The version we currently have doesn't support Go 1.22 properly, so it
throws a bunch of warnings locally when trying to run it with the latest
Go version installed. Just running the latest version locally also
doesn't quite work, since it throws a bunch of errors from the
perfsprint linter, which seems to have gotten stricter.
Upgrade to the latest version of golangci-lint, and fix all the errors
we're getting from it. Mostly done via `perfsprint -fix`, with some
manual changes that `perfsprint -fix` wouldn't touch.
Addresses two issues with codegen templates in the Go SDK:
1. `type_builtins.go.template` was including an import for a package
that doesn't exist. (The import doesn't exist in the current generated
code that is checked-in). This change removes the import line from the
template.
2. Some changes had been made directly to `config/require.go`, but this
is a generated file -- the changes should have been made to the
template. This change moves the changes to the template.
After the changes to these templates, running `make gen` in `sdk/go`
yields no diffs.
Fixes#13871
Upgrade to latest version of golangci-lint
and fix or opt-out the issues it caught.
The false positives are:
```
sdk/go/common/workspace/plugins_test.go:512:3: G101: Potential hardcoded credentials (gosec)
pkg/resource/deploy/builtins.go:180:2: G101: Potential hardcoded credentials (gosec)
```
The fixed issues are:
```
pkg/resource/deploy/deploytest/pluginhost.go:440:16: G601: Implicit memory aliasing in for loop. (gosec)
Version: &v.version,
^
pkg/engine/lifecycletest/alias_test.go:58:25: G601: Implicit memory aliasing in for loop. (gosec)
DeleteBeforeReplace: &r.deleteBeforeReplace,
^
```
# Description
This PR removes Bors in favor of native GitHub merge queues. A very
similar
cutover was tested and verified in
https://github.com/pulumi/watchutil-rs/pull/39.
# Deployment plan
* [x] Find some time where PRs aren't being merged. This is mostly to
minimize confusion
while we're futzing with branch protections.
* [x] Update the repo's branch protection rules to match
https://github.com/pulumi/watchutil-rs/pull/38:
* "Allow specified actors to bypass required pull requests": "bors" →
Unchecked
* "Status checks that are required": "bors" → "ci-ok"
* "Require merge queue": Unchecked → Checked
* "Only merge non-failing pull requests" → Unchecked
* "Merge method" → Squash and merge
* [ ] Merge this PR using the "Merge when ready" button.
* [ ] If it merges successfully: confirm the prepare-release step ran
and published
pre-release artifacts.
* [ ] If the merge fails: it's possible we'll need to tweak steps
slightly
(e.g. if the step's name doesn't match the branch protection rule). The
end goal is a "ci-ok" step in both the PR and merge workflows that
captures whether everything is green.
* [ ] If the issues aren't immediately resolvable, revert the changes
made
to branch protection settings. Folks will continue to merge with
Bors.
If all goes well, we should be able to continue merging with MQ for a
while --
at least long enough to cut a new CLI release. Once we're confident we
won't
need to roll back:
* [ ] Delete branch protection rules for:
* staging
* testing
* [ ] Remove pu/pu from https://app.bors.tech/repositories
Fixes https://github.com/pulumi/pulumi/issues/13501
## Checklist
- [ ] I have run `make tidy` to update any new dependencies
- [ ] I have run `make lint` to verify my code passes the lint check
- [ ] I have formatted my code using `gofumpt`
<!--- Please provide details if the checkbox below is to be left
unchecked. -->
- [ ] I have added tests that prove my fix is effective or that my
feature works
<!---
User-facing changes require a CHANGELOG entry.
-->
- [ ] I have run `make changelog` and committed the
`changelog/pending/<file>` documenting my change
<!--
If the change(s) in this PR is a modification of an existing call to the
Pulumi Cloud,
then the service should honor older versions of the CLI where this
change would not exist.
You must then bump the API version in
/pkg/backend/httpstate/client/api.go, as well as add
it to the service.
-->
- [ ] Yes, there are changes in this PR that warrants bumping the Pulumi
Cloud API version
<!-- @Pulumi employees: If yes, you must submit corresponding changes in
the service repo. -->
The golangci-lint-action comes with its own caching logic,
which includes caching Go build data.
We should not have setup-go caching enabled in that case.
ref: https://github.com/golangci/golangci-lint-action#how-to-use
Note the `cache: false`.
Note that usually setup-go doesn't take much time,
but sometimes it fails while downloading or uploading the cache.
This just drops an occasional source of flakiness in the job.
When the 'go mod tidy' lint check fails,
it prints a simple error message reporting the failure.
Most will resort to running `go mod tidy` manually
to attempt to fix this, but this will not always work.
We need to run `./scripts/tidy.sh` which updates all go.mod files
and includes specific compatibility flags.
Adds a `make lint_golang` target that lints all Go packages
in one command instead of copy-pasting between them.
Instead of duplicating the list of packages in ci-lint,
use the golangci-lint-action to install the linter once,
and let the `make` target actually run it.
The primary motivation for this is to reduce duplication in CI setup
in anticipation of adding a new package to the list.
Usage notes:
- The `--path-prefix` flag ensures that file paths
in the error messages are correct.
- The optional GOLANGCI_LINT_ARGS variable allows adding additional
arguments.
We use this to opt-into github-actions-friendly output in CI.
When we introduced Rome into the Node SDK, we added a Make rule
for formatting separate from our linting rule. This commit moves
format-checking into the lint rule so that the Node SDK's Make rules
will more closely match the Python SDK's Make rules.
Now, in both SDKs, `make lint` also checks formatting.
This commit adds the Rome autoformatter to the Node SDK toolchain.
It adds rules to the Makefile to validate formatting in CI, and to
autoformat. Lastly, it updates CI to ensure each commit correctly formats
the code.
Instead of rolling our own caching logic,
use the official golangci-lint-action
and run `go mod tidy` concurrently.
This has a few advantages over the current setup:
- Non-container builds are faster to run
(we take ~20 seconds to set up the container)
- golangci-lint-action's caching logic is better:
it periodically invalidates itself automatically
- `go mod tidy` takes over am inute to run;
this can be done in parallel
Caveats:
- golangci-lint-action does not support multiple modules in one call,
so we have to run the action separately for each submodule.
- We have to duplicate some of what `make lint` specifies.
If we ever add more checks to `make lint`,
we'll need to also update this job.
Refs #12019
Supersedes #12029
Add a go.work workspace with pkg, sdk, and tests only in CI
when linting the Go code.
In `make lint`, pick between "lint all together"
and "lint all separately"
based on whether we're in a Go workspace.