Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

vendor: migrate to "golang/dep" #9155

Merged
merged 19 commits into from
Jan 25, 2018
Merged

vendor: migrate to "golang/dep" #9155

merged 19 commits into from
Jan 25, 2018

Conversation

gyuho
Copy link
Contributor

@gyuho gyuho commented Jan 16, 2018

Fix #7225.

@codecov-io
Copy link

codecov-io commented Jan 17, 2018

Codecov Report

❗ No coverage uploaded for pull request base (master@6a80e94). Click here to learn what that means.
The diff coverage is n/a.

Impacted file tree graph

@@            Coverage Diff            @@
##             master    #9155   +/-   ##
=========================================
  Coverage          ?   75.94%           
=========================================
  Files             ?      359           
  Lines             ?    30046           
  Branches          ?        0           
=========================================
  Hits              ?    22817           
  Misses            ?     5634           
  Partials          ?     1595

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 6a80e94...c16473f. Read the comment docs.

!vendor/**/License*
!vendor/**/LICENCE*
!vendor/**/LICENSE*
vendor/**/*_test.go
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

new line

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just added.

@gyuho
Copy link
Contributor Author

gyuho commented Jan 17, 2018

Major change would be enforcing etcd dependencies (e.g. grpc-go v1.7.5 on clientv3) on go get commands. Previously, we didn't do it to let users choose their own gRPC version. Now, clientv3 is so sensitive to gRPC versions, so it has to be enforced. Also, Go 1.9 type alias won't complain about context import conflicts.

@gyuho
Copy link
Contributor Author

gyuho commented Jan 18, 2018

@sdboyer Could you quickly go over this?

Gopkg.toml 35cae90
scripts/updatedep.sh 9a75a2a

1838ee1 is the diff between glide + glide vc --only-code --no-tests and dep with gitignore.

dep is still missing complete prune feature (e.g. for etcd, github.com/golang/groupcache/... are directive dependencies, but not github.com/golang/groupcache itself. But, dep does not prune github.com/golang/groupcache although it's never used.). However, I think we are ok with it. Other than that, golang/dep works great!

build Outdated
@@ -36,31 +36,14 @@ etcd_build() {
# Static compilation is useful when etcd is run in a container. $GO_BUILD_FLAGS is OK

# shellcheck disable=SC2086
CGO_ENABLED=0 go build $GO_BUILD_FLAGS -installsuffix cgo -ldflags "$GO_LDFLAGS" -o "${out}/etcd" ${REPO_PATH}/cmd/etcd || return
CGO_ENABLED=0 go build $GO_BUILD_FLAGS -installsuffix cgo -ldflags "$GO_LDFLAGS" -o "${out}/etcd" . || return
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i think having ${REPO_PATH} as build path is more strict.

build Outdated
rm -rf "${etcdGOPATH}/src"
mkdir -p "${etcdGOPATH}"
ln -s "${CDIR}/cmd/vendor" "${etcdGOPATH}/src"
CGO_ENABLED=0 go build $GO_BUILD_FLAGS -installsuffix cgo -ldflags "$GO_LDFLAGS" -o "${out}/etcdctl" ./etcdctl || return
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

maybe have ${REPO_PATH}/etcdctl? i think it is more strict.

@fanminshi
Copy link
Member

lgtm after few suggestions.

Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
@gyuho gyuho merged commit aadfb2b into etcd-io:master Jan 25, 2018
@gyuho gyuho deleted the dep branch January 25, 2018 01:34
@sdboyer
Copy link

sdboyer commented Jan 25, 2018

ack. sorry. i was taken up all this week with the new release of dep. awesome to see you pulled the trigger, though!

the comments i'd make are:

  1. it's redundant, and potentially harmful, to specify source in Gopkg.toml when it's not actually needed (and it's not in any of the cases i saw from skimming).
  2. unless there's a specific reason that you need exactly those revisions for all those projects, and that they NEVER change under ANY circumstances, it's preferable that you instead just specify e.g. branch = "master", and trust Gopkg.lock to give you the version stability you want.
  3. v0.4.1 of dep prunes automatically, and you have more granular controls over it from within Gopkg.toml.
  4. overrides should also be avoided, when possible. they can be useful as a one-time way of getting Gopkg.lock to the right place, but once you've done that, you should ideally be able to remove them.
  5. strongly prefer released versions to go get-ing tip. we should have a curl-able installer soon Install.sh script for dep golang/dep#1533

@gyuho
Copy link
Contributor Author

gyuho commented Jan 25, 2018

@sdboyer Awesome. Thanks for the tips! We will address those shortly!

@tamird
Copy link
Contributor

tamird commented Jan 26, 2018

There are some really unfortunate side effects as a result of this. For instance, cockroachdb wants to use a newer version of gogo/protobuf than what's specified in your new Gopkg.toml - the result is that dep will refuse to ignore etcd's specified version and won't resolve (in the presence of the two constraints etcd.branch = master and protobuf.branch = master).

As far as I know, there's no workaround here, other than for etcd to be very careful to not over-constrain your dependencies (and currently they appear to all be maximally constrained; your Gopkg.toml is roughly equivalent to your Gopkg.lock).

@xiang90
Copy link
Contributor

xiang90 commented Jan 26, 2018

@tamird

can you move the discussion to here #9224?

thanks!

@gyuho
Copy link
Contributor Author

gyuho commented Jan 26, 2018

@tamird Wasn't aware of it. We did over-constrain the dependencies to minimize difference during migration. But open to any workaround if that works for external projects.

I see https://github.com/cockroachdb/cockroach/blob/master/Gopkg.toml#L92

[[constraint]]
  name = "github.com/gogo/protobuf"
  branch = "master"

Would [[override]] work for cockroachdb/cockroach?

@tamird
Copy link
Contributor

tamird commented Jan 26, 2018

@gyuho no, that still doesn't work.

You can, at minimum, remove all [constraint]s from Gopkg.toml now that you have a Gopkg.lock.

@gyuho
Copy link
Contributor Author

gyuho commented Jan 26, 2018

Replacing all our constraints with branch = "master" would work?

@sdboyer
Copy link

sdboyer commented Jan 26, 2018

why does an override not work? this is what they're actually designed for.

@tamird
Copy link
Contributor

tamird commented Jan 26, 2018

@gyuho you shouldn't need any constraints at all, provided you don't run dep ensure -update. The Gopkg.lock will prevent any of the versions from changing.

I'm suggesting you simply delete all the [constraint]s without replacement.

@sdboyer "why" is a bit of an academic question - I can't tell you why. All I know is that using [override] produces the exact same result as using [constraint] in this case. Here's the key line of output, in case it's helpful:

Solving failure: No versions of github.com/coreos/etcd met constraints:
...
master: Could not introduce github.com/coreos/etcd@master, as it depends on github.com/gogo/protobuf from https://github.com/gogo/protobuf, but github.com/gogo/protobuf is already marked as coming from github.com/gogo/protobuf by github.com/cockroachdb/cockroach

@sdboyer
Copy link

sdboyer commented Jan 26, 2018

I'm not sure what makes "why" an academic question - that's the info i needed.

the problem is a conflict on source. you can also issue an override on that.

@gyuho
Copy link
Contributor Author

gyuho commented Jan 26, 2018

I'm fine with deleting constraints from Gopkg.toml, but that means etcd will need hand-maintain Gopkg.lock, which is also fine with me:

Gopkg.lock is autogenerated; editing it manually is generally an antipattern. If there is a goal you can only achieve by hand-editing Gopkg.lock, it is at least a feature request, and likely a bug.

@sdboyer Is this the valid use case for editing Gopkg.lock? Or I'm missing something.

@tamird
Copy link
Contributor

tamird commented Jan 26, 2018

@sdboyer yeah, that seems to work, but requires an override for every overlapping dependency (of which github.com/gogo/protobuf is just one).

@gyuho why do you need to hand-edit Gopkg.lock? You can update single packages with dep ensure -update <pkg>. Are you often updating to a version that is not the latest?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Development

Successfully merging this pull request may close these issues.

7 participants