Bump dependencies #4498
Bump dependencies #4498
Conversation
In preparation to the next release we're going to bump some deps such as various cloud SDKs we can test i.e. AWS, Google Cloud, etc. Signed-off-by: Milos Gajdos <milosthegajdos@gmail.com>
ffaf824 to
8b2ba56
Compare
Also bump the golangci version Signed-off-by: Milos Gajdos <milosthegajdos@gmail.com>
8b2ba56 to
3996413
Compare
@cpuguy83 do you have recommendations here, or know someone who's able to help? |
| github.com/beorn7/perks v1.0.1 // indirect | ||
| github.com/cenkalti/backoff/v4 v4.2.1 // indirect | ||
| github.com/cespare/xxhash/v2 v2.2.0 // indirect | ||
| github.com/census-instrumentation/opencensus-proto v0.4.1 // indirect |
There was a problem hiding this comment.
wondering what's referring to opencensus (some package that hasn't switched to OTEL yet?)
There was a problem hiding this comment.
No idea, tbh. When I bumped the latest Google storage module this got pulled in as an indirect dep
go.mod
Outdated
| go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.46.1 | 8000||
| go.opentelemetry.io/otel v1.21.0 | ||
| go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.54.0 | ||
| go.opentelemetry.io/otel v1.29.0 | ||
| go.opentelemetry.io/otel/exporters/stdout/stdouttrace v1.21.0 |
There was a problem hiding this comment.
otel doesn't always define dependencies between these, but it's good to keep them aligned.
Can you update the remaining v1.21.0 ones to v1.29.0, and the remaining v0.46.1 ones to v0.54.0?
There was a problem hiding this comment.
Not sure I follow. You want all otel "sub" modules (emphasis on sub because otel is a complete mess -- good intentions gone completely awry) to be bumped to 1.29? I think Google storage bump pulled in 1.29 maybe it needs that specific version?
There was a problem hiding this comment.
Yeah, basically for the go.opentelemetry.io/contrib/exporters/xxx and go.opentelemetry.io/contrib/instrumentation/xxx ones to be on v0.54.0, and the go.opentelemetry.io/otel/xxx ones to be on v1.29.0
But I had a quick try, and looks like if you update go.opentelemetry.io/contrib/exporters/autoexport to v0.54.0 that all the other ones come with it.
There was a problem hiding this comment.
Ok, yah, that should be done in 3ac2285
dockerfiles/lint.Dockerfile
Outdated
| @@ -4,6 +4,7 @@ ARG GO_VERSION=1.23.2 | |||
| ARG ALPINE_VERSION=3.20 | |||
| ARG GOLANGCI_LINT_VERSION=v1.61.0 | |||
| ARG BUILDTAGS="" | |||
| ARG TIMEOUT="5m" | |||
There was a problem hiding this comment.
This one's only used in the linting stage, so no need to set a default here
dockerfiles/lint.Dockerfile
Outdated
| @@ -13,7 +14,11 @@ WORKDIR /src | |||
|
|
|||
| FROM base | |||
| ENV GOFLAGS="-buildvcs=false" | |||
| ARG TIMEOUT | |||
There was a problem hiding this comment.
can set the default here;
ARG TIMEOUT=5m
dockerfiles/lint.Dockerfile
Outdated
| ARG TIMEOUT | ||
| ARG BUILDTAGS | ||
| ENV TIMEOUT=${TIMEOUT} | ||
| ENV BUILDTAGS=${BUILDTAGS} |
There was a problem hiding this comment.
No need to persist these in an env-var; it's only used in the RUN, and not used at runtime (I don't even think we even run the image, only used the build to run the linter)
There was a problem hiding this comment.
The scope and propagation are kinda sad in Dockerfiles (https://docs.docker.com/build/building/variables/#scoping); I feel like I often need a PhD to get those right
|
Anything else that needs addressing in this PR @thaJeztah ? |
|
Can you squash the last two commits? We can probably do the remaining OTEL ones separately. |
Add a timeout to the lint: By default it is set to 1m Remove ARGs where not needed. Signed-off-by: Milos Gajdos <milosthegajdos@gmail.com>
cc9a684 to
bd52394
Compare
We want to be consistent in our deps so tracking down issue does not end up in a murder mystery hunt. This commit picks a specific otel versions that are unified in this codebase. Signed-off-by: Milos Gajdos <milosthegajdos@gmail.com>
|
@thaJeztah commits, squashed, wanna give this another look? |
|
Lgtm. I would bump Azure too, this is an RC after all. |
In preparation to the next release we're going to bump some deps such as various cloud SDKs we can test i.e. AWS, Google Cloud, etc.
NOTE: I'd LOVE to bump the Azure packages, but I've no way of verifying if the new versions worked with this repo; for AWS we have integration tests and for Google I test it manually on my GCP account against a GCS bucket. I've never used Azure and I'd like to avoid releasing something that's not proven to work 😞