search

fluxcd / flux

Successor: https://github.com/fluxcd/flux2
https://fluxcd.io
Apache License 2.0
6.9k stars 1.08k forks source link

Required upgrade for circleci #3596

Closed kingdonb closed 2 years ago

kingdonb commented 2 years ago

Fix #3592

We are deprecating Ubuntu 16.04-based machine images on CircleCI in preparation for an EOL on Tuesday, May 31

(Replaces #3591)

The reason for a change in Makefile is that newer CircleCI images effectively prohibit us from overriding GOPATH in the environment block of .circleci/config.yml – the GOPATH is set to have two directories by default, we can't override it, and only the first is used for inferring a default GOBIN.

I am not certain if allowing GOPATH to be set as defaulted can have any other negative side-effects, but this seems to be the least impact change possible that will allow us to go on building after May 31.

Tested a few different approaches to solving this on my fork at kingdonb/flux and pretty much settled that other approaches have drawbacks that make this the best option. I experimented with using an orb called persist-env and I think that would be rejected for security concerns (though it also worked to solve the issue, when I bypassed a security warning.)

Those tests are on my personal fork, I have not bypassed any security warnings for the Flux PR to merge.

kingdonb commented 2 years ago

The build is passing again, with this PR. I will make some PRs to resolve any outstanding security issues that I can pick up and resolve easily in the base image, then prepare the next release.

I'm not sure if we can move to alpine 3.15, but the alpine 3.14 support with security updates is still good for 1 year + so, it should not be a concern in the short-term.

kingdonb commented 2 years ago

@stefanprodan Please review and 👍 if you have a moment! 🙇