search

chainguard-dev / gobump

Go tool to declaratively bump dependencies.
Apache License 2.0
7 stars 11 forks source link

introduce new `--skip-initial-tidy` flag #36

Closed Dentrax closed 3 months ago

Dentrax commented 3 months ago

This flag would be useful for the cases where old packages contains old dependencies that would require to do replace or update before running go mod tidy.

For example, for the following case: https://github.com/iwilltry42/confd

It's impossible to use gobump since one of dependencies got renamed, that required replace first:

gobump --packages "github.com/coreos/etcd@v3.3.15 github.com/gogo/protobuf@v1.3.2 golang.org/x/net@v0.26.0 golang.org/x/sys@v0.22.0 golang.org/x/tex
t@v0.16.0 gopkg.in/yaml.v2@v2.4.0" --tidy=true --replaces="github.com/hashicorp/consul=github.com/hashicorp/consul@v1.10.0 github.com/coreos/bbolt=github.com/coreos/bbolt@v1.3.3 google.golang.org/grpc=google.golang.org/grpc@v1.29.0 github.com/hashicorp/vault=github.com/hashicorp/vault@v1.10.0"
go: github.com/iwilltry42/confd/backends/consul imports
    github.com/hashicorp/consul/api tested by
    github.com/hashicorp/consul/api.test imports
    github.com/hashicorp/serf/serf imports
    github.com/armon/go-metrics: github.com/armon/go-metrics@v0.5.3: parsing go.mod:
    module declares its path as: github.com/hashicorp/go-metrics
            but was required as: github.com/armon/go-metrics

The new --skip-initial-tidy flag solves that by skipping the first go mod tidy run. So that we able to do required updates and replaces before run go mod tidy.

Do git reset --hard and append the new --skip-initial-tidy flag, then expect to see a success output:

2024/08/03 14:58:05 Local Go version: 1.22.5
2024/08/03 14:58:05 Update package: github.com/hashicorp/consul
2024/08/03 14:58:05 Running go mod edit replace ...
2024/08/03 14:58:05 Update package: github.com/coreos/bbolt
2024/08/03 14:58:05 Running go mod edit replace ...
2024/08/03 14:58:05 Update package: google.golang.org/grpc
2024/08/03 14:58:05 Running go mod edit replace ...
2024/08/03 14:58:05 Update package: github.com/hashicorp/vault
2024/08/03 14:58:05 Running go mod edit replace ...
2024/08/03 14:58:05 Update package: github.com/coreos/etcd
2024/08/03 14:58:05 Running go mod edit -droprequire ...
2024/08/03 14:58:05 Running go get ...
2024/08/03 14:58:47 Update package: github.com/gogo/protobuf
2024/08/03 14:58:47 Running go mod edit -droprequire ...
2024/08/03 14:58:47 Running go get ...
2024/08/03 14:58:48 Update package: golang.org/x/net
2024/08/03 14:58:48 Running go mod edit -droprequire ...
2024/08/03 14:58:48 Running go get ...
2024/08/03 14:58:50 Update package: golang.org/x/sys
2024/08/03 14:58:50 Running go get ...
2024/08/03 14:58:50 Update package: golang.org/x/text
2024/08/03 14:58:50 Running go mod edit -droprequire ...
2024/08/03 14:58:50 Running go get ...
2024/08/03 14:58:51 Update package: gopkg.in/yaml.v2
2024/08/03 14:58:51 Running go mod edit -droprequire ...
2024/08/03 14:58:51 Running go get ...
2024/08/03 14:58:53 Running go mod tidy with go version '1.22.5' ...
2024/08/03 14:59:18 Running go mod vendor...
hectorj2f commented 3 months ago

Once we ship it, we should add a flag to the gobump pipeline in Wolfi.

Dentrax commented 3 months ago

Looks good to me overall. @Dentrax Could you a test to test this new functionality ?

Thank you @hectorj2f, I have tried to add a unit test but I'm not sure if I did handle the case correctly. Please take a look when possible.

Dentrax commented 3 months ago

CI is failing because of: 'go mod tidy': exit status 2 with output: invalid value "1.20.14" for flag -go: expecting a Go version like "1.20"

Dentrax commented 3 months ago

Thanks for the fixing the CI issue!