refactor(pakcages): update sync_diff_inspector package source to tiflow

[wuhuizuo]

As the v8.5.x version will live for long times, I suggest to update the fetching source of LTS versions to artifacts of tiflow for sync_diff_inspector binary for release version <=9.0.0 in offline-packages.

[ti-chi-bot]

I have already done a preliminary review for you, and I hope to help you do a better job.

Summary:
This PR updates the sync_diff_inspector package source in the offline-packages.yaml.tmpl file to point from the pingcap/tidb-tools image to the pingcap/tiflow image, along with adjusting the path from tidb-tools-*.tar.gz to sync-diff-inspector-*.tar.gz. This is done consistently across multiple package definitions presumably for versions <= 9.0.0 as per the description. The changes appear mechanical, consistent, and focused solely on source references without altering logic or structure, indicating a low risk of functional regressions.

---

Code Improvements

• Lack of Version Pinning or Tagging:

  • File: packages/offline-packages.yaml.tmpl (all changes)
  • Issue: The OCI image URLs use the master_{{.Release.os}}_{{.Release.arch}} tag, which can be unstable or change over time.
  • Suggestion: Consider using explicit version tags or digests to ensure reproducible builds/releases. For example:

    url: "{{ .Release.registry }}/pingcap/tiflow/package:v9.0.0_{{.Release.os}}_{{ .Release.arch}}"

  • This avoids potential issues with the "master" tag moving unexpectedly and causing inconsistent package sources.

• No Validation or Fallback for Package Path Changes:

  • The path pattern changes from tidb-tools-*.tar.gz to sync-diff-inspector-*.tar.gz.
  • Ensure that the new tarball names and internal structure (extract_inner_path: sync_diff_inspector) are correct and tested.
  • If the package structure differs, missing files or extraction errors could occur.
  • Suggestion: Add validation steps or update related tooling/tests that rely on these paths.

---

Best Practices

• PR Description Clarity:

  • The description "for release version <=9.0.0 in offline-packages" is vague.
  • Suggest expanding the description to clarify:
    • Why the source is updated (e.g., repo restructuring, new package location).
    • Impact on downstream consumers.
    • Any required follow-up actions or testing.
  • Example:

    "Update sync_diff_inspector package source from pingcap/tidb-tools to pingcap/tiflow OCI images for releases <= 9.0.0 in offline packages to align with upstream source migration."

• Documentation / Comment Update:

  • Since this is a mass refactor of package sources, consider adding a comment block near the changed lines describing the rationale for future maintainers.
  • This helps avoid confusion since the same package name now pulls from a different image.

• Testing Coverage:

  • No evidence of tests or validation steps updated in this PR.
  • Suggest verifying offline package builds and deployments using the updated source.
  • If not already automated, add integration tests to confirm package extraction and functionality work with the new source.

---

Summary of Recommendations

- Pin OCI image tags to explicit versions instead of using `master` to ensure reproducibility.
- Verify that the new tarball path and extraction paths are correct and consistent with the new tiflow package.
- Improve PR description to clearly state the reason and impact of the change.
- Add comments in the YAML file explaining the migration for maintainability.
- Add or update tests to validate offline package builds with the new package source.

Addressing these points will reduce risk, improve maintainability, and ensure the correctness of this refactor.

[gemini-code-assist]

Summary of Changes

Hello @wuhuizuo, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request refactors the configuration for the sync_diff_inspector package within the offline packages system. The primary goal is to align the package's source with its new location in the tiflow repository and to ensure the correct archive is identified during package retrieval for specific release versions.

Highlights

• Package Source Update: The source URL for the sync_diff_inspector package has been updated from pingcap/tidb-tools to pingcap/tiflow.
• Package Path Refinement: The regular expression used to match the sync_diff_inspector archive filename has been adjusted to specifically look for sync-diff-inspector instead of the broader tidb-tools pattern.
• Scope of Change: These updates are applied consistently across various editions within the offline-packages.yaml.tmpl file, specifically targeting release versions less than or equal to 9.0.0.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[wuhuizuo]

/cc @Benjamin2037 @joechenrh

[gemini-code-assist]

Code Review

This pull request refactors the source for the sync_diff_inspector package in offline package definitions, updating it from pingcap/tidb-tools to pingcap/tiflow. This change is applied across various TiDB release versions older than v9.0.0. While the repository update is correct, the implementation introduces a significant risk by fetching the package using the master tag. This means older, stable TiDB releases would be packaged with a potentially unstable, development version of sync_diff_inspector, which could lead to compatibility problems. My review comments consistently recommend replacing the master tag with the specific {{ .Release.version }} tag to ensure that a compatible version of the tool is used, aligning with the practice for other components in the file. This is a crucial change for the stability and correctness of the offline packages. Also, there is a small typo in the pull request title ('pakcages' should be 'packages').

[joechenrh]

LGTM, but maybe it should be merged after I sync tiflow repo with tidb-tools.

[ti-chi-bot]

@joechenrh: adding LGTM is restricted to approvers and reviewers in OWNERS files.

Details

In response to this:

LGTM, but maybe it should be merged after I sync tiflow repo with tidb-tools.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[ti-chi-bot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: joechenrh
Once this PR has been reviewed and has the lgtm label, please assign wuhuizuo for approval. For more information see the Code Review Process.
Please ensure that each of them provides their approval before proceeding.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[wuhuizuo]

LGTM, but maybe it should be merged after I sync tiflow repo with tidb-tools.

/hold

when the code migration is done, we need to update the route for v8.5.x like >= v9.0.0 route to use tiup package to combine the offline packages.