Explicitly set go toolchain in goreleaser config#6420
Explicitly set go toolchain in goreleaser config#6420derekcollison merged 2 commits intonats-io:mainfrom
Conversation
|
To land this, we would need to change .travis.yml and runTestsOnTravis.sh a little, to make sure the way it sets up Go is compatible with setting the toolchain in goreleaser.yml |
philpennock
left a comment
philpennock
left a comment
There was a problem hiding this comment.
We use goreleaser for official releases, and it's a fantastic tool, but people who are developing don't have to run goreleaser to do a regular build. Folks need to be able to run go build and get a working server. So if we remove the toolchain directive from go.mod then we create a regression: folks may end up trying to build with an older version of Go because they don't get the bump up to the minimum specified there.
It should be sufficient to just set GOTOOLCHAIN in the environment, which will override the go.mod directive.
|
@philpennock I am not sure if the toolchain directive was added on purpose or by accident Ok, let's leave go.mod alone in this PR, since that version does not affect goreleaser process, and I am more concerned with having reproducible builds that can be used by other tools, e.g. binaries.nats.dev. |
alexbozhenko
force-pushed
the
set_toolchain
branch
from
a413203 to
2227c37
Compare
Signed-off-by: Alex Bozhenko <alexbozhenko@gmail.com>
alexbozhenko
force-pushed
the
set_toolchain
branch
from
2227c37 to
5f43019
Compare
neilalexander
left a comment
neilalexander
left a comment
There was a problem hiding this comment.
Have discussed this with Alex and I think this is fine with the comment to remind us to also update .goreleaser.yml when bumping up the Go version in .travis.yml.
LGTM, cc @wallyqs for info.
|
@philpennock what changes do you want? That is blocking the ability to merge.. |
|
@philpennock the changes were already addressed, @alexbozhenko had made changes to go.mod here a413203 but those were removed in latest commit |
|
@philpennock once you clear the block I will merge. |
5 participants
Details
We have reproducible binaries, rpms/debs and archives.
And
goreleaser.ymlholds all the knobs that can be tuned to build the binary.The only thing that affects the build and is not defined in the goreleaser config is the go toolchain version.
Currently, we set the version of the go toolchain that is used for releases in Travis:
nats-server/.travis.yml
Lines 11 to 12 in 5e60171
nats-server/.travis.yml
Line 67 in 5e60171
I spent some time trying to understand the behavior of go and toolchain directives. I think setting the toolchain used for releases in .goreleser.yml would make it more explicit and future-proof.
With this change, any human or script who has
go>1.21.0and goreleaser installed can checkout the repo at any commit, run one command, and get binaries that will be exactly as if we were cutting a release on that commit.Several places would benefit from not having to worry about keeping toolchain and all the go build flags in sync:
https://github.com/ConnectEverything/client-tools/blob/eba999ac9a1e107205fbf89ba230df3f80458028/build-nightlies.sh#L184-L188
If we land this, we can update the above places to use
goreleaser build, thus making sure we use exactly the same binary everywhere, and forever forget about managing/updating go versions in other places that need to build the binaryReproducible test plan
Before
Behavior is not hermetic. We depend on toolchain that happens to be installed on the build host.
Local go(`1.21.0`) < one that is specified in go.mod. Go will download and use toolchain from go.mod:
Local go(`1.23.3`) > one that is specified in go.mod. Local toolchain will be used:
After
Local go version (1.23.4) did not affect what was used for the binary
It will download (just like it downloads all the modules)
the version of the toolchain specified in goreleaer config, and use it for building the binary.
Any go >= go1.21.0 (released 2023-08-08) will build exactly the same binary:
To build using specific toolchain one would set the
GORELEASER_TOOLCHAINenv variable:Note that starting from go1.24.0 we can use the tool directive in go.mod, and even version goreleaser itself. It will look something like this: