From bb24c7ce1f048a01cba5ae7dcfe0813e127cfd42 Mon Sep 17 00:00:00 2001 From: Paul Jolly Date: Tue, 3 Sep 2024 17:18:33 +0100 Subject: [PATCH] internal/ci: set GOTOOLCHAIN=local as part of installGo MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Installing a specific version of Go in a CI matrix has intent: i.e. we intend to use that verison for everything. The default value for GOTOOLCHAIN is 'auto'. Per: https://go.dev/doc/toolchain this has the effect of downloading other toolchains as required by go.mod files of dependencies etc. We don't want this: we want to fail in case the version intended by CI is not appropriate. The doc comment in internal/ci/base/github.cue motivates why (for now) we set this variable as part of the installGo step. TL;DR - it localises the setting of a variable pertinent only to jobs that require Go (and the installation of Go is required because it is not part of the base image on all platforms), and an environment variable approach does not work where a matrix of Go versions is involved. Signed-off-by: Paul Jolly Change-Id: I3b0fa04c69dc51d75bafcdf513e0415adf85564d Reviewed-on: https://review.gerrithub.io/c/cue-lang/cue/+/1200599 Reviewed-by: Daniel Martí TryBot-Result: CUEcueckoo --- .github/workflows/release.yml | 6 ++++ .github/workflows/trybot.yml | 6 ++++ internal/ci/base/github.cue | 53 +++++++++++++++++++++++++++++----- internal/ci/github/release.cue | 9 ++++-- internal/ci/github/trybot.cue | 9 ++++-- 5 files changed, 69 insertions(+), 14 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 1e135d1cdc5..ff36b802a1e 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -58,6 +58,12 @@ jobs: with: cache: false go-version: 1.23.0 + - name: Set common go env vars + run: |- + go env -w GOTOOLCHAIN=local + + # Dump env for good measure + go env - name: Setup qemu uses: docker/setup-qemu-action@v3 - name: Set up Docker Buildx diff --git a/.github/workflows/trybot.yml b/.github/workflows/trybot.yml index e6881ae642d..3f73a35f460 100644 --- a/.github/workflows/trybot.yml +++ b/.github/workflows/trybot.yml @@ -71,6 +71,12 @@ jobs: with: cache: false go-version: ${{ matrix.go-version }} + - name: Set common go env vars + run: |- + go env -w GOTOOLCHAIN=local + + # Dump env for good measure + go env - name: Get go mod cache directory id: go-mod-cache-dir run: echo "dir=$(go env GOMODCACHE)" >> ${GITHUB_OUTPUT} diff --git a/internal/ci/base/github.cue b/internal/ci/base/github.cue index d9f081a2ad9..2b078e75388 100644 --- a/internal/ci/base/github.cue +++ b/internal/ci/base/github.cue @@ -15,14 +15,51 @@ bashWorkflow: json.#Workflow & { jobs: [string]: defaults: run: shell: "bash" } -installGo: json.#step & { - name: "Install Go" - uses: "actions/setup-go@v5" - with: { - // We do our own caching in setupGoActionsCaches. - cache: false - "go-version": string +installGo: { + #setupGo: json.#step & { + name: "Install Go" + uses: "actions/setup-go@v5" + with: { + // We do our own caching in setupGoActionsCaches. + cache: false + "go-version": string + } } + + // Why set GOTOOLCHAIN here? As opposed to an environment variable + // elsewhere? No perfect answer to this question but here is the thinking: + // + // Setting the variable here localises it with the installation of Go. Doing + // it elsewhere creates distance between the two steps which are + // intrinsically related. And it's also hard to do: "when we use this step, + // also ensure that we establish an environment variable in the job for + // GOTOOLCHAIN". + // + // Environment variables can only be set at a workflow, job or step level. + // Given we currently use a matrix strategy which varies the Go version, + // that rules out using an environment variable based approach, because the + // Go version is only available at runtime via GitHub actions provided + // context. Whether we should instead be templating multiple workflows (i.e. + // exploding the matrix ourselves) is a different question, but one that + // has performance implications. + // + // So as clumsy as it is to use a step "template" that includes more than + // one step, it's the best option available to us for now. + [ + #setupGo, + + { + json.#step & { + name: "Set common go env vars" + run: """ + go env -w GOTOOLCHAIN=local + + # Dump env for good measure + go env + """ + } + }, + ] } checkoutCode: { @@ -100,7 +137,7 @@ checkoutCode: { earlyChecks: json.#step & { name: "Early git and code sanity checks" - run: "go run ./internal/ci/checks" + run: "go run ./internal/ci/checks" } curlGitHubAPI: { diff --git a/internal/ci/github/release.cue b/internal/ci/github/release.cue index f4d701bd8ca..927d1b9e242 100644 --- a/internal/ci/github/release.cue +++ b/internal/ci/github/release.cue @@ -42,11 +42,14 @@ workflows: release: _repo.bashWorkflow & { jobs: goreleaser: { "runs-on": _repo.linuxMachine if: "${{github.repository == '\(_repo.githubRepositoryPath)'}}" + + let installGo = _repo.installGo & { + #setupGo: with: "go-version": _repo.pinnedReleaseGo + _ + } steps: [ for v in _repo.checkoutCode {v}, - _repo.installGo & { - with: "go-version": _repo.pinnedReleaseGo - }, + for v in installGo {v}, json.#step & { name: "Setup qemu" uses: "docker/setup-qemu-action@v3" diff --git a/internal/ci/github/trybot.cue b/internal/ci/github/trybot.cue index 4f9ce1c8a72..cf51a63bf1e 100644 --- a/internal/ci/github/trybot.cue +++ b/internal/ci/github/trybot.cue @@ -43,6 +43,11 @@ workflows: trybot: _repo.bashWorkflow & { _ } + let installGo = _repo.installGo & { + #setupGo: with: "go-version": goVersionVal + _ + } + // Only run the trybot workflow if we have the trybot trailer, or // if we have no special trailers. Note this condition applies // after and in addition to the "on" condition above. @@ -51,9 +56,7 @@ workflows: trybot: _repo.bashWorkflow & { steps: [ for v in _repo.checkoutCode {v}, - _repo.installGo & { - with: "go-version": goVersionVal - }, + for v in installGo {v}, // cachePre must come after installing Node and Go, because the cache locations // are established by running each tool.