Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrade tool management #2188

Merged
merged 8 commits into from Oct 25, 2023
Merged

Upgrade tool management #2188

merged 8 commits into from Oct 25, 2023

Conversation

wagoodman
Copy link
Contributor

@wagoodman wagoodman commented Oct 2, 2023
edited

This PR does two things primarily:

  • Upgrades the Makefile to a Taskfile. A much smaller Makefile has been left behind for convenience, easy bootstrapping in CI, and for those of use that can't shake the muscle memory of typing make ... (slowly raises hand).
  • Uses binny to manage tools to utilize a caching strategy and improve quality of life while developing. This still keeps all tooling that is used in the repo in a local directory, however, that directory is now .tool instead of .tmp.

Example PR of the update bootstrap tools workflow:

Screenshot 2023-10-07 at 10 42 42 AM

@wagoodman wagoodman force-pushed the move-to-binny branch 23 times, most recently from ab6d488 to 8e3943b Compare October 7, 2023 14:44
@wagoodman wagoodman mentioned this pull request Oct 7, 2023
Closed
@wagoodman
migrate to binny and taskfile
4df14d7 
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
@willmurphyscode
Copy link
Contributor

Is it expected that a github token needs to be in the environment to bootstrap after this change? I just checked out the branch and tried make bootstrap:

❯ make bootstrap
bash: .tool/task: No such file or directory
bash: .tool/task: No such file or directory
make .tool/task
bash: .tool/task: No such file or directory
bash: .tool/task: No such file or directory
1 error occurred:
	* failed to install tool "task": unable to fetch github release go-task/task@v3.30.1: non-200 OK status code: 401 Unauthorized body: "{\"message\":\"Bad credentials\",\"documentation_url\":\"https://docs.github.com/graphql\"}"
make[1]: *** [.tool/task] Error 1
make: *** [bootstrap] Error 2

Am I doing something wrong with this? I checked that I don't have GITHUB_TOKEN set in the environment to rule out an expired one causing this error.

@wagoodman
Copy link
Contributor Author

wagoodman commented Oct 16, 2023
edited

edit: GITHUB_TOKEN is no longer required

I should have mentioned this up front and updated the DEVELOPING.md docs to highlight this -- this does mean that GITHUB_TOKEN would be required in order to bootstrap the tooling. This is a limitation of the Github v4 GraphQL API. The only other path forward is to have a fallback strategy baked into binny that could use the Github v3 REST API, which does not have any authentication requirements for the endpoints in question (but does have pretty strict rate limiting restrictions for unauthenticated users).

This is also a good note for binny: if there is no token and we're using the v4 API, dont attempt to make any calls and return an error that makes more sense.

@wagoodman
update binny to not require github token
3c16625 
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
@wagoodman
Copy link
Contributor Author

With binny v0.6.2 you don't need a GITHUB_TOKEN for installing or even updating tools sourced from a github release page 🎉 (I've also improved the error message when a token is not provided and there is a need to fall back to the v4 github api)

@wagoodman wagoodman marked this pull request as ready for review October 17, 2023 21:56
@wagoodman
added support for automatically building snapshots
e8507df 
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
@wagoodman wagoodman self-assigned this Oct 18, 2023
@wagoodman
detect source changes for snapshot builds
22ae206 
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
@wagoodman
fail workflow explicitly when snapshot cache restoral fails
af7d350 
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
@wagoodman
Merge remote-tracking branch 'origin/main' into move-to-binny
c133c15 
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
@wagoodman
match snapshot restoral paths
dfb44dc 
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
@wagoodman
Merge remote-tracking branch 'origin/main' into move-to-binny
7afa93b 
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
@wagoodman wagoodman merged commit 7315f83 into main Oct 25, 2023
10 checks passed
@wagoodman wagoodman deleted the move-to-binny branch October 25, 2023 13:08
@Porkepix Porkepix mentioned this pull request Nov 7, 2023
Merged
GijsCalis pushed a commit to GijsCalis/syft that referenced this pull request Feb 19, 2024
@wagoodman
Upgrade tool management (anchore#2188)
f12979d 
* migrate to binny and taskfile

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

* update binny to not require github token

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

* added support for automatically building snapshots

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

* detect source changes for snapshot builds

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

* fail workflow explicitly when snapshot cache restoral fails

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

* match snapshot restoral paths

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

---------

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
@wagoodman wagoodman mentioned this pull request May 2, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@spiffcs spiffcs spiffcs approved these changes

Assignees

@wagoodman wagoodman

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@wagoodman @willmurphyscode @spiffcs