Merge pull request #159 from Clever/INFRANG-6802-env

INFRANG-6802-env

Author: MatthewwTN

VERSION

@@ -1,7 +1,8 @@
-v1.0.4
-updated parsing of go version from go.mod
+v1.0.5
+- Supporting lazy loading of environment variables
 
 Previously:
+- updated parsing of go version from go.mod
 - goci now supports validation of go version
 - variable MASTER_COMPARE is now required for local dev
 - Instead of emitting an error on failed catalog syncs, simply warn

cmd/goci/README.md

@@ -10,6 +10,7 @@ goci accepts very limited arguments which merely change the mode it runs in. The
 
 1. `goci detect` detects any changed applications according to their launch configuration. This can be used to pass a name of apps to another script.
 2. `goci artifact-build-publish-deploy` builds, publishes and deploys any application artifacts.
+3. `goci validate` validates an applications go version, while also checking for compatible branch naming conventions for catapult.
 
 
 ## Multi-app Support

cmd/goci/main.go

@@ -27,11 +27,11 @@ const usage = "usage: goci <validate|detect|artifact-build-publish-deploy>"
 
 // ValidationError represents an error that occurs during validation.
 type ValidationError struct {
-    Message string
+	Message string
 }
 
 func (e *ValidationError) Error() string {
-    return e.Message
+	return e.Message
 }
 
 func main() {
@@ -42,12 +42,12 @@ func main() {
 	mode := os.Args[1]
 	if err := run(mode); err != nil {
 		if _, ok := err.(*ValidationError); ok {
-            fmt.Println("Validation error:", err)
-            os.Exit(2) // Use a different exit code for validation errors
-        } else {
-            fmt.Println("Error:", err)
-            os.Exit(1)
-        }
+			fmt.Println("Validation error:", err)
+			os.Exit(2) // Use a different exit code for validation errors
+		} else {
+			fmt.Println("Error:", err)
+			os.Exit(1)
+		}
 	}
 }
 
@@ -82,7 +82,7 @@ func run(mode string) error {
 	if err = validateRun(); err != nil {
 		return err
 	}
-	
+
 	if len(apps) == 0 {
 		fmt.Println("No applications have buildable changes. If this is unexpected, " +
 			"double check your artifact dependency configuration in the launch yaml.")
@@ -105,7 +105,7 @@ func run(mode string) error {
 	}
 
 	if len(dockerTargets) > 0 {
-		dkr, err := docker.New(ctx)
+		dkr, err := docker.New(ctx, environment.OidcEcrUploadRole())
 		if err != nil {
 			return err
 		}
@@ -125,7 +125,7 @@ func run(mode string) error {
 	}
 
 	if len(lambdaTargets) > 0 {
-		lmda := lambda.New(ctx)
+		lmda := lambda.New(ctx, environment.LambdaArtifactBucketPrefix())
 
 		for artifact, t := range lambdaTargets {
 			if err = repo.ExecBuild(t.Command); err != nil {
@@ -143,16 +143,16 @@ func run(mode string) error {
 		return err
 	}
 
-	if environment.Branch == "master" {
+	if environment.Branch() == "master" {
 		return cp.Deploy(ctx, appIDs)
 	}
 	return nil
 }
 
 // validateRun checks the env.branch and go version to ensure the build is valid.
 func validateRun() error {
-	if strings.Contains(environment.Branch, "/") {
-        return &ValidationError{Message: fmt.Sprintf("branch name %s contains a `/` character, which is not supported by catapult", environment.Branch)}
+	if strings.Contains(environment.Branch(), "/") {
+		return &ValidationError{Message: fmt.Sprintf("branch name %s contains a `/` character, which is not supported by catapult", environment.Branch())}
 	}
 
 	latestGoVersion, err := fetchLatestGoVersion()
@@ -161,12 +161,12 @@ func validateRun() error {
 	}
 
 	goModPath := "./go.mod"
-    fileBytes, err := os.ReadFile(goModPath)
-    if err != nil {
-        return fmt.Errorf("failed to read go.mod file: %v", err)
-    }
+	fileBytes, err := os.ReadFile(goModPath)
+	if err != nil {
+		return fmt.Errorf("failed to read go.mod file: %v", err)
+	}
 
-	f, err := modfile.Parse("./go.mod", fileBytes , nil)
+	f, err := modfile.Parse("./go.mod", fileBytes, nil)
 	if err != nil {
 		return fmt.Errorf("failed to parse go.mod file: %v", err)
 	}
@@ -179,16 +179,14 @@ func validateRun() error {
 		trimmedVersion = f.Go.Version
 	}
 
-	version, e := strconv.ParseFloat(trimmedVersion, 64)
+	repoVersion, e := strconv.ParseFloat(trimmedVersion, 64)
 
 	if e != nil {
 		return fmt.Errorf("failed to parse go version: %v", e)
 	}
 
 	// We will begin enforcing this policy for go version 1.24 and above, for now set the minimum version to 1.23
-	if version <= 1.23 {
-		version = 1.23
-	}
+	var enforceGoVersionUpgrade float64 = 1.23
 
 	// trim the patch value from the latest go version
 	latestGoVersion = latestGoVersion[:len(latestGoVersion)-2]
@@ -197,11 +195,12 @@ func validateRun() error {
 		return fmt.Errorf("failed to parse go version: %v", e)
 	}
 
-	if version < newestGoVersion - 0.01 {
-        return &ValidationError{Message: fmt.Sprintf("go version %v is no longer supported. Please upgrade to version %v", version, newestGoVersion)}
-	} else if version == newestGoVersion - 0.01 {
+	// Once 1.23 is no longer supported, we will enforce the policy for 1.24 and above
+	if (repoVersion <= enforceGoVersionUpgrade) && (enforceGoVersionUpgrade < newestGoVersion-0.01) {
+		return &ValidationError{Message: fmt.Sprintf("Your applications go version %v is no longer supported. Please upgrade to version %v.", repoVersion, newestGoVersion)}
+	} else if repoVersion <= newestGoVersion-0.01 {
 		// We'll give a PR comment to the Author to warn them about the need to upgrade
-		fmt.Printf("Warning: This go version (%v) is nearing deprecation. Please upgrade to version %v\n", version, newestGoVersion)
+		fmt.Printf("Warning: This applications go version will be out of support by the next major release. You will have until the next release before you need to upgrade to version %v\n", newestGoVersion)
 	}
 
 	return nil
@@ -210,39 +209,39 @@ func validateRun() error {
 // fetchLatestGoVersion fetches the latest Go version from the official Go download page.
 func fetchLatestGoVersion() (string, error) {
 	// official Go download page
-    resp, err := http.Get("https://go.dev/dl/")
-    if err != nil {
-        return "", fmt.Errorf("failed to fetch Go download page: %v", err)
-    }
-    defer resp.Body.Close()
-	
-    if resp.StatusCode != http.StatusOK {
-        return "", fmt.Errorf("failed to fetch Go download page: status code %d", resp.StatusCode)
-    }
-
-    bodyBytes, err := io.ReadAll(resp.Body)
-    if err != nil {
-        return "", fmt.Errorf("failed to read response body: %v", err)
-    }
-    body := string(bodyBytes)
-
-    // Extract the latest macOS (darwin) download URL
-    re := regexp.MustCompile(`/dl/go[0-9]+\.[0-9]+\.[0-9]+\.darwin-arm64.pkg`)
-    matches := re.FindStringSubmatch(body)
-    if len(matches) == 0 {
-        return "", fmt.Errorf("failed to find Go download URL")
-    }
-    goURL := "https://go.dev" + matches[0]
-
-    // Extract the Go version number from the URL
-    reVersion := regexp.MustCompile(`[0-9]+\.[0-9]+\.[0-9]+`)
-    versionMatches := reVersion.FindStringSubmatch(goURL)
-    if len(versionMatches) == 0 {
-        return "", fmt.Errorf("failed to find Go version in URL")
-    }
-    goVersion := versionMatches[0]
-
-    return goVersion, nil
+	resp, err := http.Get("https://go.dev/dl/")
+	if err != nil {
+		return "", fmt.Errorf("failed to fetch Go download page: %v", err)
+	}
+	defer resp.Body.Close()
+
+	if resp.StatusCode != http.StatusOK {
+		return "", fmt.Errorf("failed to fetch Go download page: status code %d", resp.StatusCode)
+	}
+
+	bodyBytes, err := io.ReadAll(resp.Body)
+	if err != nil {
+		return "", fmt.Errorf("failed to read response body: %v", err)
+	}
+	body := string(bodyBytes)
+
+	// Extract the latest macOS (darwin) download URL
+	re := regexp.MustCompile(`/dl/go[0-9]+\.[0-9]+\.[0-9]+\.darwin-arm64.pkg`)
+	matches := re.FindStringSubmatch(body)
+	if len(matches) == 0 {
+		return "", fmt.Errorf("failed to find Go download URL")
+	}
+	goURL := "https://go.dev" + matches[0]
+
+	// Extract the Go version number from the URL
+	reVersion := regexp.MustCompile(`[0-9]+\.[0-9]+\.[0-9]+`)
+	versionMatches := reVersion.FindStringSubmatch(goURL)
+	if len(versionMatches) == 0 {
+		return "", fmt.Errorf("failed to find Go version in URL")
+	}
+	goVersion := versionMatches[0]
+
+	return goVersion, nil
 }
 
 // allAppsBuilt returns an error if any apps are missing a build artifact.
@@ -265,4 +264,4 @@ func allAppsBuilt(discoveredApps map[string]*models.LaunchConfig, builtApps []*c
 		}
 	}
 	return fmt.Errorf("applications %s not built", strings.Join(missing, ", "))
-}
+}

internal/catapult/catapult.go

@@ -36,7 +36,7 @@ func New() *Catapult {
 	// we only have the proto and hostname. There are two separate
 	// variables provided to provide legacy support so clean up both
 	// possibilities
-	url := strings.TrimSuffix(environment.CatapultURL, "/v2/catapult")
+	url := strings.TrimSuffix(environment.CatapultURL(), "/v2/catapult")
 	url = strings.TrimSuffix(url, "/catapult")
 	var rt http.RoundTripper = &basicAuthTransport{}
 	cli := client.New(url, fmtPrinlnLogger{}, &rt)
@@ -52,9 +52,9 @@ func (c *Catapult) Publish(ctx context.Context, artifacts []*Artifact) error {
 		grp.Go(func() error {
 			fmt.Println("Publishing", art.ID)
 			err := c.client.PostCatapultV2(grpCtx, &models.CatapultPublishRequest{
-				Username: environment.CircleUser,
-				Reponame: environment.Repo,
-				Buildnum: environment.CircleBuildNum,
+				Username: environment.CircleUser(),
+				Reponame: environment.Repo(),
+				Buildnum: environment.CircleBuildNum(),
 				App:      art,
 			})
 			if err != nil {
@@ -81,9 +81,9 @@ func (c *Catapult) Deploy(ctx context.Context, apps []string) error {
 		fmt.Println("Deploying", app)
 		err := c.client.PostDapple(ctx, &models.DeployRequest{
 			Appname:  app,
-			Buildnum: environment.CircleBuildNum,
-			Reponame: environment.Repo,
-			Username: environment.CircleUser,
+			Buildnum: environment.CircleBuildNum(),
+			Reponame: environment.Repo(),
+			Username: environment.CircleUser(),
 		})
 		if err != nil {
 			return fmt.Errorf("failed to deploy %s: %v", app, err)
@@ -98,7 +98,7 @@ func (c *Catapult) Deploy(ctx context.Context, apps []string) error {
 type basicAuthTransport struct{}
 
 func (ba *basicAuthTransport) RoundTrip(r *http.Request) (*http.Response, error) {
-	r.SetBasicAuth(environment.CatapultUser, environment.CatapultPassword)
+	r.SetBasicAuth(environment.CatapultUser(), environment.CatapultPassword())
 	return http.DefaultTransport.RoundTrip(r)
 }
 

internal/docker/docker.go

@@ -38,14 +38,14 @@ type Docker struct {
 
 // New initializes a new docker daemon client and caches ecr credentials
 // for all 4 regions.
-func New(ctx context.Context) (*Docker, error) {
+func New(ctx context.Context, ecrUploadRole string) (*Docker, error) {
 	cl, err := client.NewClientWithOpts(client.WithAPIVersionNegotiation())
 	if err != nil {
 		return nil, fmt.Errorf("failed to initialize client: %v", err)
 	}
 	d := &Docker{
 		cli:    cl,
-		awsCfg: environment.AWSCfg(ctx, environment.OidcEcrUploadRole),
+		awsCfg: environment.AWSCfg(ctx, ecrUploadRole),
 	}
 
 	grp, ctx := errgroup.WithContext(ctx)

internal/docker/targets.go

@@ -40,9 +40,9 @@ func BuildTargets(apps map[string]*models.LaunchConfig) (map[string]DockerTarget
 		artifacts = append(artifacts, &catapult.Artifact{
 			RunType:   string(models.RunTypeDocker),
 			ID:        name,
-			Branch:    environment.Branch,
-			Source:    fmt.Sprintf("github:Clever/%s@%s", environment.Repo, environment.FullSHA1),
-			Artifacts: fmt.Sprintf("docker:clever/%s@%s", artifact, environment.ShortSHA1),
+			Branch:    environment.Branch(),
+			Source:    fmt.Sprintf("github:Clever/%s@%s", environment.Repo(), environment.FullSHA1()),
+			Artifacts: fmt.Sprintf("docker:clever/%s@%s", artifact, environment.ShortSHA1()),
 		})
 
 		// Any apps with a shared artifact only need to be built and
@@ -59,7 +59,7 @@ func BuildTargets(apps map[string]*models.LaunchConfig) (map[string]DockerTarget
 		for _, region := range environment.Regions {
 			tag := fmt.Sprintf(
 				"%s.dkr.ecr.%s.amazonaws.com/%s:%s",
-				environment.ECRAccountID, region, artifact, environment.ShortSHA1,
+				environment.ECRAccountID(), region, artifact, environment.ShortSHA1(),
 			)
 			tags = append(tags, tag)
 		}