fix: Fix offline build errors in CVE feed #45016
Conversation
k8s-ci-robot
added
cncf-cla: yes
k8s-ci-robot
added
the
sig/docs
✅ Pull request preview available for checkingBuilt without sensitive environment variables
To edit notification comments on pull requests, go to your Netlify site configuration. |
|
/area web-development |
k8s-ci-robot
added
the
area/web-development
|
@sftim Thanks for your commits. I applied suggested changes |
|
This helps with #42162 |
There was a problem hiding this comment.
The changes look good based on my testing. However, it's important to make similar changes in release-binaries.htmland cve-feed.json, as highlighted in the earlier review feedback (here).
| {{ if ne $feed.version "https://jsonfeed.org/version/1.1" }} | ||
| {{ warnf "CVE feed shortcode. KEP-3203: CVE feed does not comply with JSON feed v1.1." }} | ||
| {{ end }} | ||
| <table class="security-cves"> | ||
| <!-- Handle case if CVE feed is not available. For example for offline build --> | ||
| {{ if ne $feed nil }} |
There was a problem hiding this comment.
Optional improvement: Instead of just displaying an empty table with headers, we could enhance the user experience by showing a helpful message, perhaps in a note, indicating that the offline preview does not support the CVE Feed.
There was a problem hiding this comment.
There is another way.
If we change the fetch to use https://gohugo.io/functions/resources/getremote/, then we can attempt to fetch offline and warn at build time. And, yes, we can substitute something in.
For a production build, we should error out instead of warning.
There was a problem hiding this comment.
User will receive a warning message in build log. I guess that build should works offline if some of resources are unavailable.
Yes we won't display some content that require remote files but other content will be ok and editable
Co-authored-by: Tim Bannister <tim@scalefactory.com>
Co-authored-by: Tim Bannister <tim@scalefactory.com>
sergeyshevch
force-pushed
the
fix/offline-build-errors
branch
from
9043182
to
58455df
Compare
k8s-ci-robot
added
size/M
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
I rebased this PR on actual main and addressed all comments above |
| @@ -1,4 +1,11 @@ | |||
| {{ $feed := getJSON .Site.Params.cveFeedBucket -}} | |||
There was a problem hiding this comment.
Really, we should switch this to use transform.GetRemote; see https://gohugo.io/functions/resources/getremote/#remote-data for an example that includes error handling. Then I don't think we need to edit the hugo.toml to ignore error-remote-getjson.
(If we switch, we can still change the error handling based on which environment we're in)
There was a problem hiding this comment.
There's already an existing PR #45375 that focuses on enhancing data retrieval by replacing 'getJSON' with 'transform.Unmarshal'. Perhaps we could consider combining these changes into a single PR.
(EDIT: I have updated the PR-45375 to include the error handling based on environment.)
| @@ -1,9 +1,19 @@ | |||
| {{ $feed := getJSON .Site.Params.cveFeedBucket }} | |||
There was a problem hiding this comment.
Really, we should switch this to use transform.GetRemote; see https://gohugo.io/functions/resources/getremote/#remote-data for an example that includes error handling. Then I don't think we need to edit the hugo.toml to ignore error-remote-getjson.
(If we switch, we can still change the error handling based on which environment we're in)
| @@ -1,5 +1,13 @@ | |||
| <!-- Fetch release_binaries.json from kubernetes-sigs/downloadkubernetes to render in table --> | |||
| {{ $response := getJSON "https://raw.githubusercontent.com/kubernetes-sigs/downloadkubernetes/master/dist/release_binaries.json" }} | |||
There was a problem hiding this comment.
Really, we should switch this to use transform.GetRemote; see https://gohugo.io/functions/resources/getremote/#remote-data for an example that includes error handling. Then I don't think we need to edit the hugo.toml to ignore error-remote-getjson.
(If we switch, we can still change the error handling based on which environment we're in)
|
I'd prefer to see this PR switch to using |
|
@dipesh-rawat Looks like that #45375 fully include this PR fix. Maybe we should close this one then? I'm totally ok with that |
k8s-ci-robot
added
the
needs-rebase
|
PR needs rebase. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
Hello! This PR addresses issue #44223. I added checks for nil in getJson shortcode usage and now the website can be built without internet access if all required images already exist on the machine.
How to check:
make container-servelocallymake container-serveagain. It should be completed with warnings about CVE feed missing