[openstack-dev] [tripleo][ui] Dependency management
Jason E. Rist
jrist at redhat.com
Fri Jan 19 18:49:29 UTC 2018
On 01/19/2018 11:43 AM, Honza Pokorny wrote:
> We've recently discovered an issue with the way we handle dependencies for
> tripleo-ui. This is an explanation of the problem, and a proposed solution.
> I'm looking for feedback.
> Before the upgrade to zuul v3 in TripleO CI, we had two types of jobs for
> * Native npm jobs
> * Undercloud integration jobs
> After the upgrade, the integration jobs went away. Our goal is to add them
> There is a difference in how these two types of jobs handle dependencies.
> Native npm jobs use the "npm install" command to acquire packages, and
> undercloud jobs use RPMs. The tripleo-ui project uses a separate RPM for
> dependencies called openstack-tripleo-ui-deps.
> Because of the requirement to use a separate RPM for dependencies, there is some
> extra work needed when a new dependency is introduced, or an existing one is
> upgraded. Once the patch that introduces the dependency is merged, we have to
> increment the version of the -deps package, and rebuild it. It then shows up in
> the yum repos used by the undercloud.
> To make matters worse, we recently upgraded our infrastructure to nodejs 8.9.4
> and npm 5.6.0 (latest stable). This makes it so we can't write "purist" patches
> that simply introduce a new dependency to package.json, and nothing more. The
> code that uses the new dependency must be included. I tend to think that each
> commit should work on its own so this can be seen as a plus.
> This presents a problem: you can't get a patch that introduces a new dependency
> merged because it's not included in the RPM needed by the undercloud ci job.
> So, here is a proposal on how that might work:
> 1. Submit a patch for review that introduces the dependency, along with code
> changes to support it and validate its inclusion
> 2. Native npm jobs will pass
> 3. Undercloud gate job will fail because the dependency isn't in -deps RPM
> 4. We ask RDO to review for licensing
> 5. Once reviewed, new -deps package is built
> 6. Recheck
> 7. All jobs pass
> There is the obvious issue with building an RPM based on an unmerged patch.
> What do you think? Is that possible? Any other solutions?
> Honza Pokorny
> OpenStack Development Mailing List (not for usage questions)
> Unsubscribe: OpenStack-dev-request at lists.openstack.org?subject:unsubscribe
I can't think of another way that would work better at the moment. I'd love if we had even less complexity here, but for the time being just any working solution is a positive. Thanks for proposing, and +1 to your solution.
More information about the OpenStack-dev