Update update_dep.sh #18609

henrybear327 · 2024-09-19T17:01:42Z

Based on the experience of performing dependency bumps, some minor improvements are made to the script to make it conform to our current dependency bump procedure, listed as follows:

print out the dependency's version before and after the bump
check if the dependency is fully indirect
change the behavior of bumping dependency (doesn't ignore bumping indirect dependency in the go mod files anymore)
check if all dependencies across all go mod files have the same pinned version respectively after bumping a dependency

Please read https://github.com/etcd-io/etcd/blob/main/CONTRIBUTING.md#contribution-flow.

henrybear327 · 2024-09-19T17:07:44Z

/cc @ivanvc
/cc @ahrtr
I am not good with bash scripts :(

This is the script that I have been using to bump the dependencies in the past months. Hopefully, it will be helpful for future volunteers before the dependabot is fixed!

ivanvc · 2024-09-19T17:14:40Z

@henrybear327, there are some shellcheck warnings in the script. Would you want to draft the PR? And would you like me to continue on top of it? Or do you want to address the issues?

henrybear327 · 2024-09-19T17:17:02Z

@henrybear327, there are some shellcheck warnings in the script. Would you want to draft the PR? And would you like me to continue on top of it? Or do you want to address the issues?

@ivanvc let's draft the PR and you can probably take over it if you have time to improve it!

Hopefully it's a helpful start otherwise you can trash the PR and start from scratch!

Thanks!

codecov-commenter · 2024-09-19T17:22:16Z

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 68.51%. Comparing base (5e543d7) to head (08decca).

Additional details and impacted files

see 21 files with indirect coverage changes

@@            Coverage Diff             @@
##             main   #18609      +/-   ##
==========================================
+ Coverage   68.44%   68.51%   +0.07%     
==========================================
  Files         429      429              
  Lines       35203    35203              
==========================================
+ Hits        24093    24121      +28     
+ Misses       9709     9682      -27     
+ Partials     1401     1400       -1

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 5e543d7...08decca. Read the comment docs.

🚀 New features to boost your workflow:

❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

henrybear327 · 2024-09-22T15:55:29Z

@henrybear327, there are some shellcheck warnings in the script. Would you want to draft the PR? And would you like me to continue on top of it? Or do you want to address the issues?

@ivanvc I have fixed the shellcheck errors

Maybe you can see if this is a good enough quality script to consider now!
Thank you!

scripts/update_dep.sh

ivanvc

Thanks for the pull request, Henry. I haven't had a chance to check it before. I left some comments ✌️

scripts/update_dep.sh

henrybear327 · 2025-10-08T21:40:07Z

This is looking like a great improvement. It also works great. I left a minimal suggestion for an improvement :)

Thanks for reviewing it! :)

ivanvc

Hi Henry. Thanks for putting this together. I used your script to do this week's dependency management. After enabling the workspace, as we mentioned before, it's not required to run make fix for each module. Running it at the end should be enough.

Also, ./scripts/fix.sh doesn't exist anymore. I left as suggestions the local edits I did to make it work.

scripts/update_dep.sh

henrybear327 · 2025-12-01T20:59:33Z

All comments addressed! Thanks to @ivanvc and @joshjms for the review!

henrybear327 · 2025-12-10T10:35:56Z

/retest

henrybear327 · 2025-12-11T08:21:39Z

/retest

henrybear327 · 2025-12-22T15:35:31Z

/retest

ivanvc

LGTM. I used to do the dependencies bump from #21049.

k8s-ci-robot · 2025-12-23T06:51:20Z

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: henrybear327, ivanvc

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

~~scripts/OWNERS~~ [ivanvc]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

scripts/test_lib.sh

ivanvc · 2025-12-23T06:52:32Z

/cc @ahrtr

k8s-ci-robot · 2025-12-23T07:42:24Z

@henrybear327: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
ci-etcd-robustness-release36-amd64	`190eb93`	link	true	`/test ci-etcd-robustness-release36-amd64`

Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

henrybear327 · 2025-12-23T08:22:23Z

/retest

ahrtr · 2025-12-23T10:57:11Z

Please ensure the script works on both Mac OS and Linux. The following is the output from my Mac OS.

Minor comment: Also I do not see the log_info "Updating ${mod} to version ${ver} in $(module_subdir)...". The duplication of log Adding 'github.com/olekukonko/tablewriter' to go.mod for update. just creates too many noise.

$ ./scripts/update_dep.sh github.com/olekukonko/tablewriter v1.1.2
github.com/olekukonko/tablewriter version in all go.mod files:
./etcdutl/go.mod		github.com/olekukonko/tablewriter v1.1.1
./go.mod		github.com/olekukonko/tablewriter v1.1.1 // indirect
./etcdctl/go.mod		github.com/olekukonko/tablewriter v1.1.1
./tests/go.mod		github.com/olekukonko/tablewriter v1.1.1

Adding 'github.com/olekukonko/tablewriter' to go.mod for update.
% (cd api && 'go' 'mod' 'edit' '-require' 'github.com/olekukonko/tablewriter@v1.1.2')
Adding 'github.com/olekukonko/tablewriter' to go.mod for update.
% (cd pkg && 'go' 'mod' 'edit' '-require' 'github.com/olekukonko/tablewriter@v1.1.2')
Adding 'github.com/olekukonko/tablewriter' to go.mod for update.
% (cd client/pkg && 'go' 'mod' 'edit' '-require' 'github.com/olekukonko/tablewriter@v1.1.2')
Adding 'github.com/olekukonko/tablewriter' to go.mod for update.
% (cd client/v3 && 'go' 'mod' 'edit' '-require' 'github.com/olekukonko/tablewriter@v1.1.2')
Adding 'github.com/olekukonko/tablewriter' to go.mod for update.
% (cd server && 'go' 'mod' 'edit' '-require' 'github.com/olekukonko/tablewriter@v1.1.2')
Adding 'github.com/olekukonko/tablewriter' to go.mod for update.
% (cd etcdutl && 'go' 'mod' 'edit' '-require' 'github.com/olekukonko/tablewriter@v1.1.2')
Adding 'github.com/olekukonko/tablewriter' to go.mod for update.
% (cd etcdctl && 'go' 'mod' 'edit' '-require' 'github.com/olekukonko/tablewriter@v1.1.2')
Adding 'github.com/olekukonko/tablewriter' to go.mod for update.
% (cd tests && 'go' 'mod' 'edit' '-require' 'github.com/olekukonko/tablewriter@v1.1.2')
Adding 'github.com/olekukonko/tablewriter' to go.mod for update.
% (cd tools/mod && 'go' 'mod' 'edit' '-require' 'github.com/olekukonko/tablewriter@v1.1.2')
Adding 'github.com/olekukonko/tablewriter' to go.mod for update.
% (cd tools/rw-heatmaps && 'go' 'mod' 'edit' '-require' 'github.com/olekukonko/tablewriter@v1.1.2')
Adding 'github.com/olekukonko/tablewriter' to go.mod for update.
% (cd tools/testgrid-analysis && 'go' 'mod' 'edit' '-require' 'github.com/olekukonko/tablewriter@v1.1.2')
Adding 'github.com/olekukonko/tablewriter' to go.mod for update.
% (cd cache && 'go' 'mod' 'edit' '-require' 'github.com/olekukonko/tablewriter@v1.1.2')
Adding 'github.com/olekukonko/tablewriter' to go.mod for update.
% 'go' 'mod' 'edit' '-require' 'github.com/olekukonko/tablewriter@v1.1.2'
PASSES="mod_tidy_fix" ./scripts/test.sh
go: downloading github.com/olekukonko/tablewriter v1.1.2
go: downloading github.com/clipperhouse/uax29/v2 v2.3.0
go: downloading github.com/olekukonko/ll v0.1.3
go: downloading github.com/clipperhouse/displaywidth v0.6.0
Running with --race
Starting at: Tue 23 Dec 2025 10:49:56 GMT

'mod_tidy_fix' started at Tue 23 Dec 2025 10:49:56 GMT
% 'rm' './go.sum'
% 'go' 'mod' 'tidy'
% (cd api && 'rm' './go.sum')
% (cd api && 'go' 'mod' 'tidy')
% (cd cache && 'rm' './go.sum')
% (cd cache && 'go' 'mod' 'tidy')
% (cd client/pkg && 'rm' './go.sum')
% (cd client/pkg && 'go' 'mod' 'tidy')
% (cd client/v3 && 'rm' './go.sum')
% (cd client/v3 && 'go' 'mod' 'tidy')
% (cd etcdctl && 'rm' './go.sum')
% (cd etcdctl && 'go' 'mod' 'tidy')
% (cd etcdutl && 'rm' './go.sum')
% (cd etcdutl && 'go' 'mod' 'tidy')
% (cd pkg && 'rm' './go.sum')
% (cd pkg && 'go' 'mod' 'tidy')
% (cd server && 'rm' './go.sum')
% (cd server && 'go' 'mod' 'tidy')
% (cd tests && 'rm' './go.sum')
% (cd tests && 'go' 'mod' 'tidy')
% (cd tools/mod && 'rm' './go.sum')
% (cd tools/mod && 'go' 'mod' 'tidy')
% (cd tools/rw-heatmaps && 'rm' './go.sum')
% (cd tools/rw-heatmaps && 'go' 'mod' 'tidy')
% (cd tools/testgrid-analysis && 'rm' './go.sum')
% (cd tools/testgrid-analysis && 'go' 'mod' 'tidy')
'mod_tidy_fix' PASSED and completed at Tue 23 Dec 2025 10:49:58 GMT
SUCCESS
./scripts/updatebom.sh
generating bill-of-materials.json
% (cd tools/mod && 'go' 'install' 'github.com/appscodelabs/license-bill-of-materials')
% '/Users/wachao/go/bin/license-bill-of-materials' '--override-file' './bill-of-materials.override.json' './...' './api/...' './cache/...' './client/pkg/...' './client/v3/...' './etcdctl/...' './etcdutl/...' './pkg/...' './server/...' './tests/...'
bom refreshed
./scripts/verify_golangci-lint_version.sh
golangci-lint version: v2.6.2
different golangci-lint version installed: v2.5.0
Installing golangci-lint v2.6.2
golangci/golangci-lint info checking GitHub for tag 'v2.6.2'
golangci/golangci-lint info found version: 2.6.2 for v2.6.2/darwin/arm64
golangci/golangci-lint info installed /Users/wachao/go/bin/golangci-lint
golangci-lint version: v2.6.2
PASSES="lint_fix" ./scripts/test.sh
Running with --race
Starting at: Tue 23 Dec 2025 10:50:14 GMT

'lint_fix' started at Tue 23 Dec 2025 10:50:14 GMT
% 'golangci-lint' 'run' '--config' '/Users/wachao/go/src/github.com/henrybear327/etcd/tools/.golangci.yaml' '--fix' './...' './api/...' './cache/...' './client/pkg/...' './client/v3/...' './etcdctl/...' './etcdutl/...' './pkg/...' './server/...' './tests/...' './tools/mod/...' './tools/rw-heatmaps/...' './tools/testgrid-analysis/...'
0 issues.
'lint_fix' PASSED and completed at Tue 23 Dec 2025 10:51:31 GMT
SUCCESS
./scripts/fix/yamllint.sh
% (cd tools/mod && 'go' 'install' 'github.com/google/yamlfmt/cmd/yamlfmt')
% '/Users/wachao/go/bin/yamlfmt' '-conf' '/Users/wachao/go/src/github.com/henrybear327/etcd/tools/.yamlfmt' '.'
./scripts/sync_go_toolchain_directive.sh
./scripts/update_go_workspace.sh
sed: 1: "1i\// This is a generat ...": extra characters after \ at the end of i command
make: *** [update-go-workspace] Error 1

ahrtr · 2025-12-23T10:58:42Z

Please also update https://github.com/etcd-io/etcd/blob/main/Documentation/contributor-guide/dependency_management.md to clarify how this script should be used. Please keep the existing manual steps to bump each dependency, just add an alternative way to bump dependency using this script.

henrybear327 · 2025-12-23T12:17:40Z

Thanks for the feedback @ahrtr ^_^

Sorry that I didn't test it on MacOS at all since I wasn't aware we need to support that, too (the sed issue is a very classic one to have...)
I will make the changes accordingly! :)

Based on the experience of performing dependency bumps, some minor improvements are made to the script to make it conform to our current dependency bump procedure, listed as follows: - print out the dependency's version before and after the bump - check if the dependency is fully indirect - change the behavior of bumping dependency (doesn't ignore bumping indirect dependency in the go mod files anymore) - check if all dependencies across all go mod files have the same pinned version respectively after bumping a dependency Signed-off-by: Chun-Hung Tseng <henrybear327@gmail.com>

k8s-ci-robot added the size/M label Sep 19, 2024

henrybear327 force-pushed the ci/improve_update_dep branch from 3976754 to c0ba3eb Compare September 19, 2024 17:02

henrybear327 mentioned this pull request Sep 19, 2024

[2024-09-19] Bump dependency updates identified by dependabot #18610

Merged

k8s-ci-robot requested review from ahrtr and ivanvc September 19, 2024 17:07

henrybear327 marked this pull request as draft September 20, 2024 08:17

k8s-ci-robot added the do-not-merge/work-in-progress label Sep 20, 2024

henrybear327 force-pushed the ci/improve_update_dep branch from c0ba3eb to 4691dfc Compare September 22, 2024 15:53

henrybear327 marked this pull request as ready for review September 22, 2024 15:54

k8s-ci-robot removed the do-not-merge/work-in-progress label Sep 22, 2024

ahrtr reviewed Sep 22, 2024

View reviewed changes

scripts/update_dep.sh Outdated Show resolved Hide resolved

henrybear327 force-pushed the ci/improve_update_dep branch from 4691dfc to f94117c Compare September 22, 2024 19:27

henrybear327 requested a review from ahrtr September 22, 2024 19:28

ahrtr reviewed Sep 23, 2024

View reviewed changes

scripts/update_dep.sh Outdated Show resolved Hide resolved

henrybear327 force-pushed the ci/improve_update_dep branch 2 times, most recently from 967bc31 to f892b05 Compare September 25, 2024 07:33

henrybear327 marked this pull request as draft September 25, 2024 07:55

k8s-ci-robot added the do-not-merge/work-in-progress label Sep 25, 2024

ivanvc reviewed Sep 25, 2024

View reviewed changes

scripts/update_dep.sh Outdated Show resolved Hide resolved

scripts/update_dep.sh Show resolved Hide resolved

scripts/update_dep.sh Outdated Show resolved Hide resolved

scripts/update_dep.sh Outdated Show resolved Hide resolved

scripts/update_dep.sh Outdated Show resolved Hide resolved

henrybear327 force-pushed the ci/improve_update_dep branch from f892b05 to d26e944 Compare September 25, 2024 20:50

henrybear327 force-pushed the ci/improve_update_dep branch 3 times, most recently from 1e47ce2 to 97d9610 Compare October 8, 2024 17:36

henrybear327 force-pushed the ci/improve_update_dep branch 2 times, most recently from 401bceb to 612ca28 Compare October 27, 2024 03:33

henrybear327 force-pushed the ci/improve_update_dep branch from 8af5f84 to 340a0bb Compare October 8, 2025 21:38

ivanvc reviewed Nov 9, 2025

View reviewed changes

scripts/update_dep.sh Outdated Show resolved Hide resolved

scripts/update_dep.sh Outdated Show resolved Hide resolved

henrybear327 force-pushed the ci/improve_update_dep branch 3 times, most recently from c6a84c8 to 2b5ddcc Compare December 1, 2025 20:58

henrybear327 requested review from ivanvc and joshjms December 1, 2025 20:59

henrybear327 force-pushed the ci/improve_update_dep branch 2 times, most recently from 68d11d2 to d1ad187 Compare December 4, 2025 20:56

henrybear327 force-pushed the ci/improve_update_dep branch 2 times, most recently from 9d079a4 to 61c1af3 Compare December 10, 2025 09:51

henrybear327 force-pushed the ci/improve_update_dep branch from 61c1af3 to d92d722 Compare December 20, 2025 15:53

ivanvc approved these changes Dec 23, 2025

View reviewed changes

k8s-ci-robot added the approved label Dec 23, 2025

ivanvc reviewed Dec 23, 2025

View reviewed changes

scripts/test_lib.sh Outdated Show resolved Hide resolved

henrybear327 force-pushed the ci/improve_update_dep branch from d92d722 to 05ee831 Compare December 23, 2025 07:10

henrybear327 force-pushed the ci/improve_update_dep branch from 05ee831 to 08decca Compare December 28, 2025 08:42

Update update_dep.sh #18609

Are you sure you want to change the base?

Update update_dep.sh #18609

Conversation

henrybear327 commented Sep 19, 2024 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

henrybear327 commented Sep 19, 2024

Uh oh!

ivanvc commented Sep 19, 2024

Uh oh!

henrybear327 commented Sep 19, 2024

Uh oh!

codecov-commenter commented Sep 19, 2024 • edited by codecov bot Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Codecov Report

Uh oh!

henrybear327 commented Sep 22, 2024

Uh oh!

Uh oh!

Uh oh!

ivanvc left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

henrybear327 commented Oct 8, 2025

Uh oh!

ivanvc left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

henrybear327 commented Dec 1, 2025

Uh oh!

henrybear327 commented Dec 10, 2025

Uh oh!

henrybear327 commented Dec 11, 2025

Uh oh!

henrybear327 commented Dec 22, 2025

Uh oh!

ivanvc left a comment

Choose a reason for hiding this comment

Uh oh!

k8s-ci-robot commented Dec 23, 2025

Uh oh!

Uh oh!

ivanvc commented Dec 23, 2025

Uh oh!

k8s-ci-robot commented Dec 23, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

henrybear327 commented Dec 23, 2025

Uh oh!

ahrtr commented Dec 23, 2025

Uh oh!

ahrtr commented Dec 23, 2025

Uh oh!

henrybear327 commented Dec 23, 2025

Uh oh!

Reviewers

Assignees

Labels

Milestone

Development

Uh oh!

6 participants

henrybear327 commented Sep 19, 2024 •

edited

Loading

codecov-commenter commented Sep 19, 2024 •

edited by codecov bot

Loading

k8s-ci-robot commented Dec 23, 2025 •

edited

Loading