Skip to content
This repository has been archived by the owner on Sep 9, 2020. It is now read-only.

Document how to use dep with Docker #1094

Merged
merged 7 commits into from
Sep 19, 2017
Merged

Document how to use dep with Docker #1094

Changes from 4 commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
2afc7f7
Document how to use dep with Docker
stephenafamo Aug 30, 2017
4a31058
Merge branch 'master' of github.com:golang/dep
stephenafamo Aug 31, 2017
b42b64d
Add more explanation to FAQ for docker use
stephenafamo Aug 31, 2017
5202ee0
Move docker FAQ under best practices
stephenafamo Aug 31, 2017
52ebe51
Merge branch 'master' of github.com:golang/dep
stephenafamo Sep 12, 2017
394c3b6
Remove extras in sample dockerfile
stephenafamo Sep 12, 2017
505c5c8
Merge branch 'master' of github.com:golang/dep
stephenafamo Sep 13, 2017
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
37 changes: 36 additions & 1 deletion docs/FAQ.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,7 @@ Summarize the question and quote the reply, linking back to the original comment
* [Is it OK to make backwards-incompatible changes now?](#is-it-ok-to-make-backwards-incompatible-changes-now)
* [My dependers don't use `dep` yet. What should I do?](#my-dependers-dont-use-dep-yet-what-should-i-do)
* [How do I configure a dependency that doesn't tag its releases?](#how-do-i-configure-a-dependency-that-doesnt-tag-its-releases)
* [How do I use `dep` with Docker?](#how-do-i-use-dep-with-docker)

## Concepts
### Does `dep` replace `go get`?
Expand Down Expand Up @@ -288,7 +289,6 @@ For a refresher on Go's recommended workspace organization, see the ["How To Wri
`dep init -gopath`, which falls back to network mode when the packages are not
found in `GOPATH`. `dep ensure` doesn't work with projects in `GOPATH`.


## Best Practices
### Should I commit my vendor directory?

Expand Down Expand Up @@ -373,3 +373,38 @@ stripping out nested `vendor` directories.
## How do I configure a dependency that doesn't tag its releases?

Add a constraint to `Gopkg.toml` that specifies `branch: "master"` (or whichever branch you need) in the `[[constraint]]` for that dependency. `dep ensure` will determine the current revision of your dependency's master branch, and place it in `Gopkg.lock` for you. See also: [What is the difference between Gopkg.toml and Gopkg.lock?](#what-is-the-difference-between-gopkgtoml-the-manifest-and-gopkglock-the-lock)

## How do I use `dep` with Docker?

`dep ensure -vendor-only` creates the vendor folder from a valid `Gopkg.toml` and `Gopkg.lock` without checking for Go code.
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actually, dep ensure -vendor-only care about Gopkg.lock only. But it still requires Gopkg.toml to exists. 😁

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah that threw me off too for a sec but the FAQ is less about "how things are exactly implemented" and more high level, "you need both a toml and lock in order for this to work" type stuff. 😀

I vote for leaving it as-is for now since both files are required.

This is especially useful for builds inside docker utilizing cache layers.

Sample dockerfile:

FROM golang:1.8 AS builder
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It is better to update base image to golang:1.9-alpine. (alpine since other stage use alpine and c library may cause error.)

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would prefer that the end image use scratch instead.

If you need to use Go in a container you should know how to use the correct image that satisfies your dependencies.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

How to run static go binaries in Docker isn't the responsibility of the dep FAQ. The question that we want to answer is only the part about caching the results of dep ensure. If this is going to trigger a "static binary in a docker container" bikeshed, or if we are worried that we have to represent a perfect best practice example in our FAQ, then I vote we rip this out and only show an example up to running dep ensure.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I agree. Removing the parts after dep ensure is a great idea.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I agree too. Going to go ahead and do that.


RUN curl -fsSL -o /usr/local/bin/dep https://github.com/golang/dep/releases/download/vX.X.X/dep-linux-amd64 && chmod +x /usr/local/bin/dep
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi, just came over the docker file issue. Might wanna add

RUN curl -fsSL -o /tmp/dep.zip \
    https://github.com/golang/dep/releases/download/v0.3.0/dep-linux-amd64.zip \
    && unzip /tmp/dep.zip -d /usr/local/bin \
    && chmod +x /usr/local/bin/dep

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This PR is waiting on our new release scheme, which won't use zipped binaries on our GitHub releases.


RUN mkdir -p /go/src/github.com/***
WORKDIR /go/src/github.com/***

COPY Gopkg.toml Gopkg.lock ./
# copies the Gopkg.toml and Gopkg.lock to WORKDIR

RUN dep ensure -vendor-only
# install the dependencies without checking for go code
COPY . .
# copies any other required code to the WORKDIR
RUN go build -o ***
# the -o flag is used to specify the name of the executable to be installed

FROM alpine:latest
RUN apk --no-cache add ca-certificates

WORKDIR /root/

COPY --from=builder /go/src/github.com/*** .
# copies only the built executable to the new image
ENTRYPOINT ["./***"]