Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(packages/scripts): add a build script for darwin targets #503

Merged
merged 1 commit into from
Dec 9, 2024
Merged

feat(packages/scripts): add a build script for darwin targets #503

merged 1 commit into from
Dec 9, 2024

Conversation

wuhuizuo
Copy link
Contributor

@wuhuizuo wuhuizuo commented Dec 9, 2024
edited
Loading

It can not run standalone, it is used in CD workflow to replace multi tasks:

  • acquire Darwin resource.
  • prepare ssh credentials.
  • prepare for remote builder files.
  • run remote build and get the built artifacts.
  • release the Darwin resource.

After this, the above tasks can run in a single Deno image.

Usage:

deno run --allow-all <url-of>/build-in-darwin-boskos.ts \
    --sshInfoDir <ssh-info-dir> \
    --sourcePath <code-source-dir> \
    --envFile <remote-env-file> \
    --scriptFile <path-of-generated-build-script> \
    --component <component-name> \
    --boskos.serverUrl <boskos-api-base-url> \
    --boskos.type mac-machine-[arm64|amd64] \
    --boskos.owner <hostname-or-task-name> \
    --releaseDir <release-dir>

Signed-off-by: wuhuizuo [email protected]

@wuhuizuo
feat(packages/scripts): add a build script for darwin targets
97485f8 
It can not run standalonee, it is used in CD workflow to replace multi tasks:
- acquire darwin resource.
- prepare ssh credentials.
- prepre for remote builder files.
- run remote build and get the built artifacts.
- release the darwin resource.

After this, the above tasks can run in a single Deno image.

Usage:
```bash
deno run --allow-all <url-of>/build-in-darwin-boskos.ts \
    --sshInfoDir <ssh-info-dir> \
    --sourcePath <code-source-dir> \
    --envFile <remote-env-file> \
    --scriptFile <path-of-generated-build-script> \
    --component <component-name> \
    --boskos.serverUrl <boskos-api-base-url> \
    --boskos.type mac-machine-[arm64|amd64] \
    --boskos.owner <hostname-or-task-name> \
    --releaseDir <release-dir>
```

Signed-off-by: wuhuizuo <[email protected]>
@ti-chi-bot ti-chi-bot bot requested a review from purelind December 9, 2024 11:25
@ti-chi-bot ti-chi-bot bot added the size/XL label Dec 9, 2024
@ti-chi-bot ti-chi-bot
Copy link

ti-chi-bot bot commented Dec 9, 2024

I have already done a preliminary review for you, and I hope to help you do a better job.

Key changes:

  1. build-in-darwin-boskos.ts: This is a new script file added to handle building for darwin targets. The script seems to be designed to work in a Continuous Delivery (CD) workflow, where it handles tasks such as acquiring a darwin resource, preparing SSH credentials, setting up for remote builder files, running remote build to get the built artifacts, and releasing the darwin resource.

  2. The build script uses several Deno modules and standard JavaScript modules for handling tasks such as SSH connections (node-ssh), path manipulations (path), argument parsing (parse-args), and YAML parsing (yaml).

  3. The script defines several interfaces and classes to model the build process and resources, including CliArgs, BoskosOptions, buildOptions, BoskosResource, boskosAcquireParams, and BoskosClient.

  4. The BoskosClient class is used to communicate with a Boskos server to acquire and release resources. It also provides a lockAndDo method to ensure that resource operations are performed in a safe manner.

  5. The script uses the NodeSSH module to establish SSH connections and perform operations on the remote host, such as creating directories, copying files, and executing commands.

  6. The script provides a main function to tie all the operations together. It uses the BoskosClient to acquire a resource, sets up an SSH connection to the remote host, and triggers the build process.

Potential problems:

  1. Error Handling: The script doesn't have robust error handling. For example, if the SSH connection fails or the remote host is unavailable, the script may crash.

  2. Security: The script requires the --allow-all flag when running with Deno, which could potentially expose security vulnerabilities if the script is run in an untrusted environment.

  3. Hardcoded values: There are hardcoded values like timeouts and intervals in the script. It would be better to make these configurable via command line arguments or environment variables.

  4. The script doesn't seem to have any logging mechanism. It would be better to log important events and errors for easier debugging and auditing.

Fixing suggestions:

  1. Add robust error handling and recovery mechanisms. For example, you can use try-catch blocks to handle potential errors during SSH connections and file operations.

  2. Review the script's permissions and limit its access to the necessary resources only. For example, you can use the --allow-net, --allow-read, and --allow-write flags instead of --allow-all.

  3. Replace the hardcoded values with configurable options.

  4. Use a logging library or the built-in console methods to log important events and errors. You could also consider adding a verbosity level option to control the amount of logging.

@wuhuizuo
Copy link
Contributor Author

wuhuizuo commented Dec 9, 2024

/approve

@ti-chi-bot ti-chi-bot
Copy link

ti-chi-bot bot commented Dec 9, 2024

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: wuhuizuo

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@ti-chi-bot ti-chi-bot bot added the approved label Dec 9, 2024
@ti-chi-bot ti-chi-bot bot merged commit f1273fc into main Dec 9, 2024
3 checks passed
@ti-chi-bot ti-chi-bot bot deleted the feature/add-darwin-build-controller-script branch December 9, 2024 11:36
@wuhuizuo wuhuizuo mentioned this pull request Dec 9, 2024
Merged
ti-chi-bot bot pushed a commit to PingCAP-QE/ee-ops that referenced this pull request Dec 10, 2024
@wuhuizuo
feat(apps/prod/tekton/configs/pipelines): add a new darwin build pipe…
e38d1aa 
…line (#1370)

- combine multi tasks into one task: acquire resource then build with
    the resource machine then release the resource.
- just use deno for run for build.

based on implement: PingCAP-QE/artifacts#503

Signed-off-by: wuhuizuo <[email protected]>

Signed-off-by: wuhuizuo <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@purelind purelind Awaiting requested review from purelind

Assignees
No one assigned
Labels
approved size/XL
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@wuhuizuo