Skip to content

Comments

chore: bump tastora version#2830

Merged
randygrok merged 4 commits intomainfrom
cian/bump-tastora-v8
Nov 11, 2025
Merged

chore: bump tastora version#2830
randygrok merged 4 commits intomainfrom
cian/bump-tastora-v8

Conversation

@chatton
Copy link
Contributor

@chatton chatton commented Nov 11, 2025

Overview

@github-actions
Copy link
Contributor

github-actions bot commented Nov 11, 2025

The latest Buf updates on your PR. Results from workflow CI / buf-check (pull_request).

BuildFormatLintBreakingUpdated (UTC)
✅ passed⏩ skipped✅ passed✅ passedNov 11, 2025, 12:02 PM

@claude
Copy link
Contributor

claude bot commented Nov 11, 2025

Claude finished @chatton's task —— View job


Code Review Complete

  • Examine PR diff and changed files
  • Review code quality & architecture
  • Assess error handling & resilience
  • Check security considerations
  • Evaluate performance & resource efficiency
  • Review testing & reliability
  • Verify documentation & developer experience
  • Provide comprehensive feedback

Summary

This PR bumps the Tastora testing framework from an unstable pre-release commit (v0.7.6-0.20251106081541-3ec2da2f1f7f) to a stable tagged release (v0.8.0), and includes minor code quality improvements. The changes are well-executed and align with best practices for dependency management.

Detailed Review

1. Code Quality & Architecture ✅

Strengths:

  • Type safety improvement: The change from *dockerclient.Client to tastoratypes.TastoraDockerClient (test/docker-e2e/docker_test.go:54) provides better abstraction and type safety
  • API modernization: The update from tastoradocker.DockerSetup(t) to tastoradocker.Setup(t) (test/docker-e2e/docker_test.go:61) suggests cleaner API design
  • Import cleanup: Removal of unused direct docker import (github.com/moby/moby/client) reduces coupling to implementation details
  • Test structure improvement: Moving setupDockerEnvironment() out of a subtest (test/docker-e2e/upgrade_test.go:62-64) improves test reliability by ensuring setup happens before test phases run

Idiomatic Go:

  • All changes follow standard Go conventions
  • Proper use of testify/suite patterns
  • Clean separation of concerns maintained

2. Error Handling & Resilience ✅

No changes to error handling logic. Existing patterns remain sound:

  • Proper use of s.Require().NoError(err) for critical operations
  • Context propagation is consistent throughout
  • No new error paths introduced

3. Security 🔒

Positive changes:

  • Dependency update: Moving from an unstable commit reference to a tagged release (v0.8.0) improves supply chain security and reproducibility
  • Reduced direct dependencies: The removal of direct moby/moby/client import reduces attack surface
  • Transitive dependency updates: Minor version bumps (e.g., github.com/consensys/gnark-crypto v0.18.0v0.18.1) likely include security patches

Recommendation:
Consider running go list -m all | nancy sleuth or similar vulnerability scanning tools to verify no known CVEs in the updated dependency tree.

4. Performance & Resource Efficiency ✅

No performance-impacting changes detected:

  • Docker container lifecycle management unchanged
  • Test timing and concurrency patterns preserved
  • Resource cleanup logic intact

5. Testing & Reliability ✅✨

Improvements:

  • Better test structure: Moving setupDockerEnvironment() outside the subtest (test/docker-e2e/upgrade_test.go:62) is a significant improvement. This ensures:
    • Setup failures provide clearer error messages
    • Test phases can rely on completed setup
    • Parallel test execution is safer (if enabled)

Test Coverage:

  • Codecov reports all modified lines remain covered
  • Minor coverage decrease (-0.06%) is unrelated to these changes (likely in other modules)

Existing test quality:
The test suite demonstrates excellent practices:

  • Comprehensive upgrade testing with pre/post verification
  • Health check polling with appropriate timeouts
  • Transaction verification ensuring state persistence
  • Clear test phase organization with descriptive subtests

6. Documentation & Developer Experience 📝

Good:

  • Removal of TODO comment in go.mod shows resolution of technical debt
  • Commit messages follow conventional commits format (chore:)

Suggestion for improvement:
The PR description is empty. Consider adding:

## Overview
This PR upgrades the Tastora testing framework from an unstable pre-release to stable v0.8.0.

### Changes
- Bump `github.com/celestiaorg/tastora` from commit reference to v0.8.0 tagged release
- Update to new Tastora API (`Setup()` vs `DockerSetup()`, `TastoraDockerClient` interface)
- Improve test structure by moving setup out of subtest
- Clean up unused direct Docker client import

### Motivation
Using tagged releases improves reproducibility and supply chain security over commit references.

Specific Findings

Minor Issues / Observations

  1. Go version in go.mod (test/docker-e2e/go.mod:3)

    • go 1.24.6 - Verify this is intentional. As of my knowledge cutoff (Jan 2025), Go 1.24 exists but 1.24.6 may be a future patch version. This is likely fine if you're testing against upcoming releases.
  2. Dependency marker change (test/docker-e2e/go.mod:179)

    • github.com/moby/moby v28.3.3+incompatible changed from direct to indirect dependency (added // indirect comment)
    • This is correct - Tastora now properly re-exports needed Docker types, so the direct dependency is no longer needed
  3. Test structure best practice (test/docker-e2e/upgrade_test.go:62)

    • ✅ Excellent improvement moving setup outside subtest. This is a best practice for suite-based tests.

Code Quality Wins

  1. Type safety (test/docker-e2e/docker_test.go:54)

    - dockerClient    *dockerclient.Client
    + dockerClient    tastoratypes.TastoraDockerClient

    Using an interface type enables easier testing and reduces coupling to concrete implementations.

  2. API simplification (test/docker-e2e/docker_test.go:61)

    - client, network := tastoradocker.DockerSetup(t)
    + client, network := tastoradocker.Setup(t)

    Cleaner, more idiomatic naming.

Recommendations

High Priority

  • ✅ None - the changes are production-ready

Medium Priority

  • Add PR description explaining the upgrade rationale
  • Consider running dependency vulnerability scanning as part of CI

Low Priority

  • Verify Go version 1.24.6 in go.mod is intentional or should be 1.24
  • Consider documenting Tastora v0.8.0 breaking changes (if any) in commit messages for future reference

Final Assessment

Approval: ✅ Ready to Merge

This is a well-executed maintenance PR that:

  • ✅ Follows Go best practices and idiomatic patterns
  • ✅ Improves dependency management (commit ref → tagged release)
  • ✅ Enhances type safety and API cleanliness
  • ✅ Maintains test coverage
  • ✅ Improves test structure reliability
  • ✅ Contains no security, performance, or reliability concerns

The code quality improvements and migration to a stable Tastora release make this a valuable update. The test structure improvement (setup outside subtest) is particularly commendable.

Codecov Note: The 0.06% coverage decrease is in unrelated modules (4 misses added elsewhere) and not caused by these changes.

@codecov
Copy link

codecov bot commented Nov 11, 2025

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 64.74%. Comparing base (784d036) to head (790d939).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files
@@            Coverage Diff             @@
##             main    #2830      +/-   ##
==========================================
- Coverage   64.79%   64.74%   -0.06%     
==========================================
  Files          81       81              
  Lines        7224     7224              
==========================================
- Hits         4681     4677       -4     
- Misses       2003     2007       +4     
  Partials      540      540              
Flag Coverage Δ
combined 64.74% <ø> (-0.06%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@chatton chatton marked this pull request as ready for review November 11, 2025 12:21
s.Run("setup_docker", func() {
s.setupDockerEnvironment()
})
s.setupDockerEnvironment()
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this needs to not be in a subtest, otherwise resources can get cleaned up just after they are created

@chatton chatton requested a review from randygrok November 11, 2025 12:21
Copy link
Contributor

@alpe alpe left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍 LGTM

@randygrok randygrok added this pull request to the merge queue Nov 11, 2025
Merged via the queue into main with commit 3a9c9ba Nov 11, 2025
33 checks passed
@randygrok randygrok deleted the cian/bump-tastora-v8 branch November 11, 2025 12:45
@github-project-automation github-project-automation bot moved this to Done in Evolve Nov 11, 2025
alpe added a commit that referenced this pull request Nov 12, 2025
* main:
  chore: bump tastora version (#2830)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

Archived in project

Development

Successfully merging this pull request may close these issues.

3 participants