Skip to content

Replace random generated "inventory ID"#4396

Open
Jaisheesh-2006 wants to merge 11 commits intokptdev:mainfrom
Jaisheesh-2006:fix/4387-loose-inventory-id
Open

Replace random generated "inventory ID"#4396
Jaisheesh-2006 wants to merge 11 commits intokptdev:mainfrom
Jaisheesh-2006:fix/4387-loose-inventory-id

Conversation

@Jaisheesh-2006
Copy link
Copy Markdown
Contributor

@Jaisheesh-2006 Jaisheesh-2006 commented Feb 17, 2026

Description

This PR replaces the generation of random UUIDs for inventory IDs with a deterministic SHA-1 hashing mechanism. By deriving the inventory ID from the package namespace and --name, we ensure that the same package configuration always maps to the same inventory object in the cluster.

Key Changes:

  • Deterministic ID Generation: Implemented generateHash(namespace, name) using length-prefixed SHA-1 to replace google/uuid.
  • Mandatory Flag: The --name flag is now mandatory for kpt live init to ensure the hash can be consistently generated.
  • Validation: Added DNS-1123 label validation for the --name input to ensure compatibility with Kubernetes resource naming conventions.
  • Legacy Support: Hidden the --inventory-id flag from the help menu to encourage deterministic usage while maintaining backward compatibility for existing workflows.
  • Robustness: Added guards in kpt live migrate to prevent operations on empty or malformed inventory names.

Motivation

Previously, re-fetching or re-initializing a package would generate a new random UUID. This led to "lost inventory" bugs where kpt could no longer track or prune resources previously applied to the cluster because the association (the ID) had changed. Deterministic hashing ensures that as long as the namespace and name remain constant, the inventory remains trackable across different environments and local clones.

Fixes

Fixes #4387

@Jaisheesh-2006
fix(live): use deterministic hash for inventory ID
886b826 
Replaces random UUIDs with SHA-1 hashes derived from namespace and name
to prevent lost inventory bugs. Makes --name mandatory and adds DNS-1123
validation. Hides --inventory-id to favor deterministic generation.

Fixes kptdev#4387

Signed-off-by: Jaisheesh-2006 <jaicodes2006@gmail.com>
Copilot AI review requested due to automatic review settings February 17, 2026 12:50
@netlify
Copy link
Copy Markdown

netlify bot commented Feb 17, 2026
edited
Loading

Deploy Preview for kptdocs ready!

Name Link
🔨 Latest commit ca7b848
🔍 Latest deploy log https://app.netlify.com/projects/kptdocs/deploys/69b2daf2f7a7e00008608d73
😎 Deploy Preview https://deploy-preview-4396--kptdocs.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify project configuration.

@dosubot dosubot bot added the area/live label Feb 17, 2026
Copilot AI reviewed Feb 17, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR addresses lost-inventory behavior by making kpt live init inventory IDs deterministic (derived from namespace + --name) instead of random UUID-based values, and updates related CLI guidance/tests/docs.

Changes:

  • Make --name mandatory for kpt live init and validate it against Kubernetes DNS-1123 naming rules.
  • Replace auto-generated inventory IDs with a deterministic, length-prefixed SHA-1 hash.
  • Update migrate/init flows, generated docs, and e2e coverage to reflect the new required --name behavior.

Reviewed changes

Copilot reviewed 5 out of 6 changed files in this pull request and generated 4 comments.

Show a summary per file
File Description
pkg/lib/errors/resolver/live.go Updates user-facing resolver messages to instruct using kpt live init --name=....
internal/docs/generated/livedocs/docs.go Updates generated CLI docs to reflect required --name and “advanced” inventory-id override semantics.
e2e/live/end-to-end-test.sh Updates e2e invocations/assertions to pass --name and expect stable RG names.
commands/live/migrate/migratecmd.go Adds guardrails in migration; however, introduces/retains error-handling issues in RG-file existence checks and malformed inventory handling.
commands/live/init/cmdliveinit_test.go Reworks tests for name validation and deterministic hash expectations.
commands/live/init/cmdliveinit.go Implements deterministic hash ID generation, mandatory --name, hides --inventory-id, and updates init behavior.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@Jaisheesh-2006
fix: lowercase error string and fix e2e assertRGInventory name matching
0c363ec 
Signed-off-by: Jaisheesh-2006 <jaicodes2006@gmail.com>
@Jaisheesh-2006
fix(e2e): use consistent inventory name in quiet init test
1e0c7f5 
The quiet init test was changing the inventory name from
inventory-18030002 back to rg-test-case-1a, causing the downstream
'status on symlink' assertion to fail.

Signed-off-by: Jaisheesh-2006 <jaicodes2006@gmail.com>
Copilot AI review requested due to automatic review settings February 17, 2026 13:19
Copilot AI reviewed Feb 17, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 5 out of 6 changed files in this pull request and generated 3 comments.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@dosubot dosubot bot added the size:L This PR changes 100-499 lines, ignoring generated files. label Feb 20, 2026
Copilot AI review requested due to automatic review settings February 20, 2026 12:56
@Jaisheesh-2006 Jaisheesh-2006 force-pushed the fix/4387-loose-inventory-id branch from 07896b7 to 1e0c7f5 Compare February 20, 2026 12:56
Copilot AI reviewed Feb 20, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 5 out of 6 changed files in this pull request and generated 2 comments.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@Jaisheesh-2006
fix(live): harden inventory name validation and init logic
a7d2e1d 
- Replace IsDNS1123Subdomain with IsDNS1123Label for stricter
  name validation (63-char limit, no dots).
- Capture fmt.Fprintf error in generateHash.
- Validate directory-name fallback with IsDNS1123Label when
  --name is omitted by internal callers (e.g., migrate).
- Fix wrong error variable (err to rgFileErr) in os.Stat switch
  in migratecmd.go.
- Remove unreachable kf.Inventory.Name == '' guard in migratecmd.go.
- Tighten assertRGInventory bash check from -ge 1 to -eq 1.
- Remove dead generateID function and unused imports.
- Add tests for directory-name fallback validation path.

Fixes kptdev#4387

Signed-off-by: Jaisheesh-2006 <jaicodes2006@gmail.com>
@Jaisheesh-2006
fix(live): add SHA-1 comment and align e2e test assertion
51f18a4 
- Add explanatory comment for SHA-1 usage to clarify it is not for cryptographic security.
- Align assertRGInventory bash script comment with the strict -eq 1 implementation.

Signed-off-by: Jaisheesh-2006 <jaicodes2006@gmail.com>
Copilot AI review requested due to automatic review settings February 23, 2026 13:35
Copilot AI reviewed Feb 23, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 5 out of 6 changed files in this pull request and generated 2 comments.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@efiacor efiacor changed the title Fix #4387 Replace random generated "inventory ID" Feb 23, 2026
@CsatariGergely
Copy link
Copy Markdown
Contributor

CsatariGergely commented Mar 11, 2026

@Jaisheesh-2006 please address the Copilot comments.

@Jaisheesh-2006
refactor: apply code review suggestions for error formatting and comm…
c40fb9f 
…ents

- Formatted the errNameRequired error message into a single string to improve code readability.
- Expanded the inline comment in cmdliveinit.go to clarify the rationale for using SHA-1 for deterministic ID generation.

Signed-off-by: Jaisheesh-2006 <jaicodes2006@gmail.com>
@Jaisheesh-2006
Merge branch 'fix/4387-loose-inventory-id' of https://github.com/Jais…
1228b19 
…heesh-2006/kpt-open-source into fix/4387-loose-inventory-id
Copilot AI review requested due to automatic review settings March 12, 2026 08:54
Copilot AI reviewed Mar 12, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 5 out of 6 changed files in this pull request and generated 3 comments.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

You can also share your feedback on Copilot code review. Take the survey.

@Jaisheesh-2006
fix: stabilize e2e expectations and harden live init validation
46306c9 
add explicit CRD dependency for live apply CRD+CR e2e case
update fn-render golden output for subpackage deletion behavior
replace unsafe angle-bracket placeholders in user-facing command examples
switch live init name validation from DNS1123 label to subdomain
add tests for dotted Kubernetes names and directory fallback behavior

Signed-off-by: Jaisheesh-2006 <jaicodes2006@gmail.com>
@dosubot dosubot bot added size:XL This PR changes 500-999 lines, ignoring generated files. and removed size:L This PR changes 100-499 lines, ignoring generated files. labels Mar 12, 2026
@Jaisheesh-2006
Fix live apply CRD ordering and align fn-render golden output
aa5ffab 
Signed-off-by: Jaisheesh-2006 <jaicodes2006@gmail.com>
Copilot AI review requested due to automatic review settings March 12, 2026 12:14
Copilot AI reviewed Mar 12, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 10 out of 11 changed files in this pull request and generated 5 comments.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

You can also share your feedback on Copilot code review. Take the survey.

@Jaisheesh-2006
Reviewed and applied copilot sugesstions about OUT_DIR & COMMIT_MESSAGE
ca7b848 
Signed-off-by: Jaisheesh-2006 <jaicodes2006@gmail.com>
@Jaisheesh-2006
Copy link
Copy Markdown
Contributor Author

Jaisheesh-2006 commented Mar 12, 2026

Hello @CsatariGergely. Thank you for bringing the Copilot suggestions to my attention. I have implemented all the requested fixes, and all tests are passing successfully. Please let me know if you need any further changes.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@liamfallon liamfallon Awaiting requested review from liamfallon liamfallon is a code owner

@kispaljr kispaljr Awaiting requested review from kispaljr kispaljr is a code owner

@mozesl-nokia mozesl-nokia Awaiting requested review from mozesl-nokia mozesl-nokia is a code owner

@efiacor efiacor Awaiting requested review from efiacor efiacor is a code owner

At least 2 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

area/live size:XL This PR changes 500-999 lines, ignoring generated files.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Loose random generated "inventory ID" in order to make kpt less confusing to new users

3 participants

@Jaisheesh-2006 @CsatariGergely