bugraoz93 commented on code in PR #67012:
URL: https://github.com/apache/airflow/pull/67012#discussion_r3365463902
##########
chart/kustomize-overlays/CONTRIBUTING.rst:
##########
@@ -95,6 +95,92 @@ For an overlay scheduled for removal:
status: deprecated
message: "Replaced by <overlay-name>. Will be removed in chart 3.0.0."
+The optional ``verify:`` block is the smoke-test contract and is also
+**the discovery key for CI**:
+
+.. code-block:: yaml
+
+ verify:
+ timeout_seconds: 300 # optional; default 300, max 3600
+ # `name` is the SUFFIX only - the runner auto-prepends
+ # `<release-name>-` so the same overlay works under any release.
+ # Write `foo`, not `RELEASE-NAME-foo`. The legacy `RELEASE-NAME-foo`
+ # form is still tolerated for older overlays but the short form
+ # is the new convention.
+ resources:
+ - kind: Deployment
+ name: foo # -> matches <release-name>-foo
+ ready: true # waits for rollout to complete
+ - kind: Job
+ name: bootstrap
+ complete: true # waits for condition=complete
+ - kind: Secret
+ name: foo # neither flag = waits for create
+
+How discovery works:
+
+* ``SelectiveChecks.kustomize_overlay_names`` scans
+ ``chart/kustomize-overlays/*/STATUS.yaml`` at CI time and emits the
+ list of overlay directory names whose ``STATUS.yaml`` contains a
+ ``verify:`` block. An overlay **without** a ``verify:`` block is
+ invisible to CI - the smoke-test workflow's matrix never sees it,
+ and the workflow is skipped entirely when the list is empty.
+* The same workflow is gated by
+ ``SelectiveChecks.run_kustomize_overlays_tests``, which only trips
+ on changes under ``chart/kustomize-overlays/`` and the narrow set
+ of files that drive the runner (the prek hook, the breeze command,
+ the workflow file). Unrelated chart edits do not pull in a
+ 30-40 minute kind cluster spin-up.
+
+Practical rule: as soon as an overlay has a ``verify:`` block, CI
+starts running its smoke test on every relevant change. Until then,
+the prek hook's structural check is the only automation that touches
+it.
+
+Where things live (quick reference)
+-----------------------------------
+
+A declarative map of the moving parts in an overlay and its smoke test,
+so authors can answer "where does X go?" without grepping. Everything
+in this table is auto-wired by the framework once it sits in the right
+place - there is no central registry to also update.
+
++--------------------------+-----------------------------------------------------------------+
+| Thing | Where it lives
|
++==========================+=================================================================+
+| Kubernetes resources the | ``chart/kustomize-overlays/<name>/*.yaml``
referenced from |
+| overlay produces | the overlay's ``kustomization.yaml``.
|
++--------------------------+-----------------------------------------------------------------+
+| Container images the | Inline ``image:`` fields on containers /
initContainers / |
Review Comment:
Great one! I added an `ALLOWED_OVERLAY_IMAGES` allow-list that the smoke
test checks before pulling, so it fails fast on any image not on it, and adding
one needs a maintainer-reviewed change to both the overlay (/chart/) and the
list (/dev/). Enforcing that CODEOWNERS approval via branch protection is an
INFRA setting, so I think we track that part separately.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
