Skip to content

Commit ceea175

Browse files
authored
Prefer DNS endpoint in CI for mirrored Go packages (#52499)
### Motivation Service-to-service traffic is supposed to use internal DNS instead of the currently-prioritized gateway proxy, which intermittently throws 503s even though the underlying service is healthy. ### Additional Notes CI will pass when the build images have been updated, as seen here #52547 Co-authored-by: ofek.lev <ofek.lev@datadoghq.com>
1 parent 7ec0f1a commit ceea175

15 files changed

Lines changed: 96 additions & 5 deletions

File tree

.adms/bazel/adms.mirror.cfg

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,9 @@ allow depot-read-api-bzl.us1.ddbuild.io
99
allow depot-read-api-cli.us1.ddbuild.io
1010
allow depot-read-api-generic.us1.ddbuild.io
1111
allow depot-read-api-go.us1.ddbuild.io
12+
# Preferred first in GOPROXY (see .adms/go/gitlab.yaml); allow it here so Bazel's
13+
# downloader doesn't block it.
14+
allow depot-read-api-go.rapid-dependency-management-depot.all-clusters.local-dc.fabric.dog
1215
allow depot-read-api-java.us1.ddbuild.io
1316
allow depot-read-api-python.us1.ddbuild.io
1417
allow mass-read.us1.ddbuild.io

.adms/go/gitlab.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
# DO NOT EDIT
22

33
variables:
4-
GOPROXY: "https://depot-read-api-go.us1.ddbuild.io/magicmirror/magicmirror/@current/|https://depot-read-api-go.us1.ddbuild.io/magicmirror/testing/@current/|https://depot-read-api-go.us1.ddbuild.io/magicmirror/magicmirror/@current/|https://depot-read-api-go.us1.ddbuild.io/magicmirror/testing/@current/|https://depot-read-api-go.us1.ddbuild.io/magicmirror/magicmirror/@current/|https://depot-read-api-go.us1.ddbuild.io/magicmirror/testing/@current/"
4+
GOPROXY: "https://depot-read-api-go.rapid-dependency-management-depot.all-clusters.local-dc.fabric.dog:8443/magicmirror/magicmirror/@current/|https://depot-read-api-go.us1.ddbuild.io/magicmirror/magicmirror/@current/|https://depot-read-api-go.us1.ddbuild.io/magicmirror/testing/@current/|https://depot-read-api-go.us1.ddbuild.io/magicmirror/magicmirror/@current/|https://depot-read-api-go.us1.ddbuild.io/magicmirror/testing/@current/|https://depot-read-api-go.us1.ddbuild.io/magicmirror/magicmirror/@current/|https://depot-read-api-go.us1.ddbuild.io/magicmirror/testing/@current/"
55
GONOSUMDB: "github.com/DataDog,go.ddbuild.io"
66
GOPRIVATE: ""

.gitlab/.pre/common/macos.yml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -84,6 +84,8 @@
8484
before_script:
8585
- !reference [.vault_login]
8686
- !reference [.aws_retry_config]
87+
# Drop GOPROXY entries not usable from macOS runners, before any go command.
88+
- !reference [.sanitize_goproxy]
8789
# Selecting the current Go version
8890
- |
8991
eval $(gimme $(cat .go-version))

.gitlab/.pre/deps_fetch/deps_fetch.yml

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,16 @@
33
# Contains jobs which fetch go dependencies, in order
44
# to reuse them in further jobs that need them.
55

6+
# Keep GOPROXY entries usable from the current environment; drop the rest.
7+
.sanitize_goproxy:
8+
- . tools/ci/sanitize-goproxy.sh
9+
10+
# Windows host equivalent, for jobs that forward GOPROXY into a container.
11+
.sanitize_goproxy_windows:
12+
- . ./tools/ci/sanitize-goproxy.ps1
13+
614
.retrieve_linux_go_deps:
15+
- !reference [.sanitize_goproxy]
716
- mkdir -p $GOPATH/pkg/mod/cache && zstd -dc modcache.tar.zst | tar xf - -C $GOPATH/pkg/mod/cache
817
- rm -f modcache.tar.zst
918

.gitlab/build/bazel/defs.yml

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -85,10 +85,16 @@
8585
.bazel:runner:macos-amd64:
8686
extends: .bazel:defs:cache:macos
8787
tags: [ "macos:sonoma-amd64", "specific:true" ]
88+
# Drop GOPROXY entries not usable from macOS runners before bazel forwards
89+
# GOPROXY into its repository rules.
90+
before_script:
91+
- !reference [.sanitize_goproxy]
8892

8993
.bazel:runner:macos-arm64:
9094
extends: .bazel:defs:cache:macos
9195
tags: [ "macos:sonoma-arm64", "specific:true" ]
96+
before_script:
97+
- !reference [.sanitize_goproxy]
9298

9399
.bazel:runner:windows-amd64:
94100
extends: [ .bazel:defs:cache:windows, .windows_docker_default ]

.gitlab/build/binary_build/schema_generation.yml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -81,6 +81,7 @@ generate_config_schema-windows:
8181
ARCH: "x64"
8282
script:
8383
- $ErrorActionPreference = "Stop"
84+
- !reference [.sanitize_goproxy_windows]
8485
- >
8586
.\tools\ci\docker-run-with-bazel-cache.ps1
8687
-m 24576M

.gitlab/build/source_test/kmt_tasks.yml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -40,6 +40,8 @@ test_kmt_local_setup_macos:
4040
before_script:
4141
- !reference [.vault_login]
4242
- !reference [.aws_retry_config]
43+
# Drop GOPROXY entries not usable from macOS runners, before any go command.
44+
- !reference [.sanitize_goproxy]
4345
- !reference [.setup_github_token_read]
4446
# Selecting the current Go version
4547
- |

.gitlab/windows/build/binary_build/windows.yml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,7 @@ build_windows_container_entrypoint:
1111
ARCH: "x64"
1212
script:
1313
- $ErrorActionPreference = "Stop"
14+
- !reference [.sanitize_goproxy_windows]
1415
- if (Test-Path build-out) { remove-item -recurse -force build-out }
1516
- >
1617
docker run --rm

.gitlab/windows/build/lint/windows.yml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,7 @@
44
extends: .windows_docker_default
55
script:
66
- $ErrorActionPreference = "Stop"
7+
- !reference [.sanitize_goproxy_windows]
78
- !reference [.docker_pull_winbuildimage_instrumented]
89
# Previously this job required only 8Gb of memory but since Go 1.20 it requires more to avoid being OOM killed.
910
# Each Windows VM has 32Gb of memory and contains 3 runners that can run one job at a time each (so a maximum of 3 simultaneous jobs per VM).

.gitlab/windows/build/package_build/windows.yml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,7 @@
55
needs: ["go_deps"]
66
script:
77
- $ErrorActionPreference = 'Stop'
8+
- !reference [.sanitize_goproxy_windows]
89
- if (Test-Path omnibus\pkg) { remove-item -recurse -force omnibus\pkg }
910
- mkdir omnibus\pkg
1011
- >
@@ -97,6 +98,7 @@ windows_msi_and_bosh_zip_x64-a7-fips:
9798
ARCH: "x64"
9899
script:
99100
- $ErrorActionPreference = "Stop"
101+
- !reference [.sanitize_goproxy_windows]
100102
- if (Test-Path omnibus\pkg) { remove-item -recurse -force omnibus\pkg }
101103
- mkdir omnibus\pkg
102104
- >

0 commit comments

Comments
 (0)