Skip to content

scripts: template json safely #898

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Oct 31, 2019
Merged

scripts: template json safely #898

merged 1 commit into from
Oct 31, 2019

Conversation

hasheddan
Copy link
Contributor

Updates anago to template json with jq.

Fixes #853

/cc @justaugustus

@k8s-ci-robot
Copy link
Contributor

Welcome @hasheddan!

It looks like this is your first PR to kubernetes/release 🎉. Please refer to our pull request process documentation to help your PR have a smooth ride to approval.

You will be prompted by a bot to use commands during the review process. Do not be afraid to follow the prompts! It is okay to experiment. Here is the bot commands documentation.

You can also check if kubernetes/release has its own contribution guidelines.

You may want to refer to our testing guide if you run into trouble with your tests not passing.

If you are having difficulty getting your pull request seen, please follow the recommended escalation practices. Also, for tips and tricks in the contribution process you may want to read the Kubernetes contributor cheat sheet. We want to make sure your contribution gets all the attention it needs!

Thank you, and welcome to Kubernetes. 😃

@k8s-ci-robot
Copy link
Contributor

@hasheddan: Adding label: do-not-merge/blocked-paths because PR changes a protected file.

Reasons for blocking this PR:

[Changes to certain release tools can affect our ability to test, build, and release Kubernetes. This PR must be explicitly approved by SIG Release repo admins.]

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@k8s-ci-robot k8s-ci-robot added do-not-merge/blocked-paths Indicates that a PR should not merge because it touches files in blocked paths. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. area/release-eng Issues or PRs related to the Release Engineering subproject sig/release Categorizes an issue or PR as relevant to SIG Release. size/S Denotes a PR that changes 10-29 lines, ignoring generated files. labels Oct 15, 2019
@hasheddan
Copy link
Contributor Author

/assign @feiskyer

hoegaarden
hoegaarden reviewed Oct 18, 2019
View reviewed changes
Copy link
Contributor

@hoegaarden hoegaarden left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for your PR!

Ideally we'd test those changes, so that we get a bit more coverage on anago and others, little by little. E.g. I could see the generation of the payload be broken out into a separate function and tests that verify that the payload we generate is always valid json, holds the desired values we template, ... and all that jazz.
I won't block on that, but let me know what you think, about the test and my other comments.

@k8s-ci-robot k8s-ci-robot added size/M Denotes a PR that changes 30-99 lines, ignoring generated files. and removed size/S Denotes a PR that changes 10-29 lines, ignoring generated files. labels Oct 18, 2019
@hasheddan
Copy link
Contributor Author

@hoegaarden thanks for your review! I have implemented the suggested changes. In regards to the testing, I heard @justaugustus talk a bit about moving some of these scripts to a more formal tool, likely written in Go. It looks like he has started this effort with #869. I would love to jump in on this effort and potentially take a leadership role in the effort to build a release tool that accomplishes what the collection of scrips currently does. That being said, if it is more desirable just to test these existing scripts, I am happy to do that as well :)

hoegaarden
hoegaarden suggested changes Oct 18, 2019
View reviewed changes
@hoegaarden
Copy link
Contributor

@hasheddan

[...] That being said, if it is more desirable just to test these existing scripts, I am happy to do that as well :)

First off: I am definitely not asking you to backfill tests for the entirety of anago :)

[...] In regards to the testing, I heard @justaugustus talk a bit about moving some of these scripts to a more formal tool

Yep, I am aware that there are some efforts going on to replace anago and others with existing and new tools. However, I guess that will still take some time.
So I'd love to get some tests in place for stuff that we change, so that I have some more confidence that the scripts won't break for some other member of the (patch-)release-team after I merge something. Therefore I was suggesting to add some tests around the generation of the payload; we could capture the current payload and check that we generate the same one after our refactor. That would give me way more confidence when reviewing.
But still, I won't block on that. :)

@hoegaarden
Copy link
Contributor

/lgtm
/approve
/assign @justaugustus

@k8s-ci-robot k8s-ci-robot added lgtm "Looks good to me", indicates that a PR is ready to be merged. approved Indicates a PR has been approved by an approver from all required OWNERS files. labels Oct 19, 2019
@justaugustus
Copy link
Member

/lgtm
/approve

@justaugustus justaugustus removed the do-not-merge/blocked-paths Indicates that a PR should not merge because it touches files in blocked paths. label Oct 31, 2019
@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: hasheddan, hoegaarden, justaugustus

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:
  • OWNERS [hoegaarden,justaugustus]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot merged commit 9faaf9c into kubernetes:master Oct 31, 2019
@k8s-ci-robot k8s-ci-robot added this to the v1.17 milestone Oct 31, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@justaugustus justaugustus Awaiting requested review from justaugustus

1 more reviewer

@hoegaarden hoegaarden hoegaarden requested changes

Reviewers whose approvals may not affect merge requirements
Assignees

@justaugustus justaugustus

@feiskyer feiskyer

@hoegaarden hoegaarden

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. area/release-eng Issues or PRs related to the Release Engineering subproject cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. lgtm "Looks good to me", indicates that a PR is ready to be merged. sig/release Categorizes an issue or PR as relevant to SIG Release. size/M Denotes a PR that changes 30-99 lines, ignoring generated files.
Projects
None yet
Milestone
v1.17
Development

Successfully merging this pull request may close these issues.

Safe templating of json in bash scripts
5 participants
@hasheddan @k8s-ci-robot @hoegaarden @justaugustus @feiskyer