talosctl vedorhash
Closed this issue · 3 comments
Details
What steps did you take and what happened:
Hello, I am following your project. As I noticed, everytime talosctl updates, we have to fix its vendorhash.
During my reseach, I found this project, and this post.
Since I am not famliar with Golang, could you update the code to include this vendorhash fix?
What did you expect to happen:
Manually update talosctl vendorhash no more.
Hi, thanks for raising the suggestion! This is definitely something that is a bit annoying, but at the same time I think it may also be by design to force package authors to make sure no "bad" dependencies get built?
I will see if there is an elegant solution. The biggest issue is that I don't own any of the upstream code. That means I need to check out the upstream repo at the correct tag, run whichever tools required to populate the hash and then feed that back into the nixpkg. All of this would make the build pipe quite complex I think.
I tested a few methods, then write a bash script to make it works. related commit check here. I think I should refractor github workflow later.
Thanks for this idea @soulwhisper! I've hacked around a bit and implemented a similar solution in my nvfetcher GH workflow. ❤️