Revision - 5273a46 - images/builder: add /.cache directory

Revision 5273a46cf7288144d3ccac825725cf024b40b565 authored by André Martins on 18 June 2024, 14:59:12 UTC, committed by André Martins on 20 June 2024, 19:00:01 UTC

images/builder: add /.cache directory

The builder image is used to generate Kubernetes manifests and some Go code
for Kubernetes clients. Currently, Docker run commands are executed as the
root user inside the container, resulting in files being created with the
root UID. This prevents the user who executed the Docker run command from
managing these files.

Running the Docker container with the executing user's UID causes "go run"
commands to fail due to insufficient permissions to write to the /.cache
directory. To resolve this, we need to create a /.cache directory with write
permissions for all users.

Signed-off-by: André Martins <andre@cilium.io>

1 parent 6f461ea

Files
Changes

Permalinks

.golangci.yaml

# options for analysis running
run:
  # default concurrency is a available CPU number
  concurrency: 4

  # timeout for analysis, e.g. 30s, 5m, default is 1m
  timeout: 20m

  # exit code when at least one issue was found, default is 1
  issues-exit-code: 1

  # include test files or not, default is true
  tests: true

  # default is true. Enables skipping of directories:
  #   vendor$, third_party$, testdata$, examples$, Godeps$, builtin$
  skip-dirs-use-default: true

  # which dirs to skip: they won't be analyzed;
  # can use regexp here: generated.*, regexp is applied on full path;
  # default value is empty list, but next dirs are always skipped independently
  # from this option's value:
  #   	vendor$, third_party$, testdata$, examples$, Godeps$, builtin$
  #  skip-dirs:
  #    - ^test.*

  # by default isn't set. If set we pass it to "go list -mod={option}". From "go help modules":
  # If invoked with -mod=readonly, the go command is disallowed from the implicit
  # automatic updating of go.mod described above. Instead, it fails when any changes
  # to go.mod are needed. This setting is most useful to check that go.mod does
  # not need updates, such as in a continuous integration and testing system.
  # If invoked with -mod=vendor, the go command assumes that the vendor
  # directory holds the correct copies of dependencies and ignores
  # the dependency descriptions in go.mod.
  modules-download-mode: readonly

  # which files to skip: they will be analyzed, but issues from them
  # won't be reported. Default value is empty list, but there is
  # no need to include all autogenerated files, we confidently recognize
  # autogenerated files. If it's not please let us know.
  skip-files:
  #  - ".*\\.my\\.go$"
  #  - lib/bad.go

# all available settings of specific linters
linters-settings:
  depguard:
    rules:
      main:
        deny:
          - pkg: "math/rand$"
            desc: "Use math/rand/v2 instead"
  govet:
    enable:
      - nilness
  goimports:
    local-prefixes: github.com/cilium/cilium/
  goheader:
    values:
      regexp:
        PROJECT: 'Cilium|Hubble'
    template: |-
      SPDX-License-Identifier: Apache-2.0
      Copyright Authors of {{ PROJECT }}
  gosec:
    includes:
      - G402
  gomodguard:
    blocked:
      modules:
        - github.com/miekg/dns:
            recommendations:
              - github.com/cilium/dns
            reason: "use the cilium fork directly to avoid replace directives in go.mod, see https://github.com/cilium/cilium/pull/27582"
        - gopkg.in/check.v1:
            recommendations:
              - testing
              - github.com/stretchr/testify/assert
            reason: "gocheck has been deprecated, see https://github.com/cilium/cilium/issues/28596"
        - github.com/cilium/checkmate:
            recommendations:
              - github.com/stretchr/testify/assert
              - github.com/stretchr/testify/require
            reason: "cilium/checkmate has been deprecated, see https://github.com/cilium/cilium/issues/28596"
        - go.uber.org/multierr:
            recommendations:
              - errors
            reason: "Go 1.20+ has support for combining multiple errors, see https://go.dev/doc/go1.20#errors"

  stylecheck:
    checks: ["ST1019"]

issues:
  # Excluding configuration per-path, per-linter, per-text and per-source
  exclude-rules:
    - linters: [staticcheck]
      text: "SA1019"                  # this is rule for deprecated method
    - linters: [staticcheck]
      text: "SA9003: empty branch"
    - linters: [staticcheck]
      text: "SA2001: empty critical section"
    - linters: [err113]
      text: "do not define dynamic errors, use wrapped static errors instead" # This rule to avoid opinionated check fmt.Errorf("text")
    # Skip goimports check on generated files
    - path: \\.(generated\\.deepcopy|pb)\\.go$
      linters:
        - goimports
    # Skip goheader check on files imported and modified from upstream k8s
    - path: "pkg/ipam/(cidrset|service)/.+\\.go"
      linters:
        - goheader

linters:
  disable-all: true
  enable:
    - depguard
    - errorlint
    - err113
    - gofmt
    - goimports
    - govet
    - ineffassign
    - misspell
    - staticcheck
    - stylecheck
    - unused
    - goheader
    - gosec
    - gomodguard
    - gosimple

# To enable later if makes sense
#    - deadcode
#    - errcheck
#    - gocyclo
#    - golint
#    - gosec
#    - gosimple
#    - lll
#    - maligned
#    - misspell
#    - prealloc
#    - structcheck
#    - typecheck

Showing with 0 additions and 0 deletions (0 / 0 diffs computed)

Computing file changes ...