Commit graph

22 commits

Author SHA1 Message Date
Bjorn Neergaard
9f004830a5
hack/validate/vendor: clean up license validation step
Signed-off-by: Bjorn Neergaard <bneergaard@mirantis.com>
2022-11-18 08:18:10 -07:00
Bjorn Neergaard
dbd76848ca
hack/validate/vendor: split tidy from vendor
Signed-off-by: Bjorn Neergaard <bneergaard@mirantis.com>
2022-11-18 08:18:09 -07:00
Sebastiaan van Stijn
b9fd2cf605
validate: format vendor script with shfmt
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-08-29 19:53:02 +02:00
Sebastiaan van Stijn
325c3a457b
hack/vendor.sh: run "go mod tidy" before vendoring
The hack/vendor.sh script is used to (re)vendor dependencies. However, it did
not run `go mod tidy` before doing so, wheras the vendor _validation_ script
did.

This could result in vendor validation failing if go mod tidy resulted in
changes (which could be in `vendor.sum`).

In "usual" situations, this could be easily done by the user (`go mod tidy`
before running `go mod vendor`), but due to our (curent) uses of `vendor.mod`,
and having to first set up a (dummy) `go.mod`, this is more complicated.

Instead, just make the script do this, so that `hack/vendor.sh` will always
produce the expected result.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-05 11:25:23 +01:00
Ilya Dmitrichenko
a46f968229
vendor: replace vndr with go mod vendor
- use `vendor.mod` instead of `go.mod` to avoid issues to do with
  use of CalVer, not SemVer
- ensure most of the dependency versions do not change
  - only zookeeper client has to change (via docker/libkv#218) as
    previously used version is no longer maintained and has missing
    dependencies

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-01-18 15:46:00 +01:00
Kevin Parsons
3334fb9af1 Fix up vndr tooling
- Fix the error message in hack/validate/vendor to specify that
  hack/vendor.sh should be run instead of vndr.
- Fix hack/vendor.sh to also match on Windows paths for the whitelist.
  This allows the script to be run on Windows via Git Bash.

Signed-off-by: Kevin Parsons <kevpar@microsoft.com>
2021-07-13 09:45:07 -07:00
moby
31b2c3bbd9
hack/vendor: add check for vendored archive/tar
Also allow re-vendoring using `./hack/vendor.sh archive/tar`

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-05-20 18:57:52 +02:00
Tonis Tiigi
7260adfff9 vendor: add local copy of archive/tar
This version avoids doing name lookups on creating tarball that
should be avoided in to not hit loading glibc shared libraries.

Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
(cherry picked from commit aa6a9891b0)
Signed-off-by: Tibor Vass <tibor@docker.com>
2020-04-24 11:22:24 -07:00
Chris Price
9f94cfdc57 Vendor check to succeed even if copyright information is not found
The documentation for validate_vendor_used in hack/validate/vendor states
that a warning will be emitted if license information cannot be found in
a vendored package. However, because the script is run with pipefail set
(owing to the inclusion of the common validation script .validate) and
`grep -c` is used, the entire script will fail whenever license information
cannot be found in a vendored package.

Signed-off-by: Chris Price <cprice@mirantis.com>
2020-02-13 06:08:44 -08:00
Sebastiaan van Stijn
545e81714b
hack/validate: allow forcing validation
This introduces a FORCE_VALIDATE environment variable, which allows
forcing some validation steps, even if no changes were detected.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-12-19 18:03:55 +01:00
Kir Kolyshkin
5791019028 hack/validate/vendor: simplify looking for license
It was suggested that we use '.*\(COPYING\|LICENSE\|COPYRIGHT\).*'
as an argument to `find -iregex`, and this is how it all started.

Next thing, there is no COPYRIGHT in any of the vendored packages,
so it can be removed for good.

Next, we should not look too deep inside the package directory, as
the license should be in its root directory, so add `-maxdepth 1`
to `find`. This should also speed things up.

Finally, since we're not using the recursion feature of `find`,
it can be replaced with `echo | grep`.

While at it,
* avoid temporary $pkgs variable as it is only used once;
* replace `ls -d "vendor/$f"  > /dev/null 2>&1` with `test -d`.

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2019-10-29 10:59:05 -07:00
Kir Kolyshkin
4be12ad3d0 hack/validate/vendor: shellcheck fixes
The export statement is definitely not needed. The rest is obvious.

> In hack/validate/vendor line 3:
> export SCRIPTDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
>        ^-- SC2155: Declare and assign separately to avoid masking return values.
>
>
> In hack/validate/vendor line 43:
>	if ls -d vendor/$f  > /dev/null 2>&1; then
>                       ^-- SC2086: Double quote to prevent globbing and word splitting.
>
>
> In hack/validate/vendor line 44:
> 		found=$(find vendor/$f -iregex '.*LICENSE.*' -or -iregex '.*COPYRIGHT.*' -or -iregex '.*COPYING.*' | wc -l)
>                                   ^-- SC2086: Double quote to prevent globbing and word splitting.
>
>
> In hack/validate/vendor line 45:
>		if [ $found -eq 0 ]; then
>                    ^-- SC2086: Double quote to prevent globbing and word splitting.

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2019-10-28 19:27:55 -07:00
Kir Kolyshkin
9d4e81e8bf hack/validate/vendor: print diff for modified files
In case some files were modified (rather than merely added
or removed), we're curious to see the diff for those.

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2019-10-28 19:22:28 -07:00
Sebastiaan van Stijn
c3650770cc
Revert "Bash scripts; use double brackets, fix bare variables, add quotes"
This reverts commit 297b30df5f.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-01-10 02:23:38 +01:00
Sebastiaan van Stijn
297b30df5f
Bash scripts; use double brackets, fix bare variables, add quotes
These scripts explicitly use Bash, so we should be able to use
`[[` instead of `[` (which seems to be recommended).

Also added curly brackets to some bare variables, and quoted some paths.

This makes my IDE a bit more silent :-)

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2018-12-24 00:05:14 +01:00
Kir Kolyshkin
ce858feb6a Bump vndr
We can do that now as we're no longer carrying archive/tar.
Note that latest vndr removes vendor/ subdir so we don't have to,
thus the change in hack/validate/vendor.

While at it, re-run a new vndr version to make sure everything
that should be there is.

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2018-09-06 15:24:48 -07:00
Kir Kolyshkin
10fd0516b9 Bump golang to 1.11.0
It's that time of year again! Go 1.11 is released, time to use it.

This commit also

* removes our archive/tar fork, since upstream archive/tar
  is fixed for static builds, and osusergo build tag is set.

* removes ENV GO_VERSION from Dockerfile as it's not needed
  anymore since PR #37592 is merged.

[v2: switch to beta2]
[v3: switch to beta3]
[v4: rc1]
[v5: remove ENV GO_VERSION as PR #37592 is now merged]
[v6: rc2]
[v7: final!]
[v8: use 1.11.0]
[v9: back to 1.11]
[v8: use 1.11.0]

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2018-09-06 15:24:44 -07:00
Daniel Nephin
075fd7a9be Fix vendor validation
Previously adding files to vendor/ without adding to vendor.conf would not fail the
validation.

Also be consistent with indentation and use tabs.

Signed-off-by: Daniel Nephin <dnephin@gmail.com>
2018-02-02 10:49:57 -08:00
Akihiro Suda
051b9a434f hack/validate/vendor: add more checks
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2017-02-16 07:43:03 +00:00
Tianon Gravi
52379fa76d Convert script shebangs from "#!/bin/bash" to "#!/usr/bin/env bash"
This is especially important for distributions like NixOS where `/bin/bash` doesn't exist, or for MacOS users who've installed a newer version of Bash than the one that comes with their OS.

Signed-off-by: Andrew "Tianon" Page <admwiggin@gmail.com>
2017-02-13 11:01:54 -08:00
Alexander Morozov
f2614f2107 project: use vndr for vendoring
Signed-off-by: Alexander Morozov <lk4d4@docker.com>
2016-11-03 15:31:46 -07:00
Daniel Nephin
22033e1003 Move validation out of hack/make
Allow each script to run directly without the hack/make.sh wrapper. These
scripts do not produce artifacts and do not benefit from the "bundles"
framework.

Signed-off-by: Daniel Nephin <dnephin@docker.com>
2016-11-03 14:24:22 -06:00
Renamed from hack/make/validate-vendor (Browse further)