This Go tool downloads specific YAML OpenShift manifests for the specified OCP release, encodes them in JSON and stores them under src/bindata to be included in the recert binary. Recert can then compute the spec-hash annotations of those components without worrying about potential JSON encoding differences between Go and Rust.
The supported manifests are:
- OpenShift apiserver deployment, managed by the cluster-openshift-apiserver-operator
- OpenShift oauth-apiserver deployment, managed by the cluster-authentication-operator
Syncing the assets:
# first make sure you have installed a Go version > 1.22, then
go run ./sync.goThe following Go JSON encoding rules are not implemented in Rust's serde_json:
- Go map keys are lexicographically sorted
- JSON strings are coerced to valid UTF-8, so that they will be safe to embed inside HTML <script> tags
After downloading the specified YAML manifests, we add and/or edit various fields of the latter, in order to end up with the same JSON manifests on which the respective cluster operators use to compute the spec-hash annotations.
The steps we try to simulate can be found here:
Part of the JSON manifest we need to compute the spec-hash on are annotations that need to be re-computed. For that reason, we add template variables to be replaced in recert, in the following format ${<variable name>}.