DockerCLI/dockerfiles/Dockerfile.vendor

44 lines
1.0 KiB
Docker
Raw Normal View History

# syntax=docker/dockerfile:1
ARG GO_VERSION=1.21.1
ARG ALPINE_VERSION=3.17
ARG MODOUTDATED_VERSION=v0.8.0
FROM golang:${GO_VERSION}-alpine${ALPINE_VERSION} AS base
ENV GOTOOLCHAIN=local
RUN apk add --no-cache bash git rsync
WORKDIR /src
FROM base AS vendored
Dockerfile.vendor: update GOPROXY to use default with fallback Use the default proxy, to assist with vanity domains mis-behaving, but keep a fallback for situations where we need to get modules from GitHub directly. This should hopefully help with the gopkg.in/yaml.v2 domain often going AWOL; #14 245.9 gopkg.in/yaml.v2@v2.4.0: unrecognized import path "gopkg.in/yaml.v2": reading https://gopkg.in/yaml.v2?go-get=1: 502 Bad Gateway #14 245.9 server response: Cannot obtain refs from GitHub: cannot talk to GitHub: Get https://github.com/go-yaml/yaml.git/info/refs?service=git-upload-pack: write tcp 10.131.9.188:60820->140.82.121.3:443: write: broken pipe curl 'https://gopkg.in/yaml.v2?go-get=1' Cannot obtain refs from GitHub: cannot talk to GitHub: Get https://github.com/go-yaml/yaml.git/info/refs?service=git-upload-pack: write tcp 10.131.9.188:60820->140.82.121.3:443: write: broken pipe From the Go documentation; https://go.dev/ref/mod#goproxy-protocol > List elements may be separated by commas (,) or pipes (|), which determine error > fallback behavior. When a URL is followed by a comma, the go command falls back > to later sources only after a 404 (Not Found) or 410 (Gone) response. When a URL > is followed by a pipe, the go command falls back to later sources after any error, > including non-HTTP errors such as timeouts. This error handling behavior lets a > proxy act as a gatekeeper for unknown modules. For example, a proxy could respond > with error 403 (Forbidden) for modules not on an approved list (see Private proxy > serving private modules). Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-06-02 07:12:35 -04:00
ENV GOPROXY=https://proxy.golang.org|direct
RUN --mount=target=/context \
--mount=target=.,type=tmpfs \
--mount=target=/go/pkg/mod,type=cache <<EOT
set -e
rsync -a /context/. .
./scripts/vendor update
mkdir /out
cp -r vendor.mod vendor.sum vendor /out
EOT
FROM scratch AS update
COPY --from=vendored /out /out
FROM vendored AS validate
RUN --mount=target=/context \
--mount=target=.,type=tmpfs <<EOT
set -e
rsync -a /context/. .
git add -A
rm -rf vendor
cp -rf /out/* .
./scripts/vendor validate
EOT
FROM psampaz/go-mod-outdated:${MODOUTDATED_VERSION} AS go-mod-outdated
FROM base AS outdated
RUN --mount=target=.,rw \
--mount=target=/go/pkg/mod,type=cache \
--mount=from=go-mod-outdated,source=/home/go-mod-outdated,target=/usr/bin/go-mod-outdated \
./scripts/vendor outdated