On Wed, Feb 20, 2019 at 12:41 AM Joey Ma <majunj...@gmail.com> wrote:
> > > On Tue, Feb 19, 2019 at 7:23 PM Barak Korren <bkor...@redhat.com> wrote: > >> >> >> On Tue, 19 Feb 2019 at 09:14, Joey Ma <majunj...@gmail.com> wrote: >> >>> Hi all, >>> >> >> Hi Joey, >> > >> >>> >>> With the generous help of several nice guys, currently the Go SDK >>> related projects, oVirt/ovirt-engine-sdk-go and oVirt/go-ovirt, are already >>> available under oVirt org, and the integration of oVirt/ovirt-engine-sdk-go >>> with oVirt STD-CI is also completed [1]. Sincerely thank you to everyone. >>> >>> While there is still an issue left that we need a proper solution to >>> integrate oVirt/ovirt-engine-sdk-go with TravisCI which could push the >>> auto-generated codes into oVirt/go-ovirt. Previously I adopted my >>> personal github access token which is stored encrypted [2] to work it out. >>> >>> But as it's been under oVirt community, we need a more regular way to >>> make this. As @Evgheni <edere...@redhat.com> suggested, maybe a new >>> access token from a dedicated github account or via the Jenkins job will >>> work? >>> >>> Any one could help? Any insights into this would be appreciated and >>> thanks in advance. >>> >> If you do it from the STDCI script (The Jenkin job), we could make the >> credentials for the STDCI GitHub bot available to the script when it runs >> (See the section about secrets in the standard CI docs >> <https://ovirt-infra-docs.readthedocs.io/en/latest/CI/Build_and_test_standards/index.html> >> for a full explanation about how this works). >> > >> > I`d want do understand how the flow works and what is its purpose, it >> sounds to me a bit strange that we need to push from one repo to the other. >> > > Hi Barak, > > Basically the root cause is that the Go SDK codes are automatically > generated by oVirt/ovirt-engine-sdk-go, but reside in oVirt/go-ovirt. > > Current workflow is: > 1. Once a pull request get merged in ovirt-engine-sdk-go, TravisCI will > run the build phrase, which mainly generates the Go SDK codes; > 2. If the build phrase has passed, TravisCI will then trigger the > script deploy-codes.sh [1]; > 3. The deploy-codes.sh [1] pushes the auto-generated Go SDK codes to > go-ovirt via the preconfigured credential of github account; > 4. Eventually users are able to utilize the latest SDK by using " > github.com/ovirt/go-ovirt" as the import path; > > The reasons for this are: > 1. The auto-generated codes are better to be put into a dedicated repo, > not in its generator repo; > 2. The dedicated go-ovirt repo provides a convenient way for users to > utilized the SDK package, which is also the common way to import Go > packages; > > From my perspective, there are two projects with similar purpose: > * oVirt/ovirt-engine-sdk: TravisCI will trigger a script [2] to push newly > generated docs into its gh-pages branch once new commits merged. > > *This feature will also get implemented in oVirt/ovirt-engine-sdk-go > ASAP.* > * kubevirt/kubevirt: After new commits merged, the kubevirt repo would > trigger the script [3] to deploy new auto-generated Python client codes > into kubevirt/client-python. This enables users could easily install the > Python client by running `pip install git+ > https://github.com/kubevirt/client-python.git` > <https://github.com/kubevirt/client-python.git>. > Hi Barak, I was wondering if I made this clear. > Regarding to the credentials, the environment variables binding secrets > mentioned in STD-CI doc are effective solutions and definitely I would like > to prefer the common rules used in community. > *> Also I've a question that make me confused for a long time, are the two > environment variables `encrypted_1fc90f464345_key` and > `encrypted_1fc90f464345_iv` used in [2] defined in a STDCI secrets file [4] > for oVirt/ovirt-engine-sdk? For I could not find where they are defined.* > This definitely was a stupid question. I apologize for not carefully reading [1] which could tell the answers. [1] and [2]probably provide us another way to work it out via deploy-key. Please let me introduce the working steps: 1. Generate a pair of public and private keys; 2. Upload the public key to oVirt/go-ovirt as a deploy-key as mentioned in [2]; 3. Follow [1] to encrypt the private key and add the encrypted one into the oVirt/ovirt-engine-sdk-go repo; 4. In the deploy script [3] of oVirt/ovirt-engine-sdk-go, add the logic codes of decrypting and ssh-adding the private key; Then the script could be able to access and push the codes in oVirt/go-ovirt. This seems less risky than the previous solution which using github account token. I guess it's the solution also adapted by oVirt/ovirt-engine-sdk [4] and oVirt/ovirt-engine-api-model [5]. So, Barak, may I have your clarification on if my proposal could comply with the regular rules? If yes, I'd proceed with the next step. Thanks in advance. Regards, Joey [1]: https://docs.travis-ci.com/user/encrypting-files/ [2]: https://developer.github.com/v3/guides/managing-deploy-keys/#deploy-keys [3]: https://github.com/oVirt/ovirt-engine-sdk-go/blob/master/.travis/deploy-codes.sh [4]: https://github.com/oVirt/ovirt-engine-sdk/blob/master/automation/deploy-on-gh-pages.sh [5]: https://github.com/oVirt/ovirt-engine-api-model/blob/master/automation/deploy-on-gh-pages.sh > Not sure if make myself clear. Your comments and suggestions are very > welcome. Thanks in advance. > > Regards, > Joey > > [1]: > https://github.com/oVirt/ovirt-engine-sdk-go/blob/master/.travis/deploy-codes.sh > [2]: > https://github.com/oVirt/ovirt-engine-sdk/blob/master/automation/deploy-on-gh-pages.sh > [3]: > https://github.com/kubevirt/kubevirt/blob/master/hack/gen-client-python/deploy.sh > [4]: > https://ovirt-infra-docs.readthedocs.io/en/latest/CI/Writing_STDCI_secrets_file/index.html > > > >> Regards, >> Barak. >> >> >> -- >> Barak Korren >> RHV DevOps team , RHCE, RHCi >> Red Hat EMEA >> redhat.com | TRIED. TESTED. TRUSTED. | redhat.com/trusted >> >
_______________________________________________ Devel mailing list -- devel@ovirt.org To unsubscribe send an email to devel-le...@ovirt.org Privacy Statement: https://www.ovirt.org/site/privacy-policy/ oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/devel@ovirt.org/message/YY43OWPST542JXOB2QA4DQU45EGICGKP/
