From e2b17bb9c2997e17c80ffb41192bbc2ced2c228a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 13 Aug 2024 11:59:17 +0200 Subject: [PATCH 1/4] chore(deps): bump github.com/go-chi/httprate from 0.9.0 to 0.12.1 (#79) Bumps [github.com/go-chi/httprate](https://github.com/go-chi/httprate) from 0.9.0 to 0.12.1. - [Release notes](https://github.com/go-chi/httprate/releases) - [Commits](https://github.com/go-chi/httprate/compare/v0.9.0...v0.12.1) --- updated-dependencies: - dependency-name: github.com/go-chi/httprate dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 4172c355..7ab80497 100644 --- a/go.mod +++ b/go.mod @@ -9,7 +9,7 @@ require ( github.com/cockroachdb/pebble v1.1.1 github.com/gnolang/gno v0.1.1 github.com/go-chi/chi/v5 v5.1.0 - github.com/go-chi/httprate v0.9.0 + github.com/go-chi/httprate v0.12.1 github.com/google/uuid v1.6.0 github.com/madz-lab/insertion-queue v0.0.0-20230520191346-295d3348f63a github.com/olahol/melody v1.2.1 diff --git a/go.sum b/go.sum index af368e53..9ddd0d99 100644 --- a/go.sum +++ b/go.sum @@ -90,8 +90,8 @@ github.com/gnolang/overflow v0.0.0-20170615021017-4d914c927216 h1:GKvsK3oLWG9B1G github.com/gnolang/overflow v0.0.0-20170615021017-4d914c927216/go.mod h1:xJhtEL7ahjM1WJipt89gel8tHzfIl/LyMY+lCYh38d8= github.com/go-chi/chi/v5 v5.1.0 h1:acVI1TYaD+hhedDJ3r54HyA6sExp3HfXq7QWEEY/xMw= github.com/go-chi/chi/v5 v5.1.0/go.mod h1:DslCQbL2OYiznFReuXYUmQ2hGd1aDpCnlMNITLSKoi8= -github.com/go-chi/httprate v0.9.0 h1:21A+4WDMDA5FyWcg7mNrhj63aNT8CGh+Z1alOE/piU8= -github.com/go-chi/httprate v0.9.0/go.mod h1:6GOYBSwnpra4CQfAKXu8sQZg+nZ0M1g9QnyFvxrAB8A= +github.com/go-chi/httprate v0.12.1 h1:55l3IWrPcipqKb72yBzH+grF51z5w+2Bb/Qmu1bos/E= +github.com/go-chi/httprate v0.12.1/go.mod h1:TUepLXaz/pCjmCtf/obgOQJ2Sz6rC8fSf5cAt5cnTt0= github.com/go-errors/errors v1.4.2 h1:J6MZopCL4uSllY1OfXM374weqZFFItUbrImctkmUxIA= github.com/go-errors/errors v1.4.2/go.mod h1:sIVyrIiJhuEF+Pj9Ebtd6P/rEYROXFi3BopGUQ5a5Og= github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= From f505afa295eb648765cca8f671c20dac91568d6a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 13 Aug 2024 12:29:51 +0200 Subject: [PATCH 2/4] chore(deps): bump golang.org/x/sync from 0.7.0 to 0.8.0 (#77) Bumps [golang.org/x/sync](https://github.com/golang/sync) from 0.7.0 to 0.8.0. - [Commits](https://github.com/golang/sync/compare/v0.7.0...v0.8.0) --- updated-dependencies: - dependency-name: golang.org/x/sync dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 7ab80497..bc2a2e08 100644 --- a/go.mod +++ b/go.mod @@ -19,7 +19,7 @@ require ( github.com/vektah/gqlparser/v2 v2.5.16 go.uber.org/multierr v1.11.0 go.uber.org/zap v1.27.0 - golang.org/x/sync v0.7.0 + golang.org/x/sync v0.8.0 ) require ( diff --git a/go.sum b/go.sum index 9ddd0d99..8c365af3 100644 --- a/go.sum +++ b/go.sum @@ -252,8 +252,8 @@ golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.7.0 h1:YsImfSBoP9QPYL0xyKJPq0gcaJdG3rInoqxTWbfQu9M= -golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= +golang.org/x/sync v0.8.0 h1:3NFvSEYkUoMifnESzZl15y791HH1qU2xm6eCJU5ZPXQ= +golang.org/x/sync v0.8.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= From c1ee00d21e014c39d4d00b0de227002e58412044 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 13 Aug 2024 12:41:44 +0200 Subject: [PATCH 3/4] chore(deps): bump sigstore/cosign-installer from 3.5.0 to 3.6.0 (#78) Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.5.0 to 3.6.0. - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](https://github.com/sigstore/cosign-installer/compare/v3.5.0...v3.6.0) --- updated-dependencies: - dependency-name: sigstore/cosign-installer dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/releaser.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/releaser.yaml b/.github/workflows/releaser.yaml index 0a028fbf..51609b8e 100644 --- a/.github/workflows/releaser.yaml +++ b/.github/workflows/releaser.yaml @@ -23,7 +23,7 @@ jobs: go-version: 1.21 cache: true - - uses: sigstore/cosign-installer@v3.5.0 + - uses: sigstore/cosign-installer@v3.6.0 - uses: anchore/sbom-action/download-syft@v0.17.0 - uses: docker/login-action@v3 From f68e8e74fcac0c2f8c64042999899d9dbcee8615 Mon Sep 17 00:00:00 2001 From: Sergio Maria Matone Date: Tue, 13 Aug 2024 15:34:21 +0200 Subject: [PATCH 4/4] [infra] proposing detailed Multistage Dockerfile (#69) * proposing detailed Multistage Dockerfile * removing leftovers --- .dockerignore | 10 ++++++++++ Dockerfile | 20 ++++++++++++++------ Dockerfile.release | 2 ++ 3 files changed, 26 insertions(+), 6 deletions(-) create mode 100644 .dockerignore diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 00000000..8657bb27 --- /dev/null +++ b/.dockerignore @@ -0,0 +1,10 @@ +# git + GitHub stuff +.git* +*.yml + +# Markdown +README.md +LICENSE.md + +Dockerfile* +Makefile diff --git a/Dockerfile b/Dockerfile index 4c3689c6..953de00b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -2,20 +2,28 @@ # Stage 1: Build #=============== -FROM golang:1.21-alpine as builder +FROM golang:1.22-alpine AS builder -COPY . /app +WORKDIR /src -WORKDIR /app +RUN --mount=type=cache,target=/go/pkg/mod/ \ + --mount=type=cache,target=/root/.cache/go-build \ + --mount=type=bind,source=go.sum,target=go.sum \ + --mount=type=bind,source=go.mod,target=go.mod \ + go mod download -x -RUN go build -o indexer ./cmd +ENV CGO_ENABLED=0 GOOS=linux + +RUN --mount=type=cache,target=/go/pkg/mod/ \ + --mount=type=cache,target=/root/.cache/go-build \ + --mount=type=bind,target=. \ + go build -o /app/indexer ./cmd #=============== # Stage 2: Run #=============== -FROM alpine +FROM alpine:3.20 AS tx-indexer COPY --from=builder /app/indexer /usr/local/bin/indexer - ENTRYPOINT [ "/usr/local/bin/indexer" ] \ No newline at end of file diff --git a/Dockerfile.release b/Dockerfile.release index 29a97586..14cf931b 100644 --- a/Dockerfile.release +++ b/Dockerfile.release @@ -1,3 +1,5 @@ +# This Dockerfile is only useful for Goreleaser task +# https://goreleaser.com/customization/docker/ FROM scratch COPY tx-indexer / ENTRYPOINT [ "/tx-indexer" ]