden,
// which is true when the import is: // which is true when the import is:
// - of a package under the rootPackage // - of a package under the rootPackage
@ -171,7 +159,7 @@ var rootPackage string
func main() { func main() {
if len(os.Args) != 3 { if len(os.Args) != 3 {
log.Fatalf("Usage: %s ROOT RESTRICTIONS.yaml", os.Args[0]) log.Fatalf("Usage: %s <root> <restrictions.yaml>", os.Args[0])
} }
rootPackage = os.Args[1] rootPackage = os.Args[1]
@ -183,15 +171,24 @@ func main() {
foundForbiddenImports := false foundForbiddenImports := false
for _, restriction := range importRestrictions { for _, restriction := range importRestrictions {
log.Printf("Inspecting imports under %s...\n", restriction.BaseDir) baseDir := restriction.BaseDir
packages, err := resolvePackageTree(restriction.BaseDir) if filepath.IsAbs(baseDir) {
log.Fatalf("%q appears to be an absolute path", baseDir)
}
if !strings.HasPrefix(baseDir, "./") {
baseDir = "./" + baseDir
}
baseDir = strings.TrimRight(baseDir, "/")
log.Printf("Inspecting imports under %s/...\n", baseDir)
packages, err := resolvePackageTree(baseDir)
if err != nil { if err != nil {
log.Fatalf("Failed to resolve package tree: %v", err) log.Fatalf("Failed to resolve package tree: %v", err)
} else if len(packages) == 0 { } else if len(packages) == 0 {
log.Fatalf("Found no packages under tree %s", restriction.BaseDir) log.Fatalf("Found no packages under tree %s", baseDir)
} }
log.Printf("- validating imports for %d packages in the tree", len(packages)) log.Printf("- validating imports for %d packages", len(packages))
restrictionViolated := false restrictionViolated := false
for _, pkg := range packages { for _, pkg := range packages {
if forbidden, err := restriction.ForbiddenImportsFor(pkg); err != nil { if forbidden, err := restriction.ForbiddenImportsFor(pkg); err != nil {
@ -229,25 +226,9 @@ func loadImportRestrictions(configFile string) ([]ImportRestriction, error) {
} }
func resolvePackageTree(treeBase string) ([]Package, error) { func resolvePackageTree(treeBase string) ([]Package, error) {
// try resolving with $cwd
packages, err := resolvePackageTreeInDir("", treeBase)
if err != nil || len(packages) == 0 {
// if that fails or finds no packages, resolve under ./vendor/$treeBase
stagingPackages, stagingErr := resolvePackageTreeInDir(filepath.Join("./vendor", treeBase), treeBase)
if stagingErr == nil && len(stagingPackages) > 0 {
// if that succeeds, return
return stagingPackages, stagingErr
}
}
// otherwise, return original packages and error
return packages, err
}
func resolvePackageTreeInDir(dir string, treeBase string) ([]Package, error) {
cmd := "go" cmd := "go"
args := []string{"list", "-json", fmt.Sprintf("%s...", treeBase)} args := []string{"list", "-json", fmt.Sprintf("%s/...", treeBase)}
c := exec.Command(cmd, args...) c := exec.Command(cmd, args...)
c.Dir = dir
stdout, err := c.Output() stdout, err := c.Output()
if err != nil { if err != nil {
var message string var message string

2
hack/verify-imports.sh
View File

@ -26,7 +26,7 @@ set -o pipefail
KUBE_ROOT=$(dirname "${BASH_SOURCE[0]}")/.. KUBE_ROOT=$(dirname "${BASH_SOURCE[0]}")/..
source "${KUBE_ROOT}/hack/lib/init.sh" source "${KUBE_ROOT}/hack/lib/init.sh"
kube::golang::old::setup_env kube::golang::new::setup_env
make -C "${KUBE_ROOT}" WHAT=cmd/importverifier make -C "${KUBE_ROOT}" WHAT=cmd/importverifier

76
staging/publishing/import-restrictions.yaml
View File

@ -1,4 +1,4 @@
- baseImportPath: "./pkg/apis/core/" - baseImportPath: "./pkg/apis/core"
allowedImports: allowedImports:
- k8s.io/apimachinery - k8s.io/apimachinery
- k8s.io/apiserver/pkg/util/feature - k8s.io/apiserver/pkg/util/feature
@ -21,7 +21,7 @@
ignoredSubTrees: ignoredSubTrees:
- "./pkg/apis/core/validation" - "./pkg/apis/core/validation"
- baseImportPath: "./vendor/k8s.io/cli-runtime/pkg/genericclioptions/" - baseImportPath: "./staging/src/k8s.io/cli-runtime/pkg/genericclioptions"
allowedImports: allowedImports:
- k8s.io/apimachinery - k8s.io/apimachinery
- k8s.io/client-go - k8s.io/client-go
@ -33,7 +33,7 @@
- k8s.io/cli-runtime/pkg/kustomize - k8s.io/cli-runtime/pkg/kustomize
- k8s.io/utils/pointer - k8s.io/utils/pointer
- baseImportPath: "./vendor/k8s.io/apimachinery/" - baseImportPath: "./staging/src/k8s.io/apimachinery"
allowedImports: allowedImports:
- k8s.io/apimachinery - k8s.io/apimachinery
- k8s.io/kube-openapi - k8s.io/kube-openapi
@ -42,22 +42,22 @@
- k8s.io/utils/strings - k8s.io/utils/strings
- k8s.io/klog - k8s.io/klog
- baseImportPath: "./vendor/k8s.io/api/" - baseImportPath: "./staging/src/k8s.io/api"
allowedImports: allowedImports:
- k8s.io/api - k8s.io/api
- k8s.io/apimachinery - k8s.io/apimachinery
- k8s.io/klog - k8s.io/klog
- baseImportPath: "./vendor/k8s.io/code-generator/" - baseImportPath: "./staging/src/k8s.io/code-generator"
ignoredSubTrees: ignoredSubTrees:
- "./vendor/k8s.io/code-generator/examples" - "./staging/src/k8s.io/code-generator/examples"
allowedImports: allowedImports:
- k8s.io/gengo - k8s.io/gengo
- k8s.io/code-generator - k8s.io/code-generator
- k8s.io/kube-openapi - k8s.io/kube-openapi
- k8s.io/klog - k8s.io/klog
- baseImportPath: "./vendor/k8s.io/component-base/" - baseImportPath: "./staging/src/k8s.io/component-base"
allowedImports: allowedImports:
- k8s.io/apimachinery - k8s.io/apimachinery
- k8s.io/component-base - k8s.io/component-base
@ -66,7 +66,7 @@
- k8s.io/klog - k8s.io/klog
- k8s.io/utils - k8s.io/utils
- baseImportPath: "./vendor/k8s.io/client-go/" - baseImportPath: "./staging/src/k8s.io/client-go"
allowedImports: allowedImports:
- k8s.io/api - k8s.io/api
- k8s.io/apimachinery - k8s.io/apimachinery
@ -77,30 +77,30 @@
# prevent core machinery from taking explicit v1 references unless # prevent core machinery from taking explicit v1 references unless
# necessary # necessary
- baseImportPath: "./vendor/k8s.io/client-go/rest/" - baseImportPath: "./staging/src/k8s.io/client-go/rest"
excludeTests: true excludeTests: true
allowedImports: allowedImports:
- k8s.io/apimachinery - k8s.io/apimachinery
- k8s.io/client-go - k8s.io/client-go
- k8s.io/klog - k8s.io/klog
- k8s.io/utils - k8s.io/utils
- baseImportPath: "./vendor/k8s.io/client-go/tools/" - baseImportPath: "./staging/src/k8s.io/client-go/tools"
excludeTests: true excludeTests: true
ignoredSubTrees: ignoredSubTrees:
- "./vendor/k8s.io/client-go/tools/cache/testing" - "./staging/src/k8s.io/client-go/tools/cache/testing"
- "./vendor/k8s.io/client-go/tools/leaderelection/resourcelock" - "./staging/src/k8s.io/client-go/tools/leaderelection/resourcelock"
- "./vendor/k8s.io/client-go/tools/portforward" - "./staging/src/k8s.io/client-go/tools/portforward"
- "./vendor/k8s.io/client-go/tools/record" - "./staging/src/k8s.io/client-go/tools/record"
- "./vendor/k8s.io/client-go/tools/events" - "./staging/src/k8s.io/client-go/tools/events"
- "./vendor/k8s.io/client-go/tools/reference" - "./staging/src/k8s.io/client-go/tools/reference"
- "./vendor/k8s.io/client-go/tools/remotecommand" - "./staging/src/k8s.io/client-go/tools/remotecommand"
allowedImports: allowedImports:
- k8s.io/apimachinery - k8s.io/apimachinery
- k8s.io/client-go - k8s.io/client-go
- k8s.io/klog - k8s.io/klog
- k8s.io/utils - k8s.io/utils
- baseImportPath: "./vendor/k8s.io/apiserver/" - baseImportPath: "./staging/src/k8s.io/apiserver"
allowedImports: allowedImports:
- k8s.io/api - k8s.io/api
- k8s.io/apimachinery - k8s.io/apimachinery
@ -112,7 +112,7 @@
- k8s.io/klog - k8s.io/klog
- k8s.io/kms - k8s.io/kms
- baseImportPath: "./vendor/k8s.io/metrics/" - baseImportPath: "./staging/src/k8s.io/metrics"
allowedImports: allowedImports:
- k8s.io/api - k8s.io/api
- k8s.io/apimachinery - k8s.io/apimachinery
@ -121,7 +121,7 @@
- k8s.io/metrics - k8s.io/metrics
- k8s.io/klog - k8s.io/klog
- baseImportPath: "./vendor/k8s.io/kube-aggregator/" - baseImportPath: "./staging/src/k8s.io/kube-aggregator"
allowedImports: allowedImports:
- k8s.io/api - k8s.io/api
- k8s.io/apimachinery - k8s.io/apimachinery
@ -134,7 +134,7 @@
- k8s.io/klog - k8s.io/klog
- k8s.io/utils - k8s.io/utils
- baseImportPath: "./vendor/k8s.io/kubectl/" - baseImportPath: "./staging/src/k8s.io/kubectl"
allowedImports: allowedImports:
- k8s.io/api - k8s.io/api
- k8s.io/apimachinery - k8s.io/apimachinery
@ -148,7 +148,7 @@
- k8s.io/utils - k8s.io/utils
- k8s.io/klog - k8s.io/klog
- baseImportPath: "./vendor/k8s.io/sample-apiserver/" - baseImportPath: "./staging/src/k8s.io/sample-apiserver"
allowedImports: allowedImports:
- k8s.io/api - k8s.io/api
- k8s.io/apimachinery - k8s.io/apimachinery
@ -161,7 +161,7 @@
- k8s.io/utils/net - k8s.io/utils/net
- k8s.io/klog - k8s.io/klog
- baseImportPath: "./vendor/k8s.io/apiextensions-apiserver/" - baseImportPath: "./staging/src/k8s.io/apiextensions-apiserver"
allowedImports: allowedImports:
- k8s.io/api - k8s.io/api
- k8s.io/apiextensions-apiserver - k8s.io/apiextensions-apiserver
@ -174,21 +174,21 @@
- k8s.io/kube-openapi - k8s.io/kube-openapi
- k8s.io/utils - k8s.io/utils
- baseImportPath: "./vendor/k8s.io/kube-openapi/" - baseImportPath: "./vendor/k8s.io/kube-openapi"
allowedImports: allowedImports:
- k8s.io/kube-openapi - k8s.io/kube-openapi
- k8s.io/gengo - k8s.io/gengo
- k8s.io/klog - k8s.io/klog
- k8s.io/utils - k8s.io/utils
- baseImportPath: "./vendor/k8s.io/sample-cli-plugin/" - baseImportPath: "./staging/src/k8s.io/sample-cli-plugin"
allowedImports: allowedImports:
- k8s.io/api - k8s.io/api
- k8s.io/cli-runtime - k8s.io/cli-runtime
- k8s.io/client-go - k8s.io/client-go
- k8s.io/sample-cli-plugin - k8s.io/sample-cli-plugin
- baseImportPath: "./vendor/k8s.io/kube-controller-manager/" - baseImportPath: "./staging/src/k8s.io/kube-controller-manager"
allowedImports: allowedImports:
- k8s.io/apimachinery - k8s.io/apimachinery
- k8s.io/cloud-provider - k8s.io/cloud-provider
@ -197,14 +197,14 @@
- k8s.io/klog - k8s.io/klog
- k8s.io/utils - k8s.io/utils
- baseImportPath: "./vendor/k8s.io/kube-proxy/" - baseImportPath: "./staging/src/k8s.io/kube-proxy"
allowedImports: allowedImports:
- k8s.io/apimachinery - k8s.io/apimachinery
- k8s.io/component-base - k8s.io/component-base
- k8s.io/klog - k8s.io/klog
- k8s.io/utils - k8s.io/utils
- baseImportPath: "./vendor/k8s.io/kube-scheduler/" - baseImportPath: "./staging/src/k8s.io/kube-scheduler"
allowedImports: allowedImports:
- k8s.io/api - k8s.io/api
- k8s.io/apimachinery - k8s.io/apimachinery
@ -213,7 +213,7 @@
- k8s.io/kube-scheduler - k8s.io/kube-scheduler
- k8s.io/utils - k8s.io/utils
- baseImportPath: "./vendor/k8s.io/kubelet/" - baseImportPath: "./staging/src/k8s.io/kubelet"
allowedImports: allowedImports:
- k8s.io/api - k8s.io/api
- k8s.io/apimachinery - k8s.io/apimachinery
@ -225,14 +225,14 @@
- k8s.io/kubelet - k8s.io/kubelet
- k8s.io/utils - k8s.io/utils
- baseImportPath: "./vendor/k8s.io/cluster-bootstrap/" - baseImportPath: "./staging/src/k8s.io/cluster-bootstrap"
allowedImports: allowedImports:
- k8s.io/api - k8s.io/api
- k8s.io/apimachinery - k8s.io/apimachinery
- k8s.io/cluster-bootstrap - k8s.io/cluster-bootstrap
- k8s.io/klog - k8s.io/klog
- baseImportPath: "./vendor/k8s.io/cloud-provider/" - baseImportPath: "./staging/src/k8s.io/cloud-provider"
allowedImports: allowedImports:
- k8s.io/api - k8s.io/api
- k8s.io/apimachinery - k8s.io/apimachinery
@ -245,7 +245,7 @@
- k8s.io/klog - k8s.io/klog
- k8s.io/utils - k8s.io/utils
- baseImportPath: "./vendor/k8s.io/dynamic-resource-allocation/" - baseImportPath: "./staging/src/k8s.io/dynamic-resource-allocation"
allowedImports: allowedImports:
- k8s.io/api - k8s.io/api
- k8s.io/apimachinery - k8s.io/apimachinery
@ -255,7 +255,7 @@
- k8s.io/kubelet - k8s.io/kubelet
- k8s.io/utils - k8s.io/utils
- baseImportPath: "./vendor/k8s.io/legacy-cloud-providers/" - baseImportPath: "./staging/src/k8s.io/legacy-cloud-providers"
allowedImports: allowedImports:
- k8s.io/api - k8s.io/api
- k8s.io/apimachinery - k8s.io/apimachinery
@ -271,14 +271,14 @@
- k8s.io/component-base/metrics - k8s.io/component-base/metrics
- k8s.io/component-base/metrics/legacyregistry - k8s.io/component-base/metrics/legacyregistry
- baseImportPath: "./vendor/k8s.io/csi-translation-lib/" - baseImportPath: "./staging/src/k8s.io/csi-translation-lib"
allowedImports: allowedImports:
- k8s.io/api - k8s.io/api
- k8s.io/apimachinery - k8s.io/apimachinery
- k8s.io/klog - k8s.io/klog
- k8s.io/csi-translation-lib - k8s.io/csi-translation-lib
- baseImportPath: "./vendor/k8s.io/component-helpers/" - baseImportPath: "./staging/src/k8s.io/component-helpers"
allowedImports: allowedImports:
- k8s.io/api - k8s.io/api
- k8s.io/apimachinery - k8s.io/apimachinery
@ -287,7 +287,7 @@
- k8s.io/klog - k8s.io/klog
- k8s.io/utils - k8s.io/utils
- baseImportPath: "./vendor/k8s.io/pod-security-admission/" - baseImportPath: "./staging/src/k8s.io/pod-security-admission"
allowedImports: allowedImports:
- k8s.io/api - k8s.io/api
- k8s.io/apimachinery - k8s.io/apimachinery
@ -299,11 +299,11 @@
- k8s.io/pod-security-admission - k8s.io/pod-security-admission
- k8s.io/utils - k8s.io/utils
- baseImportPath: "./vendor/k8s.io/kms/" - baseImportPath: "./staging/src/k8s.io/kms"
allowedImports: allowedImports:
- k8s.io/kms - k8s.io/kms
- baseImportPath: "./vendor/k8s.io/endpointslice/" - baseImportPath: "./staging/src/k8s.io/endpointslice"
allowedImports: allowedImports:
- k8s.io/api - k8s.io/api
- k8s.io/apimachinery - k8s.io/apimachinery