Merge pull request #739 from ericchiang/check-go-version

*: check go version before building
This commit is contained in:
Eric Chiang 2016-12-13 13:17:41 -08:00 committed by GitHub
commit aa6c0c6ed7
2 changed files with 39 additions and 2 deletions

View File

@ -25,10 +25,10 @@ LD_FLAGS="-w -X $(REPO_PATH)/version.Version=$(VERSION)"
build: bin/dex bin/example-app build: bin/dex bin/example-app
bin/dex: FORCE bin/dex: check-go-version
@go install -v -ldflags $(LD_FLAGS) $(REPO_PATH)/cmd/dex @go install -v -ldflags $(LD_FLAGS) $(REPO_PATH)/cmd/dex
bin/example-app: FORCE bin/example-app: check-go-version
@go install -v -ldflags $(LD_FLAGS) $(REPO_PATH)/cmd/example-app @go install -v -ldflags $(LD_FLAGS) $(REPO_PATH)/cmd/example-app
.PHONY: release-binary .PHONY: release-binary
@ -88,6 +88,10 @@ bin/protoc: scripts/get-protoc
bin/protoc-gen-go: bin/protoc-gen-go:
@go install -v $(REPO_PATH)/vendor/github.com/golang/protobuf/protoc-gen-go @go install -v $(REPO_PATH)/vendor/github.com/golang/protobuf/protoc-gen-go
.PHONY: check-go-version
check-go-version:
@./scripts/check-go-version
clean: clean-release clean: clean-release
@rm -rf bin/ @rm -rf bin/

33
scripts/check-go-version Executable file
View File

@ -0,0 +1,33 @@
#!/bin/sh
set -e
VERSION=$( go version )
# For development versions of Go, these will be empty.
MAJOR_GOVERSION=$( echo -n "$VERSION" | grep -o 'go1\.[0-9]' || true )
FULL_GOVERSION=$( echo -n "$VERSION" | grep -o 'go1\.[0-9|\.]*' || true )
# The list of unsupported major go versions.
UNSUPPORTED=( "go1.0" "go1.1" "go1.2" "go1.3" "go1.4" "go1.5" "go1.6" )
# Minor go verisons which have known security vulnerabilities. Refuse to build with these.
#
# There aren't any security issues that impact dex in 1.7 but minor versions should be
# added here later if they do have issues.
KNOWN_INSECURE=( )
for V in "${UNSUPPORTED[@]}"; do
if [ "$V" = "$MAJOR_GOVERSION" ]; then
>&2 echo "ERROR: dex requires Go version 1.7+. Please update your Go installation: https://golang.org/dl/"
exit 2
fi
done
for V in "${KNOWN_INSECURE[@]}"; do
if [ "$V" = "$FULL_GOVERSION" ]; then
>&2 echo "Go version ${V} has known security vulnerabilities which impact dex. Please update your Go verison."
exit 2
fi
done