Skip to content

Commit 7091f13

Browse files
IshiruiofekAliDatadog
authored
[Backport 7.80.x] [#incident-56663] Prefer DNS endpoint in CI for mirrored Go packages (#52499) (#52698)
Backport of #52499 Co-authored-by: ofek <ofekmeister@gmail.com> Co-authored-by: ali.benabdallah <ali.benabdallah@datadoghq.com>
1 parent d502ce1 commit 7091f13

16 files changed

Lines changed: 108 additions & 20 deletions

File tree

.adms/bazel/adms.mirror.cfg

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,9 @@ allow depot-read-api-bzl.us1.ddbuild.io
99
allow depot-read-api-cli.us1.ddbuild.io
1010
allow depot-read-api-generic.us1.ddbuild.io
1111
allow depot-read-api-go.us1.ddbuild.io
12+
# Preferred first in GOPROXY (see .adms/go/gitlab.yaml); allow it here so Bazel's
13+
# downloader doesn't block it.
14+
allow depot-read-api-go.rapid-dependency-management-depot.all-clusters.local-dc.fabric.dog
1215
allow depot-read-api-java.us1.ddbuild.io
1316
allow depot-read-api-python.us1.ddbuild.io
1417
allow registry.ddbuild.io

.adms/go/gitlab.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
# DO NOT EDIT
22

33
variables:
4-
GOPROXY: "https://depot-read-api-go.us1.ddbuild.io/magicmirror/magicmirror/@current/|https://depot-read-api-go.us1.ddbuild.io/magicmirror/testing/@current/|https://depot-read-api-go.us1.ddbuild.io/magicmirror/magicmirror/@current/|https://depot-read-api-go.us1.ddbuild.io/magicmirror/testing/@current/|https://depot-read-api-go.us1.ddbuild.io/magicmirror/magicmirror/@current/|https://depot-read-api-go.us1.ddbuild.io/magicmirror/testing/@current/"
4+
GOPROXY: "https://depot-read-api-go.rapid-dependency-management-depot.all-clusters.local-dc.fabric.dog:8443/magicmirror/magicmirror/@current/|https://depot-read-api-go.us1.ddbuild.io/magicmirror/magicmirror/@current/|https://depot-read-api-go.us1.ddbuild.io/magicmirror/testing/@current/|https://depot-read-api-go.us1.ddbuild.io/magicmirror/magicmirror/@current/|https://depot-read-api-go.us1.ddbuild.io/magicmirror/testing/@current/|https://depot-read-api-go.us1.ddbuild.io/magicmirror/magicmirror/@current/|https://depot-read-api-go.us1.ddbuild.io/magicmirror/testing/@current/"
55
GONOSUMDB: "github.com/DataDog,go.ddbuild.io"
66
GOPRIVATE: ""

.gitlab-ci.yml

Lines changed: 10 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,4 @@
11
---
2-
32
# Condition mixins for simplification of rules, needed in the include rules so must be defined first
43
.if_run_all_e2e_tests: &if_run_all_e2e_tests
54
if: $RUN_E2E_TESTS == "on"
@@ -20,8 +19,7 @@
2019
if: $DEPLOY_AGENT == "true" || $DDR_WORKFLOW_ID != null
2120

2221
# Windows-specific Go source files, pkg/, and cmd/ (27 paths), need to be splitted because Gitlab has a limit to 50 paths in a single rule
23-
.windows_path: &windows_path
24-
# Windows-specific Go source files (by filename convention)
22+
.windows_path: &windows_path # Windows-specific Go source files (by filename convention)
2523
- "**/*_windows.go"
2624

2725
# Windows-specific packages in pkg/
@@ -62,8 +60,7 @@
6260
- bazel/**/*
6361

6462
# Windows-specific comp/, tools, omnibus, containers, tasks, and cross-cutting paths
65-
.windows_path_2: &windows_path_2
66-
# Windows-specific comp/ components
63+
.windows_path_2: &windows_path_2 # Windows-specific comp/ components
6764
- comp/systray/**/*
6865
- comp/updater/**/*
6966
- comp/checks/agentcrashdetect/**/*
@@ -268,21 +265,21 @@ variables:
268265
# Build images versions
269266
# To use images from datadog-agent-buildimages dev branches, set the corresponding
270267
# SUFFIX variable to
271-
CI_IMAGE_BTF_GEN: v119060732-b96df210
268+
CI_IMAGE_BTF_GEN: v120692793-bcaaf163
272269
CI_IMAGE_BTF_GEN_SUFFIX: ""
273-
CI_IMAGE_DOCKER_X64: v119060732-b96df210
270+
CI_IMAGE_DOCKER_X64: v120692793-bcaaf163
274271
CI_IMAGE_DOCKER_X64_SUFFIX: ""
275-
CI_IMAGE_DOCKER_ARM64: v119060732-b96df210
272+
CI_IMAGE_DOCKER_ARM64: v120692793-bcaaf163
276273
CI_IMAGE_DOCKER_ARM64_SUFFIX: ""
277-
CI_IMAGE_GITLAB_AGENT_DEPLOY: v119060732-b96df210
274+
CI_IMAGE_GITLAB_AGENT_DEPLOY: v120692793-bcaaf163
278275
CI_IMAGE_GITLAB_AGENT_DEPLOY_SUFFIX: ""
279-
CI_IMAGE_LINUX: v119060732-b96df210
276+
CI_IMAGE_LINUX: v120692793-bcaaf163
280277
CI_IMAGE_LINUX_SUFFIX: ""
281-
CI_IMAGE_RPM_X64: v119060732-b96df210
278+
CI_IMAGE_RPM_X64: v120692793-bcaaf163
282279
CI_IMAGE_RPM_X64_SUFFIX: ""
283-
CI_IMAGE_RPM_ARM64: v119060732-b96df210
280+
CI_IMAGE_RPM_ARM64: v120692793-bcaaf163
284281
CI_IMAGE_RPM_ARM64_SUFFIX: ""
285-
CI_IMAGE_RPM_ARMHF: v119060732-b96df210
282+
CI_IMAGE_RPM_ARMHF: v120692793-bcaaf163
286283
CI_IMAGE_RPM_ARMHF_SUFFIX: ""
287284
CI_IMAGE_WIN_LTSC2022_X64: v119060732-b96df210
288285
CI_IMAGE_WIN_LTSC2022_X64_SUFFIX: ""
@@ -420,7 +417,6 @@ variables:
420417
.if_installer_tests: &if_installer_tests
421418
if: ($CI_COMMIT_BRANCH == "main" || $DEPLOY_AGENT == "true" || $RUN_E2E_TESTS == "on" || $DDR_WORKFLOW_ID != null) && $RUN_E2E_TESTS != "off"
422419

423-
424420
# When RUN_E2E_TESTS is set to "auto". We do not enforce a behavior for the tests.
425421
# The behavior of each test will be defined by its rules.
426422
# For example for new-e2e tests created by each team, here is an example of such rules: https://github.com/DataDog/datadog-agent/blob/ba7079d92077ab5898378594dcafb9cd88a77e57/.gitlab-ci.yml#L1160-L1167
@@ -693,7 +689,6 @@ workflow:
693689
when: manual
694690
allow_failure: true
695691

696-
697692
.on_main_or_release_branch_or_deploy_always:
698693
- <<: *if_deploy
699694
when: always

.gitlab/.pre/common/macos.yml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -84,6 +84,8 @@
8484
before_script:
8585
- !reference [.vault_login]
8686
- !reference [.aws_retry_config]
87+
# Drop GOPROXY entries not usable from macOS runners, before any go command.
88+
- !reference [.sanitize_goproxy]
8789
# Selecting the current Go version
8890
- |
8991
eval $(gimme $(cat .go-version))

.gitlab/.pre/deps_fetch/deps_fetch.yml

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,16 @@
33
# Contains jobs which fetch go dependencies, in order
44
# to reuse them in further jobs that need them.
55

6+
# Keep GOPROXY entries usable from the current environment; drop the rest.
7+
.sanitize_goproxy:
8+
- . tools/ci/sanitize-goproxy.sh
9+
10+
# Windows host equivalent, for jobs that forward GOPROXY into a container.
11+
.sanitize_goproxy_windows:
12+
- . ./tools/ci/sanitize-goproxy.ps1
13+
614
.retrieve_linux_go_deps:
15+
- !reference [.sanitize_goproxy]
716
- mkdir -p $GOPATH/pkg/mod/cache && zstd -dc modcache.tar.zst | tar xf - -C $GOPATH/pkg/mod/cache
817
- rm -f modcache.tar.zst
918

.gitlab/build/bazel/defs.yml

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -85,10 +85,16 @@
8585
.bazel:runner:macos-amd64:
8686
extends: .bazel:defs:cache:macos
8787
tags: [ "macos:sonoma-amd64", "specific:true" ]
88+
# Drop GOPROXY entries not usable from macOS runners before bazel forwards
89+
# GOPROXY into its repository rules.
90+
before_script:
91+
- !reference [.sanitize_goproxy]
8892

8993
.bazel:runner:macos-arm64:
9094
extends: .bazel:defs:cache:macos
9195
tags: [ "macos:sonoma-arm64", "specific:true" ]
96+
before_script:
97+
- !reference [.sanitize_goproxy]
9298

9399
.bazel:runner:windows-amd64:
94100
extends: [ .bazel:defs:cache:windows, .windows_docker_default ]

.gitlab/build/binary_build/schema_generation.yml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -83,6 +83,7 @@ generate_config_schema-windows:
8383
ARCH: "x64"
8484
script:
8585
- $ErrorActionPreference = "Stop"
86+
- !reference [.sanitize_goproxy_windows]
8687
- >
8788
.\tools\ci\docker-run-with-bazel-cache.ps1
8889
-m 8192M

.gitlab/build/source_test/kmt_tasks.yml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -40,6 +40,8 @@ test_kmt_local_setup_macos:
4040
before_script:
4141
- !reference [.vault_login]
4242
- !reference [.aws_retry_config]
43+
# Drop GOPROXY entries not usable from macOS runners, before any go command.
44+
- !reference [.sanitize_goproxy]
4345
- !reference [.setup_github_token_read]
4446
# Selecting the current Go version
4547
- |

.gitlab/windows/build/binary_build/windows.yml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,7 @@ build_windows_container_entrypoint:
1111
ARCH: "x64"
1212
script:
1313
- $ErrorActionPreference = "Stop"
14+
- !reference [.sanitize_goproxy_windows]
1415
- if (Test-Path build-out) { remove-item -recurse -force build-out }
1516
- >
1617
docker run --rm

.gitlab/windows/build/lint/windows.yml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,7 @@
66
extends: .windows_docker_default
77
script:
88
- $ErrorActionPreference = "Stop"
9+
- !reference [.sanitize_goproxy_windows]
910
- !reference [.docker_pull_winbuildimage_instrumented]
1011
# Previously this job required only 8Gb of memory but since Go 1.20 it requires more to avoid being OOM killed.
1112
# Each Windows VM has 32Gb of memory and contains 3 runners that can run one job at a time each (so a maximum of 3 simultaneous jobs per VM).

0 commit comments

Comments
 (0)