Add a list of modules that should be pinned at current versions

Signed-off-by: Davanum Srinivas <davanum@gmail.com>
2025-05-20 14:20:37 -04:00 · 2025-05-20 14:20:37 -04:00 · c509e22d11
parent b98b86bd6a
commit c509e22d11
2 changed files with 49 additions and 0 deletions
--- a/cmd/dependencyverifier/dependencyverifier.go
+++ b/cmd/dependencyverifier/dependencyverifier.go
@ -39,6 +39,13 @@ type Unwanted struct {
 type UnwantedSpec struct {
 	// module names we don't want to depend on, mapped to an optional message about why
 	UnwantedModules map[string]string `json:"unwantedModules"`
+	// module names that should never be updated from their current version, mapped to a struct with version and reason
+	PinnedModules map[string]PinnedModule `json:"pinnedModules"`
+}
+
+type PinnedModule struct {
+	Version string `json:"Version"`
+	Reason  string `json:"Reason"`
 }

 type UnwantedStatus struct {
@ -219,6 +226,25 @@ func main() {
 		}
 	}

+	// Check for pinned modules that have been updated
+	pinnedModuleViolations := map[string][]string{}
+	if len(configFromFile.Spec.PinnedModules) > 0 {
+		// Get the current versions of pinned modules
+		for pinnedModule, pinnedInfo := range configFromFile.Spec.PinnedModules {
+			// Check if the module is in effectiveVersions
+			if effectiveModule, ok := effectiveVersions[pinnedModule]; ok {
+				// Compare with the pinned version from the JSON file
+				if effectiveModule.version != pinnedInfo.Version {
+					pinnedModuleViolations[pinnedModule] = []string{
+						fmt.Sprintf("Pinned version: %s", pinnedInfo.Version),
+						fmt.Sprintf("Attempted update to: %s", effectiveModule.version),
+						fmt.Sprintf("Reason for pinning: %s", pinnedInfo.Reason),
+					}
+				}
+			}
+		}
+	}
+
 	unwantedToReferencers := map[string][]module{}
 	for _, mainModule := range mainModules {
 		// visit to find unwanted modules still referenced from the main module
@ -364,6 +390,19 @@ func main() {
 	if needUpdate {
 		os.Exit(1)
 	}
+
+	// Check if there are any pinned module violations
+	if len(pinnedModuleViolations) > 0 {
+		log.Printf("ERROR: The following pinned modules have been updated:")
+		for module, details := range pinnedModuleViolations {
+			log.Printf("Module: %s", module)
+			for _, detail := range details {
+				log.Printf("  %s", detail)
+			}
+		}
+		log.Printf("Pinned modules must not be updated. Please revert these changes.")
+		os.Exit(1)
+	}
 }

 func visit(visitor func(m module, via []module), main module, references map[module][]module, effectiveVersions map[string]module) {
--- a/hack/unwanted-dependencies.json
+++ b/hack/unwanted-dependencies.json
@ -1,5 +1,15 @@
 {
  "spec": {
+    "pinnedModules": {
+      "github.com/ishidawataru/sctp": {
+        "Version": "v0.0.0-20230406120618-7ff4192f6ff2",
+        "Reason": "broken module, do not update until https://github.com/ishidawataru/sctp/pull/75 is fixed"
+      },
+      "github.com/libopenstorage/openstorage": {
+        "Version": "v1.0.0",
+        "Reason": "portworx csi driver has been deprecated and will be removed - https://github.com/kubernetes/enhancements/issues/2589"
+      }
+    },
    "unwantedModules": {
      "cloud.google.com/go": "cloud dependency",
      "cloud.google.com/go/bigquery": "cloud dependency",