From 3fb7c8881de601e2665688576adb64f21241638b Mon Sep 17 00:00:00 2001 From: Kyle Carberry Date: Mon, 14 Aug 2023 19:15:52 -0500 Subject: [PATCH 01/36] Add Docker image --- flake.nix | 108 ++++++++++++++++++++++++++++++++++-------------------- 1 file changed, 68 insertions(+), 40 deletions(-) diff --git a/flake.nix b/flake.nix index 18d06adc4a98f..d431437ad837e 100644 --- a/flake.nix +++ b/flake.nix @@ -11,50 +11,78 @@ flake-utils.lib.eachDefaultSystem (system: let pkgs = nixpkgs.legacyPackages.${system}; - in - { formatter = pkgs.nixpkgs-fmt; - devShells.default = pkgs.mkShell { - buildInputs = with pkgs; [ - bash - bat - cairo - drpc.defaultPackage.${system} - exa - getopt - git - go-migrate - go_1_20 - golangci-lint - gopls - gotestsum - jq - kubernetes-helm - mockgen - nfpm - nodePackages.pnpm - nodePackages.typescript - nodePackages.typescript-language-server - nodejs - openssh - openssl - pango - pixman - pkg-config - postgresql - protoc-gen-go - ripgrep - screen - shellcheck - shfmt - sqlc + devShellPackages = with pkgs; [ + bat + cairo + curl + docker + drpc.defaultPackage.${system} + exa + getopt + git + go_1_20 + go-migrate + golangci-lint + gopls + gotestsum + jq + kubernetes-helm + mockgen + nfpm + nix + nodejs + nodePackages.pnpm + nodePackages.typescript + nodePackages.typescript-language-server + openssh + openssl + pango + pixman + pkg-config + postgresql + protoc-gen-go + ripgrep + screen + shellcheck + shfmt + sqlc + terraform + typos + yq + zip + zstd + ]; + baseImage = pkgs.dockerTools.pullImage { + imageName = "ubuntu"; + imageDigest = "sha256:7a520eeb6c18bc6d32a21bb7edcf673a7830813c169645d51c949cecb62387d0"; + sha256 = "090zricz7n1kbphd7gwhvavj7m1j7bhh4aq3c3mrik5q8pxh4j58"; + finalImageName = "ubuntu"; + finalImageTag = "lunar"; + }; + dockerImage = pkgs.dockerTools.buildLayeredImage { + name = "dev-environment"; + fromImage = baseImage; + contents = with pkgs; [ terraform - typos - yq - zip - zstd ]; + # extraCommands = '' + # mv bin nixbin + # ln -s usr/bin bin + # ''; + config = { + # Env = [ "PATH=${pkgs.lib.makeBinPath devShellPackages}:$PATH" ]; + Entrypoint = [ "/bin/bash" ]; + }; + }; + in + { + packages = { + devEnvironmentDocker = dockerImage; + # other packages you want to define for this system }; + defaultPackage = formatter; # or replace it with your desired default package. + devShell = pkgs.mkShell { buildInputs = devShellPackages; }; } ); } From bcc79ec009919af86ef0a8402ceb8a3f3777e38f Mon Sep 17 00:00:00 2001 From: Kyle Carberry Date: Mon, 14 Aug 2023 21:04:06 -0500 Subject: [PATCH 02/36] Try building the container in CI --- .github/workflows/dogfood.yaml | 15 +++++++-------- flake.nix | 21 +++++++++++---------- 2 files changed, 18 insertions(+), 18 deletions(-) diff --git a/.github/workflows/dogfood.yaml b/.github/workflows/dogfood.yaml index f1a6c2e712fd0..9bbb8403d120e 100644 --- a/.github/workflows/dogfood.yaml +++ b/.github/workflows/dogfood.yaml @@ -5,6 +5,8 @@ on: branches: - main paths: + - "flake.nix" + - "flake.lock" - "dogfood/**" - ".github/workflows/dogfood.yaml" # Uncomment these lines when testing with CI. @@ -42,15 +44,12 @@ jobs: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_PASSWORD }} - - name: Build and push - uses: docker/build-push-action@v4 + - uses: cachix/install-nix-action@v22 with: - context: "{{defaultContext}}:dogfood" - pull: true - push: true - tags: "codercom/oss-dogfood:${{ steps.docker-tag-name.outputs.tag }},codercom/oss-dogfood:latest" - cache-from: type=registry,ref=codercom/oss-dogfood:latest - cache-to: type=inline + github_access_token: ${{ secrets.GITHUB_TOKEN }} + nix_path: nixpkgs=channel:nixos-unstable + + - run: nix build .#devEnvironmentDocker | ./result deploy_template: needs: deploy_image diff --git a/flake.nix b/flake.nix index d431437ad837e..a1410b10c3828 100644 --- a/flake.nix +++ b/flake.nix @@ -14,6 +14,7 @@ formatter = pkgs.nixpkgs-fmt; devShellPackages = with pkgs; [ bat + bash cairo curl docker @@ -56,22 +57,22 @@ baseImage = pkgs.dockerTools.pullImage { imageName = "ubuntu"; imageDigest = "sha256:7a520eeb6c18bc6d32a21bb7edcf673a7830813c169645d51c949cecb62387d0"; - sha256 = "090zricz7n1kbphd7gwhvavj7m1j7bhh4aq3c3mrik5q8pxh4j58"; + sha256 = "1qa9nq3rir0wnhbs15mwbilzw530x7ih9pq5q1wv3axz44ap6dka"; finalImageName = "ubuntu"; finalImageTag = "lunar"; }; - dockerImage = pkgs.dockerTools.buildLayeredImage { + dockerImage = pkgs.dockerTools.streamLayeredImage { name = "dev-environment"; fromImage = baseImage; - contents = with pkgs; [ - terraform - ]; - # extraCommands = '' - # mv bin nixbin - # ln -s usr/bin bin - # ''; + extraCommands = '' + touch ./.wh.bin + ln -s usr/bin bin + ''; + config = { - # Env = [ "PATH=${pkgs.lib.makeBinPath devShellPackages}:$PATH" ]; + Env = [ + "PATH=${pkgs.lib.makeBinPath devShellPackages}:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin" + ]; Entrypoint = [ "/bin/bash" ]; }; }; From bc1643ae014a7e8bf55ba731b84b92cbd2e50977 Mon Sep 17 00:00:00 2001 From: Kyle Carberry Date: Mon, 14 Aug 2023 21:06:21 -0500 Subject: [PATCH 03/36] Uncomment testing lines --- .github/workflows/dogfood.yaml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/dogfood.yaml b/.github/workflows/dogfood.yaml index 9bbb8403d120e..fdec393eaa3d3 100644 --- a/.github/workflows/dogfood.yaml +++ b/.github/workflows/dogfood.yaml @@ -4,16 +4,16 @@ on: push: branches: - main + paths: + - "dogfood/**" + - ".github/workflows/dogfood.yaml" + # Uncomment these lines when testing with CI. + pull_request: paths: - "flake.nix" - "flake.lock" - "dogfood/**" - ".github/workflows/dogfood.yaml" - # Uncomment these lines when testing with CI. - # pull_request: - # paths: - # - "dogfood/**" - # - ".github/workflows/dogfood.yaml" workflow_dispatch: jobs: From 3d5836301ad8b972d650a3846bb50895035be51e Mon Sep 17 00:00:00 2001 From: Kyle Carberry Date: Mon, 14 Aug 2023 21:08:41 -0500 Subject: [PATCH 04/36] Trim image step --- .github/workflows/dogfood.yaml | 19 ++----------------- 1 file changed, 2 insertions(+), 17 deletions(-) diff --git a/.github/workflows/dogfood.yaml b/.github/workflows/dogfood.yaml index fdec393eaa3d3..a54c44156bdf9 100644 --- a/.github/workflows/dogfood.yaml +++ b/.github/workflows/dogfood.yaml @@ -20,23 +20,8 @@ jobs: deploy_image: runs-on: buildjet-4vcpu-ubuntu-2204 steps: - - name: Get branch name - id: branch-name - uses: tj-actions/branch-names@v6.5 - - - name: "Branch name to Docker tag name" - id: docker-tag-name - run: | - tag=${{ steps.branch-name.outputs.current_branch }} - # Replace / with --, e.g. user/feature => user--feature. - tag=${tag//\//--} - echo "tag=${tag}" >> $GITHUB_OUTPUT - - - name: Set up QEMU - uses: docker/setup-qemu-action@v2 - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + - name: Checkout + uses: actions/checkout@v3 - name: Login to DockerHub uses: docker/login-action@v2 From 3d7539d457e0d3d11ed15d914a25ec85ec63a552 Mon Sep 17 00:00:00 2001 From: Kyle Carberry Date: Mon, 14 Aug 2023 21:10:20 -0500 Subject: [PATCH 05/36] Hit 'em with a Docker load --- .github/workflows/dogfood.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dogfood.yaml b/.github/workflows/dogfood.yaml index a54c44156bdf9..e29427c86e4e8 100644 --- a/.github/workflows/dogfood.yaml +++ b/.github/workflows/dogfood.yaml @@ -34,7 +34,7 @@ jobs: github_access_token: ${{ secrets.GITHUB_TOKEN }} nix_path: nixpkgs=channel:nixos-unstable - - run: nix build .#devEnvironmentDocker | ./result + - run: nix build .#devEnvironmentDocker | ./result | docker load deploy_template: needs: deploy_image From faefce940799d6dfd3cac2514ec64b0544934ca2 Mon Sep 17 00:00:00 2001 From: Kyle Carberry Date: Mon, 14 Aug 2023 21:13:01 -0500 Subject: [PATCH 06/36] Oopsie! --- .github/workflows/dogfood.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dogfood.yaml b/.github/workflows/dogfood.yaml index e29427c86e4e8..444b684e6d907 100644 --- a/.github/workflows/dogfood.yaml +++ b/.github/workflows/dogfood.yaml @@ -34,7 +34,7 @@ jobs: github_access_token: ${{ secrets.GITHUB_TOKEN }} nix_path: nixpkgs=channel:nixos-unstable - - run: nix build .#devEnvironmentDocker | ./result | docker load + - run: nix build .#devEnvironmentDocker && ./result | docker load deploy_template: needs: deploy_image From 35b546c4d5f8d5b874709791d78525a58f2f2b6d Mon Sep 17 00:00:00 2001 From: Kyle Carberry Date: Mon, 14 Aug 2023 21:25:19 -0500 Subject: [PATCH 07/36] Add a tag and push! --- .github/workflows/dogfood.yaml | 4 +++- flake.nix | 3 ++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/.github/workflows/dogfood.yaml b/.github/workflows/dogfood.yaml index 444b684e6d907..28608e7a49428 100644 --- a/.github/workflows/dogfood.yaml +++ b/.github/workflows/dogfood.yaml @@ -34,7 +34,9 @@ jobs: github_access_token: ${{ secrets.GITHUB_TOKEN }} nix_path: nixpkgs=channel:nixos-unstable - - run: nix build .#devEnvironmentDocker && ./result | docker load + - run: nix build .#devEnvironmentDocker && ./result | docker load -q + + - run: docker push codercom/oss-dogfood:testing deploy_template: needs: deploy_image diff --git a/flake.nix b/flake.nix index a1410b10c3828..89303e2d757f7 100644 --- a/flake.nix +++ b/flake.nix @@ -62,7 +62,8 @@ finalImageTag = "lunar"; }; dockerImage = pkgs.dockerTools.streamLayeredImage { - name = "dev-environment"; + name = "codercom/dogfood-oss"; + tag = "testing"; fromImage = baseImage; extraCommands = '' touch ./.wh.bin From f87b9262cfa41e53b2d941dfc9556dfe5a34c5bf Mon Sep 17 00:00:00 2001 From: Kyle Carberry Date: Mon, 14 Aug 2023 21:27:51 -0500 Subject: [PATCH 08/36] =?UTF-8?q?Fix=20image=20name=20=F0=9F=A4=A6?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- flake.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flake.nix b/flake.nix index 89303e2d757f7..f1750ba4b641f 100644 --- a/flake.nix +++ b/flake.nix @@ -62,7 +62,7 @@ finalImageTag = "lunar"; }; dockerImage = pkgs.dockerTools.streamLayeredImage { - name = "codercom/dogfood-oss"; + name = "codercom/oss-dogfood"; tag = "testing"; fromImage = baseImage; extraCommands = '' From b8b476f394e7260b2e55f9d743e75adb26fa0eee Mon Sep 17 00:00:00 2001 From: Kyle Carberry Date: Tue, 15 Aug 2023 11:49:42 -0500 Subject: [PATCH 09/36] Fix sudo --- flake.nix | 49 ++++++++++++++++++++++++++++++++++++++++++------- 1 file changed, 42 insertions(+), 7 deletions(-) diff --git a/flake.nix b/flake.nix index f1750ba4b641f..754c553752343 100644 --- a/flake.nix +++ b/flake.nix @@ -22,6 +22,7 @@ exa getopt git + gnused go_1_20 go-migrate golangci-lint @@ -48,33 +49,67 @@ shellcheck shfmt sqlc + strace terraform typos yq zip zstd ]; - baseImage = pkgs.dockerTools.pullImage { + + # Start with an Ubuntu image! + baseDevEnvImage = pkgs.dockerTools.pullImage { imageName = "ubuntu"; imageDigest = "sha256:7a520eeb6c18bc6d32a21bb7edcf673a7830813c169645d51c949cecb62387d0"; sha256 = "1qa9nq3rir0wnhbs15mwbilzw530x7ih9pq5q1wv3axz44ap6dka"; finalImageName = "ubuntu"; finalImageTag = "lunar"; }; + # Build the image and modify it to have the "coder" user. + intermediateDevEnvImage = pkgs.dockerTools.buildImage { + name = "intermediate"; + fromImage = baseDevEnvImage; + # This replaces the "ubuntu" user with "coder" and + # gives it sudo privileges! + runAsRoot = '' + #!${pkgs.runtimeShell} + ${pkgs.dockerTools.shadowSetup} + userdel ubuntu + useradd coder \ + --create-home \ + --shell=/bin/bash \ + --uid=1000 \ + --user-group + cat > /etc/pam.d/other < /etc/sudoers + cp ${pkgs.sudo}/bin/sudo /usr/bin/sudo + chmod 4755 /usr/bin/sudo + ''; + }; dockerImage = pkgs.dockerTools.streamLayeredImage { name = "codercom/oss-dogfood"; tag = "testing"; - fromImage = baseImage; - extraCommands = '' - touch ./.wh.bin - ln -s usr/bin bin - ''; + fromImage = builtImage; config = { Env = [ - "PATH=${pkgs.lib.makeBinPath devShellPackages}:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin" + "PATH=${pkgs.lib.makeBinPath devShellPackages}:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/home/coder/go/bin" + #This setting prevents Go from using the public checksum database for + # our module path prefixes. It is required because these are in private + # repositories that require authentication. + # + # For details, see: https://golang.org/ref/mod#private-modules + "GOPRIVATE=coder.com,cdr.dev,go.coder.com,github.com/cdr,github.com/coder" + # Increase memory allocation to NodeJS + "NODE_OPTIONS=--max_old_space_size=8192" ]; Entrypoint = [ "/bin/bash" ]; + User = "coder"; }; }; in From 43d8174025e8dfa6093fd886c8ca69ef589dffbe Mon Sep 17 00:00:00 2001 From: Kyle Carberry Date: Tue, 15 Aug 2023 11:54:00 -0500 Subject: [PATCH 10/36] Fix target name --- flake.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.nix b/flake.nix index 754c553752343..a0a4bcee9be0c 100644 --- a/flake.nix +++ b/flake.nix @@ -91,10 +91,10 @@ chmod 4755 /usr/bin/sudo ''; }; - dockerImage = pkgs.dockerTools.streamLayeredImage { + devEnvImage = pkgs.dockerTools.streamLayeredImage { name = "codercom/oss-dogfood"; tag = "testing"; - fromImage = builtImage; + fromImage = intermediateDevEnvImage; config = { Env = [ @@ -115,7 +115,7 @@ in { packages = { - devEnvironmentDocker = dockerImage; + devEnvironmentDocker = devEnvImage; # other packages you want to define for this system }; defaultPackage = formatter; # or replace it with your desired default package. From c058bccf49b82c0e8eacf920840a12ff97fb304f Mon Sep 17 00:00:00 2001 From: Kyle Carberry Date: Tue, 15 Aug 2023 12:31:40 -0500 Subject: [PATCH 11/36] Build and push --- .github/workflows/dogfood.yaml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/.github/workflows/dogfood.yaml b/.github/workflows/dogfood.yaml index 28608e7a49428..3f97b5257441d 100644 --- a/.github/workflows/dogfood.yaml +++ b/.github/workflows/dogfood.yaml @@ -34,9 +34,7 @@ jobs: github_access_token: ${{ secrets.GITHUB_TOKEN }} nix_path: nixpkgs=channel:nixos-unstable - - run: nix build .#devEnvironmentDocker && ./result | docker load -q - - - run: docker push codercom/oss-dogfood:testing + - run: nix build .#devEnvironmentDocker && ./result | skopeo --insecure-policy copy docker-archive:/dev/stdin docker://codercom/oss-dogfood:testing deploy_template: needs: deploy_image From 2895f39dac1f84ad48b55af03111018ae84daf51 Mon Sep 17 00:00:00 2001 From: Kyle Carberry Date: Tue, 15 Aug 2023 12:58:32 -0500 Subject: [PATCH 12/36] Fix login to docker hub --- .github/workflows/dogfood.yaml | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/.github/workflows/dogfood.yaml b/.github/workflows/dogfood.yaml index 3f97b5257441d..f82fc199d40c8 100644 --- a/.github/workflows/dogfood.yaml +++ b/.github/workflows/dogfood.yaml @@ -23,11 +23,11 @@ jobs: - name: Checkout uses: actions/checkout@v3 - - name: Login to DockerHub - uses: docker/login-action@v2 - with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_PASSWORD }} + - run: skopeo login docker.io -u $DOCKERHUB_USERNAME -p $DOCKERHUB_PASSWORD + env: + DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }} + DOCKERHUB_PASSWORD: ${{ secrets.DOCKERHUB_PASSWORD }} + REGISTRY_AUTH_FILE: ~/.auth.json - uses: cachix/install-nix-action@v22 with: @@ -35,6 +35,8 @@ jobs: nix_path: nixpkgs=channel:nixos-unstable - run: nix build .#devEnvironmentDocker && ./result | skopeo --insecure-policy copy docker-archive:/dev/stdin docker://codercom/oss-dogfood:testing + env: + REGISTRY_AUTH_FILE: ~/.auth.json deploy_template: needs: deploy_image From 6496df8ffca4cba3047662a06eff30cd372a4a74 Mon Sep 17 00:00:00 2001 From: Kyle Carberry Date: Tue, 15 Aug 2023 13:26:01 -0500 Subject: [PATCH 13/36] Revert to Docker push --- .github/workflows/dogfood.yaml | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/.github/workflows/dogfood.yaml b/.github/workflows/dogfood.yaml index f82fc199d40c8..687e51ca41cd7 100644 --- a/.github/workflows/dogfood.yaml +++ b/.github/workflows/dogfood.yaml @@ -23,20 +23,20 @@ jobs: - name: Checkout uses: actions/checkout@v3 - - run: skopeo login docker.io -u $DOCKERHUB_USERNAME -p $DOCKERHUB_PASSWORD - env: - DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }} - DOCKERHUB_PASSWORD: ${{ secrets.DOCKERHUB_PASSWORD }} - REGISTRY_AUTH_FILE: ~/.auth.json - - uses: cachix/install-nix-action@v22 with: github_access_token: ${{ secrets.GITHUB_TOKEN }} nix_path: nixpkgs=channel:nixos-unstable - - run: nix build .#devEnvironmentDocker && ./result | skopeo --insecure-policy copy docker-archive:/dev/stdin docker://codercom/oss-dogfood:testing - env: - REGISTRY_AUTH_FILE: ~/.auth.json + - run: nix build .#devEnvironmentDocker && ./result | docker load + + - name: Login to DockerHub + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_PASSWORD }} + + - run: docker push codercom/oss-dogfood:testing deploy_template: needs: deploy_image From b9fb2252d59be7e2f9861f7f6eb94e6e0158c633 Mon Sep 17 00:00:00 2001 From: Kyle Carberry Date: Thu, 17 Aug 2023 12:39:21 -0500 Subject: [PATCH 14/36] Fix PATH --- flake.nix | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/flake.nix b/flake.nix index a0a4bcee9be0c..98a7d5b84f946 100644 --- a/flake.nix +++ b/flake.nix @@ -52,6 +52,7 @@ strace terraform typos + vim yq zip zstd @@ -61,7 +62,7 @@ baseDevEnvImage = pkgs.dockerTools.pullImage { imageName = "ubuntu"; imageDigest = "sha256:7a520eeb6c18bc6d32a21bb7edcf673a7830813c169645d51c949cecb62387d0"; - sha256 = "1qa9nq3rir0wnhbs15mwbilzw530x7ih9pq5q1wv3axz44ap6dka"; + sha256 = "qEgC+0W4zJjrYAMrAuE6MtQjt9qQv9PgXTPY81nMHyQ="; finalImageName = "ubuntu"; finalImageTag = "lunar"; }; @@ -91,14 +92,24 @@ chmod 4755 /usr/bin/sudo ''; }; + devEnvPath = "PATH=${pkgs.lib.makeBinPath devShellPackages}:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/home/coder/go/bin"; devEnvImage = pkgs.dockerTools.streamLayeredImage { name = "codercom/oss-dogfood"; tag = "testing"; fromImage = intermediateDevEnvImage; + contents = [ + ( + pkgs.writeTextDir + "etc/environment" + '' + ${devEnvPath} + '' + ) + ]; config = { Env = [ - "PATH=${pkgs.lib.makeBinPath devShellPackages}:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/home/coder/go/bin" + devEnvPath #This setting prevents Go from using the public checksum database for # our module path prefixes. It is required because these are in private # repositories that require authentication. From 2f35e09f45e5b4573a10db07d4f7eede56bcfcdc Mon Sep 17 00:00:00 2001 From: Kyle Carberry Date: Thu, 17 Aug 2023 12:41:27 -0500 Subject: [PATCH 15/36] Fix SHA --- flake.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flake.nix b/flake.nix index 98a7d5b84f946..e09c8dd707985 100644 --- a/flake.nix +++ b/flake.nix @@ -62,7 +62,7 @@ baseDevEnvImage = pkgs.dockerTools.pullImage { imageName = "ubuntu"; imageDigest = "sha256:7a520eeb6c18bc6d32a21bb7edcf673a7830813c169645d51c949cecb62387d0"; - sha256 = "qEgC+0W4zJjrYAMrAuE6MtQjt9qQv9PgXTPY81nMHyQ="; + sha256 = "ajZzFSG/q7F5wAXfBOPpYBT+aVy8lqAXtBzkmAe2SeE="; finalImageName = "ubuntu"; finalImageTag = "lunar"; }; From 0e910b1318ae61fa9e64af3eb56da7b4f6f2f5d5 Mon Sep 17 00:00:00 2001 From: Kyle Carberry Date: Thu, 17 Aug 2023 12:47:13 -0500 Subject: [PATCH 16/36] Fix ca certs --- flake.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/flake.nix b/flake.nix index e09c8dd707985..078e01d4d6a64 100644 --- a/flake.nix +++ b/flake.nix @@ -88,6 +88,7 @@ session required pam_unix.so EOF echo "coder ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers + cp -r ${pkgs.cacert}/etc/ssl /etc/ssl cp ${pkgs.sudo}/bin/sudo /usr/bin/sudo chmod 4755 /usr/bin/sudo ''; From 467918a33b7bf6b7311a37361215020be2ed303a Mon Sep 17 00:00:00 2001 From: Kyle Carberry Date: Thu, 17 Aug 2023 13:01:27 -0500 Subject: [PATCH 17/36] Fix ca certs --- flake.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/flake.nix b/flake.nix index 078e01d4d6a64..d72160d6f86e6 100644 --- a/flake.nix +++ b/flake.nix @@ -88,7 +88,8 @@ session required pam_unix.so EOF echo "coder ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers - cp -r ${pkgs.cacert}/etc/ssl /etc/ssl + mkdir -p /etc/ssl/certs + cp -r ${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt /etc/ssl/certs/ca-certificates.crt cp ${pkgs.sudo}/bin/sudo /usr/bin/sudo chmod 4755 /usr/bin/sudo ''; From e6ec959d3c6bf633dd5460d4aa75360272fae0d4 Mon Sep 17 00:00:00 2001 From: Kyle Carberry Date: Thu, 17 Aug 2023 13:28:14 -0500 Subject: [PATCH 18/36] Fix coping files in --- flake.nix | 33 ++++++++++++++++++++------------- 1 file changed, 20 insertions(+), 13 deletions(-) diff --git a/flake.nix b/flake.nix index d72160d6f86e6..92226701b3434 100644 --- a/flake.nix +++ b/flake.nix @@ -81,32 +81,39 @@ --shell=/bin/bash \ --uid=1000 \ --user-group - cat > /etc/pam.d/other < $out/etc/environment + + mkdir -p $out/etc/systemd/system + cp ${pkgs.docker}/etc/systemd/system/docker.service $out/etc/systemd/system/ + echo "coder ALL=(ALL) NOPASSWD:ALL" > $out/etc/sudoers + mkdir -p $out/etc/pam.d + cat > $out/etc/pam.d/other < /etc/sudoers - mkdir -p /etc/ssl/certs - cp -r ${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt /etc/ssl/certs/ca-certificates.crt - cp ${pkgs.sudo}/bin/sudo /usr/bin/sudo - chmod 4755 /usr/bin/sudo + mkdir -p $out/etc/ssl/certs + cp -r ${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt $out/etc/ssl/certs/ca-certificates.crt ''; }; + devEnvPath = "PATH=${pkgs.lib.makeBinPath devShellPackages}:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/home/coder/go/bin"; devEnvImage = pkgs.dockerTools.streamLayeredImage { name = "codercom/oss-dogfood"; tag = "testing"; fromImage = intermediateDevEnvImage; contents = [ - ( - pkgs.writeTextDir - "etc/environment" - '' - ${devEnvPath} - '' - ) + customFiles ]; config = { From 6890ee727375f2650b8ad330790247e57b5c45a0 Mon Sep 17 00:00:00 2001 From: Kyle Carberry Date: Thu, 17 Aug 2023 13:56:22 -0500 Subject: [PATCH 19/36] Fix docker init --- flake.nix | 47 +++++++++++++++++++++++------------------------ 1 file changed, 23 insertions(+), 24 deletions(-) diff --git a/flake.nix b/flake.nix index 92226701b3434..3f7f29c52ffa8 100644 --- a/flake.nix +++ b/flake.nix @@ -85,36 +85,35 @@ chmod 4755 /usr/bin/sudo ''; }; - customFiles = pkgs.stdenv.mkDerivation { - name = "custom-env"; - phases = [ "installPhase" ]; - installPhase = '' - mkdir -p $out/etc - echo ${devEnvPath} > $out/etc/environment - - mkdir -p $out/etc/systemd/system - cp ${pkgs.docker}/etc/systemd/system/docker.service $out/etc/systemd/system/ - echo "coder ALL=(ALL) NOPASSWD:ALL" > $out/etc/sudoers - mkdir -p $out/etc/pam.d - cat > $out/etc/pam.d/other < etc/environment + + mkdir -p etc/init.d + cp ${dockerDebianInit}/contrib/init/sysvinit-debian/docker etc/init.d/docker + echo "coder ALL=(ALL) NOPASSWD:ALL" >etc/sudoers + mkdir -p etc/pam.d + cat > etc/pam.d/other < Date: Thu, 17 Aug 2023 14:09:43 -0500 Subject: [PATCH 20/36] Fix Docker group and init --- flake.lock | 6 +++--- flake.nix | 7 ++++++- 2 files changed, 9 insertions(+), 4 deletions(-) diff --git a/flake.lock b/flake.lock index 79d823fd527c6..437d8fa38b19a 100644 --- a/flake.lock +++ b/flake.lock @@ -70,11 +70,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1690179384, - "narHash": "sha256-+arbgqFTAtoeKtepW9wCnA0njCOyoiDFyl0Q0SBSOtE=", + "lastModified": 1692174805, + "narHash": "sha256-xmNPFDi/AUMIxwgOH/IVom55Dks34u1g7sFKKebxUm0=", "owner": "nixos", "repo": "nixpkgs", - "rev": "b12803b6d90e2e583429bb79b859ca53c348b39a", + "rev": "caac0eb6bdcad0b32cb2522e03e4002c8975c62e", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 3f7f29c52ffa8..0362e22340e3f 100644 --- a/flake.nix +++ b/flake.nix @@ -76,11 +76,13 @@ #!${pkgs.runtimeShell} ${pkgs.dockerTools.shadowSetup} userdel ubuntu + groupadd docker useradd coder \ --create-home \ --shell=/bin/bash \ --uid=1000 \ - --user-group + --user-group \ + --groups docker cp ${pkgs.sudo}/bin/sudo /usr/bin/sudo chmod 4755 /usr/bin/sudo ''; @@ -97,10 +99,13 @@ name = "codercom/oss-dogfood"; tag = "testing"; fromImage = intermediateDevEnvImage; + maxLayers = 64; extraCommands = '' mkdir -p etc echo ${devEnvPath} > etc/environment + mkdir -p etc/default + echo 'DOCKERD=${pkgs.docker}/bin/dockerd' > etc/default/docker mkdir -p etc/init.d cp ${dockerDebianInit}/contrib/init/sysvinit-debian/docker etc/init.d/docker echo "coder ALL=(ALL) NOPASSWD:ALL" >etc/sudoers From 6b4578c18745c8f00086e8bd4b00234ecd2eb659 Mon Sep 17 00:00:00 2001 From: Kyle Carberry Date: Thu, 17 Aug 2023 17:15:59 -0500 Subject: [PATCH 21/36] Add comments to our Nix --- flake.nix | 112 ++++++++++++++++++++++++++++++++++-------------------- 1 file changed, 70 insertions(+), 42 deletions(-) diff --git a/flake.nix b/flake.nix index 0362e22340e3f..dfc6aaa96a6fa 100644 --- a/flake.nix +++ b/flake.nix @@ -58,7 +58,8 @@ zstd ]; - # Start with an Ubuntu image! + # This is the base image for our Docker container used for development. + # Use `nix-prefetch-docker ubuntu --arch amd64 --image-tag lunar` to get this. baseDevEnvImage = pkgs.dockerTools.pullImage { imageName = "ubuntu"; imageDigest = "sha256:7a520eeb6c18bc6d32a21bb7edcf673a7830813c169645d51c949cecb62387d0"; @@ -66,12 +67,12 @@ finalImageName = "ubuntu"; finalImageTag = "lunar"; }; - # Build the image and modify it to have the "coder" user. + # This is an intermediate stage that adds sudo with the setuid bit set. + # Nix doesn't allow setuid binaries in the store, so we have to do this + # in a separate stage. intermediateDevEnvImage = pkgs.dockerTools.buildImage { name = "intermediate"; fromImage = baseDevEnvImage; - # This replaces the "ubuntu" user with "coder" and - # gives it sudo privileges! runAsRoot = '' #!${pkgs.runtimeShell} ${pkgs.dockerTools.shadowSetup} @@ -83,55 +84,83 @@ --uid=1000 \ --user-group \ --groups docker - cp ${pkgs.sudo}/bin/sudo /usr/bin/sudo - chmod 4755 /usr/bin/sudo + cp ${pkgs.sudo}/bin/sudo usr/bin/sudo + chmod 4755 usr/bin/sudo + mkdir -p /etc/init.d ''; }; - - devEnvPath = "PATH=${pkgs.lib.makeBinPath devShellPackages}:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/home/coder/go/bin"; - dockerDebianInit = pkgs.fetchFromGitHub { - owner = "moby"; - repo = "moby"; - rev = "ae737656f9817fbd5afab96aa083754cfb81aab0"; - sha256 = "sha256-oS3WplsxhKHCuHwL4/ytsCNJ1N/SZhlUZmzZTf81AoE="; - }; + # Environment variables that live in `/etc/environment` in the container. + # These will also be applied to the container config. + devEnvVars = [ + "PATH=${pkgs.lib.makeBinPath devShellPackages}:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/home/coder/go/bin" + #This setting prevents Go from using the public checksum database for + # our module path prefixes. It is required because these are in private + # repositories that require authentication. + # + # For details, see: https://golang.org/ref/mod#private-modules + "GOPRIVATE=coder.com,cdr.dev,go.coder.com,github.com/cdr,github.com/coder" + # Increase memory allocation to NodeJS + "NODE_OPTIONS=--max_old_space_size=8192" + ]; + # Builds a layered image with all the tools included! devEnvImage = pkgs.dockerTools.streamLayeredImage { name = "codercom/oss-dogfood"; tag = "testing"; fromImage = intermediateDevEnvImage; maxLayers = 64; - extraCommands = '' - mkdir -p etc - echo ${devEnvPath} > etc/environment - - mkdir -p etc/default - echo 'DOCKERD=${pkgs.docker}/bin/dockerd' > etc/default/docker - mkdir -p etc/init.d - cp ${dockerDebianInit}/contrib/init/sysvinit-debian/docker etc/init.d/docker - echo "coder ALL=(ALL) NOPASSWD:ALL" >etc/sudoers - mkdir -p etc/pam.d - cat > etc/pam.d/other < Date: Thu, 17 Aug 2023 17:21:30 -0500 Subject: [PATCH 22/36] Fix build stage --- .github/workflows/dogfood.yaml | 2 +- flake.nix | 12 +++++++++++- 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/.github/workflows/dogfood.yaml b/.github/workflows/dogfood.yaml index 687e51ca41cd7..cc2c0d620503f 100644 --- a/.github/workflows/dogfood.yaml +++ b/.github/workflows/dogfood.yaml @@ -28,7 +28,7 @@ jobs: github_access_token: ${{ secrets.GITHUB_TOKEN }} nix_path: nixpkgs=channel:nixos-unstable - - run: nix build .#devEnvironmentDocker && ./result | docker load + - run: nix build .#devEnvImage && ./result | docker load - name: Login to DockerHub uses: docker/login-action@v2 diff --git a/flake.nix b/flake.nix index dfc6aaa96a6fa..f010a9aefdf1f 100644 --- a/flake.nix +++ b/flake.nix @@ -101,8 +101,12 @@ "GOPRIVATE=coder.com,cdr.dev,go.coder.com,github.com/cdr,github.com/coder" # Increase memory allocation to NodeJS "NODE_OPTIONS=--max_old_space_size=8192" + "TERM=xterm-256color" ]; - # Builds a layered image with all the tools included! + # Builds our development environment image with all the tools included. + # Using Nix instead of Docker is **significantly** faster. This _build_ + # doesn't really build anything, it just copies pre-built binaries into + # a container and adds them to the $PATH. devEnvImage = pkgs.dockerTools.streamLayeredImage { name = "codercom/oss-dogfood"; tag = "testing"; @@ -128,6 +132,12 @@ session required pam_unix.so '' ) + # The default Nix config! + ( + pkgs.writeTextDir "etc/nix/nix.conf" '' + experimental-features = nix-command flakes + '' + ) # This is the debian script for managing Docker with `sudo service docker ...`. ( pkgs.writeTextFile { From 3437e07631153792582450a5d409d766d6acc365 Mon Sep 17 00:00:00 2001 From: Kyle Carberry Date: Thu, 17 Aug 2023 17:27:15 -0500 Subject: [PATCH 23/36] Add some more comments --- flake.nix | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/flake.nix b/flake.nix index f010a9aefdf1f..797f326702e69 100644 --- a/flake.nix +++ b/flake.nix @@ -12,6 +12,8 @@ let pkgs = nixpkgs.legacyPackages.${system}; formatter = pkgs.nixpkgs-fmt; + # Check in https://search.nixos.org/packages to find new packages. + # Use `nix flake update` to update the lock file if packages are out-of-date. devShellPackages = with pkgs; [ bat bash @@ -107,6 +109,10 @@ # Using Nix instead of Docker is **significantly** faster. This _build_ # doesn't really build anything, it just copies pre-built binaries into # a container and adds them to the $PATH. + # + # To test changes and iterate on this, you can run: + # > nix build .#devEnvImage && ./result | docker load + # This will import the image into your local Docker daemon. devEnvImage = pkgs.dockerTools.streamLayeredImage { name = "codercom/oss-dogfood"; tag = "testing"; From aed76a8469e020e1ec5fac36915c950f09717000 Mon Sep 17 00:00:00 2001 From: Kyle Carberry Date: Thu, 17 Aug 2023 17:28:33 -0500 Subject: [PATCH 24/36] Remove old dogfood image files --- .gitignore | 3 + dogfood/Dockerfile | 348 ------------------ dogfood/Makefile | 10 - .../files/etc/apt/apt.conf.d/80-no-recommends | 6 - dogfood/files/etc/apt/apt.conf.d/80-retries | 1 - dogfood/files/etc/apt/preferences.d/docker | 19 - .../files/etc/apt/preferences.d/github-cli | 8 - .../files/etc/apt/preferences.d/google-chrome | 16 - .../files/etc/apt/preferences.d/google-cloud | 19 - dogfood/files/etc/apt/preferences.d/hashicorp | 14 - .../etc/apt/preferences.d/microsoft-edge | 12 - .../files/etc/apt/preferences.d/nodesource | 9 - dogfood/files/etc/apt/preferences.d/ppa | 19 - dogfood/files/etc/apt/preferences.d/yarnpkg | 9 - dogfood/files/etc/apt/sources.list | 3 - .../files/etc/apt/sources.list.d/docker.list | 1 - .../etc/apt/sources.list.d/google-chrome.list | 1 - .../etc/apt/sources.list.d/google-cloud.list | 1 - .../etc/apt/sources.list.d/hashicorp.list | 1 - .../apt/sources.list.d/microsoft-edge.list | 1 - .../etc/apt/sources.list.d/nodesource.list | 1 - .../etc/apt/sources.list.d/postgresql.list | 1 - dogfood/files/etc/apt/sources.list.d/ppa.list | 2 - .../etc/apt/sources.list.d/security.list | 1 - .../files/etc/apt/sources.list.d/yarnpkg.list | 1 - dogfood/files/etc/default/google-chrome | 4 - dogfood/files/etc/default/microsoft-edge-beta | 4 - dogfood/files/etc/docker/daemon.json | 3 - dogfood/files/etc/sudoers.d/nopasswd | 1 - dogfood/files/usr/share/keyrings/ansible.gpg | Bin 1132 -> 0 bytes dogfood/files/usr/share/keyrings/docker.gpg | Bin 2760 -> 0 bytes .../files/usr/share/keyrings/github-cli.gpg | Bin 2270 -> 0 bytes .../usr/share/keyrings/google-chrome.gpg | Bin 10640 -> 0 bytes .../files/usr/share/keyrings/google-cloud.gpg | Bin 1210 -> 0 bytes .../files/usr/share/keyrings/hashicorp.gpg | Bin 2879 -> 0 bytes .../files/usr/share/keyrings/microsoft.gpg | Bin 641 -> 0 bytes dogfood/files/usr/share/keyrings/neovim.gpg | Bin 1134 -> 0 bytes .../files/usr/share/keyrings/nodesource.gpg | Bin 2206 -> 0 bytes .../files/usr/share/keyrings/postgresql.gpg | Bin 3494 -> 0 bytes dogfood/files/usr/share/keyrings/yarnpkg.gpg | Bin 10365 -> 0 bytes dogfood/update-keys.sh | 62 ---- 41 files changed, 3 insertions(+), 578 deletions(-) delete mode 100644 dogfood/Dockerfile delete mode 100644 dogfood/Makefile delete mode 100644 dogfood/files/etc/apt/apt.conf.d/80-no-recommends delete mode 100644 dogfood/files/etc/apt/apt.conf.d/80-retries delete mode 100644 dogfood/files/etc/apt/preferences.d/docker delete mode 100644 dogfood/files/etc/apt/preferences.d/github-cli delete mode 100644 dogfood/files/etc/apt/preferences.d/google-chrome delete mode 100644 dogfood/files/etc/apt/preferences.d/google-cloud delete mode 100644 dogfood/files/etc/apt/preferences.d/hashicorp delete mode 100644 dogfood/files/etc/apt/preferences.d/microsoft-edge delete mode 100644 dogfood/files/etc/apt/preferences.d/nodesource delete mode 100644 dogfood/files/etc/apt/preferences.d/ppa delete mode 100644 dogfood/files/etc/apt/preferences.d/yarnpkg delete mode 100644 dogfood/files/etc/apt/sources.list delete mode 100644 dogfood/files/etc/apt/sources.list.d/docker.list delete mode 100644 dogfood/files/etc/apt/sources.list.d/google-chrome.list delete mode 100644 dogfood/files/etc/apt/sources.list.d/google-cloud.list delete mode 100644 dogfood/files/etc/apt/sources.list.d/hashicorp.list delete mode 100644 dogfood/files/etc/apt/sources.list.d/microsoft-edge.list delete mode 100644 dogfood/files/etc/apt/sources.list.d/nodesource.list delete mode 100644 dogfood/files/etc/apt/sources.list.d/postgresql.list delete mode 100644 dogfood/files/etc/apt/sources.list.d/ppa.list delete mode 100644 dogfood/files/etc/apt/sources.list.d/security.list delete mode 100644 dogfood/files/etc/apt/sources.list.d/yarnpkg.list delete mode 100644 dogfood/files/etc/default/google-chrome delete mode 100644 dogfood/files/etc/default/microsoft-edge-beta delete mode 100644 dogfood/files/etc/docker/daemon.json delete mode 100644 dogfood/files/etc/sudoers.d/nopasswd delete mode 100644 dogfood/files/usr/share/keyrings/ansible.gpg delete mode 100644 dogfood/files/usr/share/keyrings/docker.gpg delete mode 100644 dogfood/files/usr/share/keyrings/github-cli.gpg delete mode 100644 dogfood/files/usr/share/keyrings/google-chrome.gpg delete mode 100644 dogfood/files/usr/share/keyrings/google-cloud.gpg delete mode 100644 dogfood/files/usr/share/keyrings/hashicorp.gpg delete mode 100644 dogfood/files/usr/share/keyrings/microsoft.gpg delete mode 100644 dogfood/files/usr/share/keyrings/neovim.gpg delete mode 100644 dogfood/files/usr/share/keyrings/nodesource.gpg delete mode 100644 dogfood/files/usr/share/keyrings/postgresql.gpg delete mode 100644 dogfood/files/usr/share/keyrings/yarnpkg.gpg delete mode 100755 dogfood/update-keys.sh diff --git a/.gitignore b/.gitignore index b22db03c2089e..16c4b9a7aef94 100644 --- a/.gitignore +++ b/.gitignore @@ -61,3 +61,6 @@ site/stats/ ./scaletest/terraform/.terraform.lock.hcl scaletest/terraform/secrets.tfvars .terraform.tfstate.* + +# Nix +result diff --git a/dogfood/Dockerfile b/dogfood/Dockerfile deleted file mode 100644 index f269962369ef9..0000000000000 --- a/dogfood/Dockerfile +++ /dev/null @@ -1,348 +0,0 @@ -FROM rust:slim AS rust-utils -# Install rust helper programs -# ENV CARGO_NET_GIT_FETCH_WITH_CLI=true -ENV CARGO_INSTALL_ROOT=/tmp/ -RUN cargo install exa bat ripgrep typos-cli watchexec-cli - -FROM ubuntu:jammy AS go - -RUN apt-get update && apt-get install --yes curl gcc -# Install Go manually, so that we can control the version -ARG GO_VERSION=1.20.7 -RUN mkdir --parents /usr/local/go - -# Boring Go is needed to build FIPS-compliant binaries. -RUN curl --silent --show-error --location \ - "https://go.dev/dl/go${GO_VERSION}.linux-amd64.tar.gz" \ - -o /usr/local/go.tar.gz - -RUN tar --extract --gzip --directory=/usr/local/go --file=/usr/local/go.tar.gz --strip-components=1 - -ENV PATH=$PATH:/usr/local/go/bin - -# Install Go utilities. -ARG GOPATH="/tmp/" -RUN mkdir --parents "$GOPATH" && \ - # moq for Go tests. - go install github.com/matryer/moq@v0.2.3 && \ - # swag for Swagger doc generation - go install github.com/swaggo/swag/cmd/swag@v1.7.4 && \ - # go-swagger tool to generate the go coder api client - go install github.com/go-swagger/go-swagger/cmd/swagger@v0.28.0 && \ - # goimports for updating imports - go install golang.org/x/tools/cmd/goimports@v0.1.7 && \ - # protoc-gen-go is needed to build sysbox from source - go install google.golang.org/protobuf/cmd/protoc-gen-go@v1.30 && \ - # drpc support for v2 - go install storj.io/drpc/cmd/protoc-gen-go-drpc@v0.0.33 && \ - # migrate for migration support for v2 - go install github.com/golang-migrate/migrate/v4/cmd/migrate@v4.15.1 && \ - # goreleaser for compiling v2 binaries - go install github.com/goreleaser/goreleaser@v1.6.1 && \ - # Install the latest version of gopls for editors that support - # the language server protocol - go install golang.org/x/tools/gopls@latest && \ - # gotestsum makes test output more readable - go install gotest.tools/gotestsum@v1.9.0 && \ - # goveralls collects code coverage metrics from tests - # and sends to Coveralls - go install github.com/mattn/goveralls@v0.0.11 && \ - # kind for running Kubernetes-in-Docker, needed for tests - go install sigs.k8s.io/kind@v0.10.0 && \ - # helm-docs generates our Helm README based on a template and the - # charts and values files - go install github.com/norwoodj/helm-docs/cmd/helm-docs@v1.5.0 && \ - # sqlc for Go code generation - go install github.com/kyleconroy/sqlc/cmd/sqlc@v1.19.1 && \ - # gcr-cleaner-cli used by CI to prune unused images - go install github.com/sethvargo/gcr-cleaner/cmd/gcr-cleaner-cli@v0.5.1 && \ - # ruleguard for checking custom rules, without needing to run all of - # golangci-lint. Check the go.mod in the release of golangci-lint that - # we're using for the version of go-critic that it embeds, then check - # the version of ruleguard in go-critic for that tag. - go install github.com/quasilyte/go-ruleguard/cmd/ruleguard@v0.3.13 && \ - # go-fuzz for fuzzy testing. they don't publish releases so we rely on latest. - go install github.com/dvyukov/go-fuzz/go-fuzz@latest && \ - go install github.com/dvyukov/go-fuzz/go-fuzz-build@latest && \ - # go-releaser for building 'fat binaries' that work cross-platform - go install github.com/goreleaser/goreleaser@v1.6.1 && \ - go install mvdan.cc/sh/v3/cmd/shfmt@latest && \ - # nfpm is used with `make build` to make release packages - go install github.com/goreleaser/nfpm/v2/cmd/nfpm@v2.16.0 && \ - # yq v4 is used to process yaml files in coder v2. Conflicts with - # yq v3 used in v1. - go install github.com/mikefarah/yq/v4@v4.30.6 && \ - mv /tmp/bin/yq /tmp/bin/yq4 && \ - go install github.com/golang/mock/mockgen@v1.6.0 - -FROM gcr.io/coder-dev-1/alpine:3.18 as proto -WORKDIR /tmp -RUN apk add curl unzip -RUN curl -L -o protoc.zip https://github.com/protocolbuffers/protobuf/releases/download/v23.3/protoc-23.3-linux-x86_64.zip -RUN unzip protoc.zip - -FROM ubuntu:jammy - -SHELL ["/bin/bash", "-c"] - -# Updated certificates are necessary to use the teraswitch mirror. -# This must be ran before copying in configuration since the config replaces -# the default mirror with teraswitch. -RUN apt-get update && apt-get install --yes ca-certificates - -COPY files / - -# Install packages from apt repositories -ARG DEBIAN_FRONTEND="noninteractive" - -RUN apt-get update --quiet && apt-get install --yes \ - apt-transport-https \ - apt-utils \ - bash \ - bash-completion \ - bats \ - bind9-dnsutils \ - build-essential \ - ca-certificates \ - cmake \ - crypto-policies \ - curl \ - fd-find \ - file \ - git \ - gnupg \ - graphviz \ - htop \ - httpie \ - inetutils-tools \ - iproute2 \ - iputils-ping \ - iputils-tracepath \ - jq \ - language-pack-en \ - less \ - lsb-release \ - man \ - meld \ - net-tools \ - openjdk-11-jdk-headless \ - openssh-server \ - openssl \ - libssl-dev \ - pkg-config \ - python3 \ - python3-pip \ - rsync \ - shellcheck \ - strace \ - sudo \ - tcptraceroute \ - termshark \ - traceroute \ - vim \ - wget \ - xauth \ - zip \ - ncdu \ - cargo \ - asciinema \ - zsh \ - ansible \ - neovim \ - google-cloud-sdk \ - google-cloud-sdk-datastore-emulator \ - kubectl \ - postgresql-13 \ - containerd.io \ - docker-ce \ - docker-ce-cli \ - docker-compose-plugin \ - packer \ - terraform \ - fish \ - unzip \ - zstd \ - screen \ - gettext-base && \ - # Delete package cache to avoid consuming space in layer - apt-get clean && \ - # Configure FIPS-compliant policies - update-crypto-policies --set FIPS - -# Install the docker buildx component. -RUN DOCKER_BUILDX_VERSION=$(curl -s "https://api.github.com/repos/docker/buildx/releases/latest" | grep '"tag_name":' | sed -E 's/.*"(v[^"]+)".*/\1/') && \ - mkdir -p /usr/local/lib/docker/cli-plugins && \ - curl -Lo /usr/local/lib/docker/cli-plugins/docker-buildx "https://github.com/docker/buildx/releases/download/${DOCKER_BUILDX_VERSION}/buildx-${DOCKER_BUILDX_VERSION}.linux-amd64" && \ - chmod a+x /usr/local/lib/docker/cli-plugins/docker-buildx - -# See https://github.com/cli/cli/issues/6175#issuecomment-1235984381 for proof -# the apt repository is unreliable -RUN GH_CLI_VERSION=$(curl -s "https://api.github.com/repos/cli/cli/releases/latest" | grep '"tag_name":' | sed -E 's/.*"v([^"]+)".*/\1/') && \ - curl -L https://github.com/cli/cli/releases/download/v${GH_CLI_VERSION}/gh_${GH_CLI_VERSION}_linux_amd64.deb -o gh.deb && \ - dpkg -i gh.deb && \ - rm gh.deb - -# Install Lazygit -# See https://github.com/jesseduffield/lazygit#ubuntu -RUN LAZYGIT_VERSION=$(curl -s "https://api.github.com/repos/jesseduffield/lazygit/releases/latest" | grep '"tag_name":' | sed -E 's/.*"v*([^"]+)".*/\1/') && \ - curl -Lo lazygit.tar.gz "https://github.com/jesseduffield/lazygit/releases/latest/download/lazygit_${LAZYGIT_VERSION}_Linux_x86_64.tar.gz" && \ - tar xf lazygit.tar.gz -C /usr/local/bin lazygit - -# Install frontend utilities -RUN apt-get update && \ - # Node.js (from nodesource) and Yarn (from yarnpkg) - curl -fsSL https://deb.nodesource.com/setup_18.x | sudo -E bash - &&\ - apt-get install --yes --quiet \ - nodejs yarn \ - # Install browsers for e2e testing - google-chrome-stable microsoft-edge-beta && \ - # Pre-install system dependencies that Playwright needs. npx doesn't work here - # for some reason. See https://github.com/microsoft/playwright-cli/issues/136 - npm i -g playwright@1.36.2 pnpm@^8 && playwright install-deps && \ - npm cache clean --force - -# Ensure PostgreSQL binaries are in the users $PATH. -RUN update-alternatives --install /usr/local/bin/initdb initdb /usr/lib/postgresql/13/bin/initdb 100 && \ - update-alternatives --install /usr/local/bin/postgres postgres /usr/lib/postgresql/13/bin/postgres 100 - -# Create links for injected dependencies -RUN ln --symbolic /var/tmp/coder/coder-cli/coder /usr/local/bin/coder && \ - ln --symbolic /var/tmp/coder/code-server/bin/code-server /usr/local/bin/code-server - -# Disable the PostgreSQL systemd service. -# Coder uses a custom timescale container to test the database instead. -RUN systemctl disable \ - postgresql - -# Configure systemd services for CVMs -RUN systemctl enable \ - docker \ - ssh - -# Install tools with published releases, where that is the -# preferred/recommended installation method. -ARG CLOUD_SQL_PROXY_VERSION=2.2.0 \ - DIVE_VERSION=0.10.0 \ - DOCKER_GCR_VERSION=2.1.8 \ - GOLANGCI_LINT_VERSION=1.52.2 \ - GRYPE_VERSION=0.61.1 \ - HELM_VERSION=3.12.0 \ - KUBE_LINTER_VERSION=0.6.3 \ - KUBECTX_VERSION=0.9.4 \ - STRIPE_VERSION=1.14.5 \ - TERRAGRUNT_VERSION=0.45.11 \ - TRIVY_VERSION=0.41.0 - -# cloud_sql_proxy, for connecting to cloudsql instances -# the upstream go.mod prevents this from being installed with go install -RUN curl --silent --show-error --location --output /usr/local/bin/cloud_sql_proxy "https://storage.googleapis.com/cloud-sql-connectors/cloud-sql-proxy/v${CLOUD_SQL_PROXY_VERSION}/cloud-sql-proxy.linux.amd64" && \ - chmod a=rx /usr/local/bin/cloud_sql_proxy && \ - # dive for scanning image layer utilization metrics in CI - curl --silent --show-error --location "https://github.com/wagoodman/dive/releases/download/v${DIVE_VERSION}/dive_${DIVE_VERSION}_linux_amd64.tar.gz" | \ - tar --extract --gzip --directory=/usr/local/bin --file=- dive && \ - # docker-credential-gcr is a Docker credential helper for pushing/pulling - # images from Google Container Registry and Artifact Registry - curl --silent --show-error --location "https://github.com/GoogleCloudPlatform/docker-credential-gcr/releases/download/v${DOCKER_GCR_VERSION}/docker-credential-gcr_linux_amd64-${DOCKER_GCR_VERSION}.tar.gz" | \ - tar --extract --gzip --directory=/usr/local/bin --file=- docker-credential-gcr && \ - # golangci-lint performs static code analysis for our Go code - curl --silent --show-error --location "https://github.com/golangci/golangci-lint/releases/download/v${GOLANGCI_LINT_VERSION}/golangci-lint-${GOLANGCI_LINT_VERSION}-linux-amd64.tar.gz" | \ - tar --extract --gzip --directory=/usr/local/bin --file=- --strip-components=1 "golangci-lint-${GOLANGCI_LINT_VERSION}-linux-amd64/golangci-lint" && \ - # Anchore Grype for scanning container images for security issues - curl --silent --show-error --location "https://github.com/anchore/grype/releases/download/v${GRYPE_VERSION}/grype_${GRYPE_VERSION}_linux_amd64.tar.gz" | \ - tar --extract --gzip --directory=/usr/local/bin --file=- grype && \ - # Helm is necessary for deploying Coder - curl --silent --show-error --location "https://get.helm.sh/helm-v${HELM_VERSION}-linux-amd64.tar.gz" | \ - tar --extract --gzip --directory=/usr/local/bin --file=- --strip-components=1 linux-amd64/helm && \ - # kube-linter for linting Kubernetes objects, including those - # that Helm generates from our charts - curl --silent --show-error --location "https://github.com/stackrox/kube-linter/releases/download/${KUBE_LINTER_VERSION}/kube-linter-linux" --output /usr/local/bin/kube-linter && \ - # kubens and kubectx for managing Kubernetes namespaces and contexts - curl --silent --show-error --location "https://github.com/ahmetb/kubectx/releases/download/v${KUBECTX_VERSION}/kubectx_v${KUBECTX_VERSION}_linux_x86_64.tar.gz" | \ - tar --extract --gzip --directory=/usr/local/bin --file=- kubectx && \ - curl --silent --show-error --location "https://github.com/ahmetb/kubectx/releases/download/v${KUBECTX_VERSION}/kubens_v${KUBECTX_VERSION}_linux_x86_64.tar.gz" | \ - tar --extract --gzip --directory=/usr/local/bin --file=- kubens && \ - # stripe for coder.com billing API - curl --silent --show-error --location "https://github.com/stripe/stripe-cli/releases/download/v${STRIPE_VERSION}/stripe_${STRIPE_VERSION}_linux_x86_64.tar.gz" | \ - tar --extract --gzip --directory=/usr/local/bin --file=- stripe && \ - # terragrunt for running Terraform and Terragrunt files - curl --silent --show-error --location --output /usr/local/bin/terragrunt "https://github.com/gruntwork-io/terragrunt/releases/download/v${TERRAGRUNT_VERSION}/terragrunt_linux_amd64" && \ - chmod a=rx /usr/local/bin/terragrunt && \ - # AquaSec Trivy for scanning container images for security issues - curl --silent --show-error --location "https://github.com/aquasecurity/trivy/releases/download/v${TRIVY_VERSION}/trivy_${TRIVY_VERSION}_Linux-64bit.tar.gz" | \ - tar --extract --gzip --directory=/usr/local/bin --file=- trivy - -# Add Vercel globally. We can't install it in packages.json, because it -# includes Go files which make golangci-lint unhappy. -RUN yarn global add --prefix=/usr/local \ - vercel \ - typescript \ - typescript-language-server \ - prettier && \ - yarn cache clean - -# We use yq during "make deploy" to manually substitute out fields in -# our helm values.yaml file. See https://github.com/helm/helm/issues/3141 -# -# TODO: update to 4.x, we can't do this now because it included breaking -# changes (yq w doesn't work anymore) -# RUN curl --silent --show-error --location "https://github.com/mikefarah/yq/releases/download/v4.9.0/yq_linux_amd64.tar.gz" | \ -# tar --extract --gzip --directory=/usr/local/bin --file=- ./yq_linux_amd64 && \ -# mv /usr/local/bin/yq_linux_amd64 /usr/local/bin/yq - -RUN curl --silent --show-error --location --output /usr/local/bin/yq "https://github.com/mikefarah/yq/releases/download/3.3.0/yq_linux_amd64" && \ - chmod a=rx /usr/local/bin/yq - -# Install GoLand. -RUN mkdir --parents /usr/local/goland && \ - curl --silent --show-error --location "https://download.jetbrains.com/go/goland-2021.2.tar.gz" | \ - tar --extract --gzip --directory=/usr/local/goland --file=- --strip-components=1 && \ - ln --symbolic /usr/local/goland/bin/goland.sh /usr/local/bin/goland - -# Install Antlrv4, needed to generate paramlang lexer/parser -RUN curl --silent --show-error --location --output /usr/local/lib/antlr-4.9.2-complete.jar "https://www.antlr.org/download/antlr-4.9.2-complete.jar" -ENV CLASSPATH="/usr/local/lib/antlr-4.9.2-complete.jar:${PATH}" - -# Add coder user and allow use of docker/sudo -RUN useradd coder \ - --create-home \ - --shell=/bin/bash \ - --groups=docker \ - --uid=1000 \ - --user-group - -# Adjust OpenSSH config -RUN echo "PermitUserEnvironment yes" >>/etc/ssh/sshd_config && \ - echo "X11Forwarding yes" >>/etc/ssh/sshd_config && \ - echo "X11UseLocalhost no" >>/etc/ssh/sshd_config - -# We avoid copying the extracted directory since COPY slows to minutes when there -# are a lot of small files. -COPY --from=go /usr/local/go.tar.gz /usr/local/go.tar.gz -RUN mkdir /usr/local/go && \ - tar --extract --gzip --directory=/usr/local/go --file=/usr/local/go.tar.gz --strip-components=1 - -ENV PATH=$PATH:/usr/local/go/bin - -RUN update-alternatives --install /usr/local/bin/gofmt gofmt /usr/local/go/bin/gofmt 100 - -COPY --from=go /tmp/bin /usr/local/bin -COPY --from=rust-utils /tmp/bin /usr/local/bin -COPY --from=proto /tmp/bin /usr/local/bin -COPY --from=proto /tmp/include /usr/local/bin/include - -USER coder - -# Ensure go bins are in the 'coder' user's path. Note that no go bins are -# installed in this docker file, as they'd be mounted over by the persistent -# home volume. -ENV PATH="/home/coder/go/bin:${PATH}" - -# This setting prevents Go from using the public checksum database for -# our module path prefixes. It is required because these are in private -# repositories that require authentication. -# -# For details, see: https://golang.org/ref/mod#private-modules -ENV GOPRIVATE="coder.com,cdr.dev,go.coder.com,github.com/cdr,github.com/coder" - -# Increase memory allocation to NodeJS -ENV NODE_OPTIONS="--max-old-space-size=8192" diff --git a/dogfood/Makefile b/dogfood/Makefile deleted file mode 100644 index 061530f50dd45..0000000000000 --- a/dogfood/Makefile +++ /dev/null @@ -1,10 +0,0 @@ -.PHONY: docker-build docker-push - -branch=$(shell git rev-parse --abbrev-ref HEAD) -build_tag=codercom/oss-dogfood:${branch} - -build: - DOCKER_BUILDKIT=1 docker build . -t ${build_tag} - -push: build - docker push ${build_tag} diff --git a/dogfood/files/etc/apt/apt.conf.d/80-no-recommends b/dogfood/files/etc/apt/apt.conf.d/80-no-recommends deleted file mode 100644 index 8cb79c96386c4..0000000000000 --- a/dogfood/files/etc/apt/apt.conf.d/80-no-recommends +++ /dev/null @@ -1,6 +0,0 @@ -// Do not install recommended packages by default -APT::Install-Recommends "0"; - -// Do not install suggested packages by default (this is already -// the Ubuntu default) -APT::Install-Suggests "0"; diff --git a/dogfood/files/etc/apt/apt.conf.d/80-retries b/dogfood/files/etc/apt/apt.conf.d/80-retries deleted file mode 100644 index d7ee5185258ec..0000000000000 --- a/dogfood/files/etc/apt/apt.conf.d/80-retries +++ /dev/null @@ -1 +0,0 @@ -APT::Acquire::Retries "3"; diff --git a/dogfood/files/etc/apt/preferences.d/docker b/dogfood/files/etc/apt/preferences.d/docker deleted file mode 100644 index a92c0abb03d7c..0000000000000 --- a/dogfood/files/etc/apt/preferences.d/docker +++ /dev/null @@ -1,19 +0,0 @@ -# Ignore all packages from this repository by default -Package: * -Pin: origin download.docker.com -Pin-Priority: 1 - -# Docker Community Edition -Package: docker-ce -Pin: origin download.docker.com -Pin-Priority: 500 - -# Docker command-line tool -Package: docker-ce-cli -Pin: origin download.docker.com -Pin-Priority: 500 - -# containerd runtime -Package: containerd.io -Pin: origin download.docker.com -Pin-Priority: 500 diff --git a/dogfood/files/etc/apt/preferences.d/github-cli b/dogfood/files/etc/apt/preferences.d/github-cli deleted file mode 100644 index d2dce9f5f3097..0000000000000 --- a/dogfood/files/etc/apt/preferences.d/github-cli +++ /dev/null @@ -1,8 +0,0 @@ -# Ignore all packages from this repository by default -Package: * -Pin: origin cli.github.com -Pin-Priority: 1 - -Package: gh -Pin: origin cli.github.com -Pin-Priority: 500 diff --git a/dogfood/files/etc/apt/preferences.d/google-chrome b/dogfood/files/etc/apt/preferences.d/google-chrome deleted file mode 100644 index 4551ec390ff20..0000000000000 --- a/dogfood/files/etc/apt/preferences.d/google-chrome +++ /dev/null @@ -1,16 +0,0 @@ -# Ignore all packages from this repository by default -Package: * -Pin: origin dl.google.com -Pin-Priority: 1 - -Package: google-chrome-stable -Pin: origin dl.google.com -Pin-Priority: 500 - -Package: google-chrome-beta -Pin: origin dl.google.com -Pin-Priority: 500 - -Package: google-chrome-unstable -Pin: origin dl.google.com -Pin-Priority: 500 diff --git a/dogfood/files/etc/apt/preferences.d/google-cloud b/dogfood/files/etc/apt/preferences.d/google-cloud deleted file mode 100644 index 637b0e9bb3c51..0000000000000 --- a/dogfood/files/etc/apt/preferences.d/google-cloud +++ /dev/null @@ -1,19 +0,0 @@ -# Ignore all packages from this repository by default -Package: * -Pin: origin packages.cloud.google.com -Pin-Priority: 1 - -# Google Cloud SDK for gcloud and gsutil CLI tools -Package: google-cloud-sdk -Pin: origin packages.cloud.google.com -Pin-Priority: 500 - -# Datastore emulator for working with the licensor -Package: google-cloud-sdk-datastore-emulator -Pin: origin packages.cloud.google.com -Pin-Priority: 500 - -# Kubectl for working with Kubernetes (GKE) -Package: kubectl -Pin: origin packages.cloud.google.com -Pin-Priority: 500 diff --git a/dogfood/files/etc/apt/preferences.d/hashicorp b/dogfood/files/etc/apt/preferences.d/hashicorp deleted file mode 100644 index 4323f331cc722..0000000000000 --- a/dogfood/files/etc/apt/preferences.d/hashicorp +++ /dev/null @@ -1,14 +0,0 @@ -# Ignore all packages from this repository by default -Package: * -Pin: origin apt.releases.hashicorp.com -Pin-Priority: 1 - -# Packer for creating virtual machine disk images -Package: packer -Pin: origin apt.releases.hashicorp.com -Pin-Priority: 500 - -# Terraform for managing infrastructure -Package: terraform -Pin: origin apt.releases.hashicorp.com -Pin-Priority: 500 diff --git a/dogfood/files/etc/apt/preferences.d/microsoft-edge b/dogfood/files/etc/apt/preferences.d/microsoft-edge deleted file mode 100644 index 2441961adac38..0000000000000 --- a/dogfood/files/etc/apt/preferences.d/microsoft-edge +++ /dev/null @@ -1,12 +0,0 @@ -# Ignore all packages from this repository by default -Package: * -Pin: origin packages.microsoft.com -Pin-Priority: 1 - -Package: microsoft-edge-beta -Pin: origin packages.microsoft.com -Pin-Priority: 500 - -Package: microsoft-edge-dev -Pin: origin packages.microsoft.com -Pin-Priority: 500 diff --git a/dogfood/files/etc/apt/preferences.d/nodesource b/dogfood/files/etc/apt/preferences.d/nodesource deleted file mode 100644 index de55d5553411e..0000000000000 --- a/dogfood/files/etc/apt/preferences.d/nodesource +++ /dev/null @@ -1,9 +0,0 @@ -# Ignore all packages from this repository by default -Package: * -Pin: origin deb.nodesource.com -Pin-Priority: 1 - -# Node.js for building the frontend -Package: nodejs -Pin: origin deb.nodesource.com -Pin-Priority: 500 diff --git a/dogfood/files/etc/apt/preferences.d/ppa b/dogfood/files/etc/apt/preferences.d/ppa deleted file mode 100644 index 1dc9da8f9fffc..0000000000000 --- a/dogfood/files/etc/apt/preferences.d/ppa +++ /dev/null @@ -1,19 +0,0 @@ -# Ignore all packages from this repository by default -Package: * -Pin: origin ppa.launchpad.net -Pin-Priority: 1 - -# Ansible -Package: ansible-base -Pin: origin ppa.launchpad.net -Pin-Priority: 500 - -# Neovim -Package: neovim -Pin: origin ppa.launchpad.net -Pin-Priority: 500 - -# Neovim Runtime -Package: neovim-runtime -Pin: origin ppa.launchpad.net -Pin-Priority: 500 diff --git a/dogfood/files/etc/apt/preferences.d/yarnpkg b/dogfood/files/etc/apt/preferences.d/yarnpkg deleted file mode 100644 index 7237fcad5c356..0000000000000 --- a/dogfood/files/etc/apt/preferences.d/yarnpkg +++ /dev/null @@ -1,9 +0,0 @@ -# Ignore all packages from this repository by default -Package: * -Pin: origin dl.yarnpkg.com -Pin-Priority: 1 - -# Yarn for managing Node.js packages -Package: yarn -Pin: origin dl.yarnpkg.com -Pin-Priority: 500 diff --git a/dogfood/files/etc/apt/sources.list b/dogfood/files/etc/apt/sources.list deleted file mode 100644 index 745bcefcf2b0c..0000000000000 --- a/dogfood/files/etc/apt/sources.list +++ /dev/null @@ -1,3 +0,0 @@ -deb https://mirror.pit.teraswitch.com/ubuntu/ jammy main restricted universe -deb https://mirror.pit.teraswitch.com/ubuntu/ jammy-updates main restricted universe -deb https://mirror.pit.teraswitch.com/ubuntu/ jammy-backports main restricted universe diff --git a/dogfood/files/etc/apt/sources.list.d/docker.list b/dogfood/files/etc/apt/sources.list.d/docker.list deleted file mode 100644 index f00cada1ad16e..0000000000000 --- a/dogfood/files/etc/apt/sources.list.d/docker.list +++ /dev/null @@ -1 +0,0 @@ -deb [signed-by=/usr/share/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu jammy stable diff --git a/dogfood/files/etc/apt/sources.list.d/google-chrome.list b/dogfood/files/etc/apt/sources.list.d/google-chrome.list deleted file mode 100644 index 8dd71926f26df..0000000000000 --- a/dogfood/files/etc/apt/sources.list.d/google-chrome.list +++ /dev/null @@ -1 +0,0 @@ -deb [signed-by=/usr/share/keyrings/google-chrome.gpg] https://dl.google.com/linux/chrome/deb/ stable main diff --git a/dogfood/files/etc/apt/sources.list.d/google-cloud.list b/dogfood/files/etc/apt/sources.list.d/google-cloud.list deleted file mode 100644 index 24df98effea28..0000000000000 --- a/dogfood/files/etc/apt/sources.list.d/google-cloud.list +++ /dev/null @@ -1 +0,0 @@ -deb [signed-by=/usr/share/keyrings/google-cloud.gpg] https://packages.cloud.google.com/apt cloud-sdk main diff --git a/dogfood/files/etc/apt/sources.list.d/hashicorp.list b/dogfood/files/etc/apt/sources.list.d/hashicorp.list deleted file mode 100644 index 6e60053905ec7..0000000000000 --- a/dogfood/files/etc/apt/sources.list.d/hashicorp.list +++ /dev/null @@ -1 +0,0 @@ -deb [signed-by=/usr/share/keyrings/hashicorp.gpg] https://apt.releases.hashicorp.com jammy main diff --git a/dogfood/files/etc/apt/sources.list.d/microsoft-edge.list b/dogfood/files/etc/apt/sources.list.d/microsoft-edge.list deleted file mode 100644 index f0c036f79a5c5..0000000000000 --- a/dogfood/files/etc/apt/sources.list.d/microsoft-edge.list +++ /dev/null @@ -1 +0,0 @@ -deb [signed-by=/usr/share/keyrings/microsoft.gpg] https://packages.microsoft.com/repos/edge stable main diff --git a/dogfood/files/etc/apt/sources.list.d/nodesource.list b/dogfood/files/etc/apt/sources.list.d/nodesource.list deleted file mode 100644 index a328c2c3c47dc..0000000000000 --- a/dogfood/files/etc/apt/sources.list.d/nodesource.list +++ /dev/null @@ -1 +0,0 @@ -deb [signed-by=/usr/share/keyrings/nodesource.gpg] https://deb.nodesource.com/node_16.x jammy main diff --git a/dogfood/files/etc/apt/sources.list.d/postgresql.list b/dogfood/files/etc/apt/sources.list.d/postgresql.list deleted file mode 100644 index 10262f3e64a10..0000000000000 --- a/dogfood/files/etc/apt/sources.list.d/postgresql.list +++ /dev/null @@ -1 +0,0 @@ -deb [signed-by=/usr/share/keyrings/postgresql.gpg] https://apt.postgresql.org/pub/repos/apt jammy-pgdg main diff --git a/dogfood/files/etc/apt/sources.list.d/ppa.list b/dogfood/files/etc/apt/sources.list.d/ppa.list deleted file mode 100644 index e817c20915cb1..0000000000000 --- a/dogfood/files/etc/apt/sources.list.d/ppa.list +++ /dev/null @@ -1,2 +0,0 @@ -deb [signed-by=/usr/share/keyrings/ansible.gpg] https://ppa.launchpadcontent.net/ansible/ansible/ubuntu focal main -deb [signed-by=/usr/share/keyrings/neovim.gpg] https://ppa.launchpadcontent.net/neovim-ppa/stable/ubuntu focal main diff --git a/dogfood/files/etc/apt/sources.list.d/security.list b/dogfood/files/etc/apt/sources.list.d/security.list deleted file mode 100644 index 1f3dae8d09b19..0000000000000 --- a/dogfood/files/etc/apt/sources.list.d/security.list +++ /dev/null @@ -1 +0,0 @@ -deb http://security.ubuntu.com/ubuntu/ jammy-security main restricted universe diff --git a/dogfood/files/etc/apt/sources.list.d/yarnpkg.list b/dogfood/files/etc/apt/sources.list.d/yarnpkg.list deleted file mode 100644 index ada8a06f7b9b2..0000000000000 --- a/dogfood/files/etc/apt/sources.list.d/yarnpkg.list +++ /dev/null @@ -1 +0,0 @@ -deb [signed-by=/usr/share/keyrings/yarnpkg.gpg] https://dl.yarnpkg.com/debian/ stable main diff --git a/dogfood/files/etc/default/google-chrome b/dogfood/files/etc/default/google-chrome deleted file mode 100644 index 8620a6054380a..0000000000000 --- a/dogfood/files/etc/default/google-chrome +++ /dev/null @@ -1,4 +0,0 @@ -# These settings are required to prevent the postinst script -# from modifying /etc/apt/sources.list.d -repo_add_once="false" -repo_reenable_on_distupgrade="false" diff --git a/dogfood/files/etc/default/microsoft-edge-beta b/dogfood/files/etc/default/microsoft-edge-beta deleted file mode 100644 index 8620a6054380a..0000000000000 --- a/dogfood/files/etc/default/microsoft-edge-beta +++ /dev/null @@ -1,4 +0,0 @@ -# These settings are required to prevent the postinst script -# from modifying /etc/apt/sources.list.d -repo_add_once="false" -repo_reenable_on_distupgrade="false" diff --git a/dogfood/files/etc/docker/daemon.json b/dogfood/files/etc/docker/daemon.json deleted file mode 100644 index 8e19eeeec15b8..0000000000000 --- a/dogfood/files/etc/docker/daemon.json +++ /dev/null @@ -1,3 +0,0 @@ -{ - "registry-mirrors": ["https://mirror.gcr.io"] -} diff --git a/dogfood/files/etc/sudoers.d/nopasswd b/dogfood/files/etc/sudoers.d/nopasswd deleted file mode 100644 index 3283f4455630c..0000000000000 --- a/dogfood/files/etc/sudoers.d/nopasswd +++ /dev/null @@ -1 +0,0 @@ -coder ALL=(ALL) NOPASSWD:ALL diff --git a/dogfood/files/usr/share/keyrings/ansible.gpg b/dogfood/files/usr/share/keyrings/ansible.gpg deleted file mode 100644 index 1731dd2b2fbd7ce251ad1b2a53f7df432f40ba60..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 1132 zcmV-y1e5#5!A%5Hmu)Zs5CF<8#y2sBavX?)67L*C?G(=zXq7e@f6Q6auif(;)LZod zJu=nD{xl;si4m1N>|mHxbs=?y#0s%cDFcoXWGuiOPPcBqgGtD(O&)chTnV3O_vTKp zpxjBtjm2l2l)Co$f!&#ZUZx+mr|if+XiX)imRGOaN{wFzF5qf*MMMWR-!r_9)GT8n z9-skmj@@r=PeO_JMTAEoMON^=mLX&{p9PrVXI@k~>Eol0;1Wto(EAo0j!ob9JLZv$ zz{J9ga|)i0iWfLtD7Lfx2pcwfa@C_G1MjY`Lz6(awYWneCUowKp!;(c|LRENDJuV@}J^R10+K>bBPj0 zCcgwPd7G4u#uSnVISiLz>kj2k1P55=&JfyHmd(KqdSL^A$;r(RK;Xi~)S07(S1`Hx zluz`k@CoV<@SfH`dGGH;tTOf>%sFH)iWJCW^83^D=M##Vb)#E2kuO`HOHZMJPPY`) z#rAzJVN>~#YhaCw6qRIee66;(wewmmFwLqfI#xM7Uyj4+Unp~Z9?dnFy^Ep&k9z1@*%FAsQAQg_q^ zZA|2Ax}@E=%BDtciOPD+c(7l!ho;1z9^v?+=mW{bPK7@|z`h3!+#5lH>mC;e zAZw{ca%yxWx*r-8+j=+B_0_#@aD^lrQGYcRci@}xrY_B1bATdXsNhK*{R`_5@Snvl z%@^X(#j_I0E(`LpP@0t-%adrgYf0nv{mkf^m#uEZhfVP0mH+ABM$$9YYGhc7uU_zb zLfwi01ixZuFJvRqgLiooRMNo7-bQbSnxUT8je#Ug{poZ{T)y9ck!Lmb=J$T22%i1(LzY!TWhePHBrdo)WGPY3)h z7C#hPORz)L!-36Ks;a^piJc|8(PTGnSad{%|NB2-0#?2=Ng~I(^p!6?WEWF|1MY|_ yf9W@2In1 z#V#$cv(vuM$1G5W?m=#;?M(Cxek`gIB|ZeE>e*?4HA0Yo?Le89KO(!1UAgKnfVKJp ze7*UXLf?I!keb9u+BFqeeB``A$gwvu)M9q}dT8YU+=NzEb9$;fT&a6fycOmt+QBrl zSljK4NaNyiOYqwZ!pA8r^c00OKI|6ITnqr2;lfcg2)^}~s|^iuXkp-Z9zw?u9f%Gl zIKx%?805>Gz6o0*0IGj52V2W@R3^r4ggg+8qe2>{F;knjCB39B|n)&}Ia))TWmVOS1zJD$Q<&mo|g~V`#5B$6N zxLlw5L@k&9cvMyuB!wfYMH5Y?I18^yQU0Cn< zQ+Vm-4&d0rzki{yJhx4HVp!v=n%$Eu4}XG1@@3Rpmx4E2z!ZF5gVt7hXhF3JhQ)dC z^v|>E6|i%rp_>2^0RRECD@1Q&Yh`jEQe|vqVRL05C__acWMyJ0AUtGmV{2t{KxA)Y zYh`jSV{dIfi2^qS69EbUAq4_ht>?f38!rV52?z%R1r-Vj2nz)k0s{d60v-VZ7k~f? z2@s8efIJSr&4{we5B?+>qpu&7G$uCr{9l#Rccf8iLHFK8*j}rX=-CG)$dc?$piG&n zyvm)ljwUsM!bnCjBbuvmg?VD7{XegYqwDC-jwi9@5G?Wk0W>(My&0lUwT?!h+_)r; ziSkkZTf)_`7M(d9Eygf&;f2K#dl0cev@e`hmk( zZtk3Hs%->NGPyLrr#y%lgx{LEI^lyjO4KBwd}kap{2xYFqV-F2>Yq zG-gdq-7QDsOB?=ysoxG@7KH&vE_?hnRc?txWkz9<=VtFx@Ut8hfLi2;JwF@%ZMK$zRb;~8!vOdFX75Fk8*e>XpOrG|YsSZ2f#t_(HJ z+2iiq+kTKEd{!m%PjyDuMW8T;FZ!)Cg>O6x2SR3fyfZ=kBSDUz=aV8M^lA(&u0B2M z-aM5?LcHpf3Iqah6nv_W(wZrA8IAR4qXOaf%g7n?TNrw7a0Kc^OVl3Z8#a2R3m+9$ z8(5MM+x77e+YoN$TgPo5x1IH2GV6I8ege0YQtX?0EQiH**C+5Ml4{T8)OO+-PfE3sg1Paga|nw;9NrvW?0Q{d=P|r_7drn! z8&M^%eloEvv)?t~lG>1q+=qlCndr6=1Yy(%>dfgbh&%TXeRWyM$f8?S{8ygGsA8pS zM?IBQwFu-HaGRib&`sVMSJXjhuE(AOvYeGL$vD)^dqADy%5oai-WdX=OaMym$#l_A z7d>5VEn*PN1N}x~{PYrGX`90HOmI4|Rc$_R*_61pBoGZVu(mO4MgBSA z3G&qBk^c}(l#fx^d_Tr93{<%g;efsvX)qQ8<7p74rQ;AUmvbi*yka|wYGA+9!(&uJ z3tZ#|GLLIrw5-@~{uvdM_93`x8jgYT%ZPhr3MqBNEu`I@f@nl~3G(!ilEW9!nGG{5 zNIRRPhlryvj{p$?00D^vJ_Hy62mlEM0$8ouDgqk<0x1a)je&qX4!_Na!CfE(8370Y z1_c6Gt=cL83JDN?psB<1bNtxVU=ROn3Hco$6RNCn?dy%AGv~v}na?1gs^YJhXA)JR zJ_hRT#t5-)YKUBmhDT{(!zP43W=13FLVlQQY&Uywe9iI|Dk@tr8RUEXt!L9asCk14 z$moeFun}{2z@`Y8KUEy#Y?ttc*0nt%%r%bCd4pClxDY!t`M2qFddF+NHq%TDA5Z73 zoZ<)UWl<6+4{!S>HvV2YFUNmbNfe7l7outUhag5HvTFpov{9)%SU3wB^qK~XMv`AX!x<6%-nu+;S&pdG~rCcpO z05M&Fwf!q>>kU>E8(Zk`CG@{MMFpYoH>2^}r{N(ze}#nyK^=2d^FwnaCSIuyoty8V z$MgLSEc6&fC;Zgt2oP+BME)7IvYQ`*`)m(a>t+0)T%TWxv;Hw42=h!wN&j`JBw0E> z50`dHHM+RTjBnAsX^_gE8Q9$kh)YxA+2aP#nvkSPSGK0POS-qBfqQ0U`6_z!bL?8k zW-GmuFEE@S55O+}&SbUnxDWqc+d9(t{vtC%96$nq3|U&n$e6E6Na09qb+{@cv1jZ| z3ANPzBC8hPZX%fd!AicAGHUi1CEtQTkg6rlJ&izkT=Qe0t#FL~*@%Q@afty20kH zP@b&1>Szr#R<^(R$ZDQ+tX1BmAvCn7XbkFG{bvJsln04BkS2;}7+r)m!j=C|-@2Mb zZaVA|!c_0vpuO@|Zgh7CYc|rUFc^1cmciEIZ-OsoUfh8=!gs&KS$I6fh;IjUD`52- z$hYta7J<u zKyfV{PWt21mmL1oc+`{DV3Y`cYIUjP(OqJCF?#$b(-lq(eagmRKXj;3eca9O(@-v*AlJpV04RH>15hu-d0gn>T!}yoq)jq_0kXKsg4`@J7)|Q^ zDDOG%eA#MagFANd zdqy65SW2nr1~YT_@-0VQK|8{6A8j7(Mjt*2q7@a7+r$F=ve;|lz>JOUg*BozUJg2!M`kgS_a#f~DzmR>8^={7wt+%CwK#i~ zvfpjM2D7BD_&w;T7TX(_p32`UA_jgy8>H)hjrvW8{`$-wZl>gPv@74L#o=DIx{-%P z3LY3kB));25usaDw%9uVdqKM}3gA5$m>8-aoY;31*`RKJoH{q*k)ASLLDza|{FSl* zk;T}a!$a;d89iqXj*OKUxwgdm(;BaihD8wc*`Y3+&$Bh2H!}mE{&o28;!FZVVFa9r zf}&suGl4c&vijKuG)jrOdNys)@)#N5f%|l5RZz7u#8j^9<;>GcNxSldEX=~~=Gq%5 zPotZ>R5W0yfibkPC$F;dRN_4a^1ef%*GM8Or%~|)EFb=FOHv-Xle>XTzCNOfW$Lrh5^Ja2GiZgX#Sa${vHV{Bg|-fCddPDl^VI5fabQ^m0%I30iUJ!01qlPgwlxI{ z2?z%Q1{Dek2nzxP76JnS0v-VZ7k~f?2@oUm)arF{U|H*p5CF;U7+w)&dmEsC8#og8 z5_2=?)^EXR9c!3F?n!}$o07sQjYGJ%p0Jh<6LZfxh~tc@MG|B)L;Vnun~)_zv0cB+ zu}s0+M8(1umItr%ra^|kdG(!ilHe0rt;(jdrmB+qV=X$Vz(nO)AdJU#jh5MZV++<& z&nmrb%!n{()|Xtfl&=gga-ZCL1=?71_=2ZfR#!sblX7$gCswgZ!+KQ-7YB6T3`?cm zT3mO9e(~XFl9!v-u2-zu(=N-Mi7O61PmxVehEf9}e<08`r zk1x{*Jxv^-*9~)2tg(!<91uR;yx)i2EMOl%nM>M-Qe0BVf5B*1Rv#45?90`ZhZ!tZ zB|8Uap0K?P^ob8VCVHz1Mwh&0H+K%%n4+$IngUwO%%XkmT|E|Ao&7N5gJiSBykJP( zE{0Ke2dK$IV??I^{x%NLeEF*cK2EmOBCm-QTA76-y=b2qHcFZMAoT z)(cvZOlX0FKSAd***#Kt#98^iJ`}dO$pLreyzu(-t?L7fz3Y@eBkSU7Cm_w0UT)o{ zN1ra9HHL-20doWO|{IHK(1u~#KSAr_)JX?U}y+lHN=vMqZY^G&vqEevUh z02}4RMH=qdn6HAqpI-&)*M>=BYJJY>JQ{B9@MrzSanDQx@2YO)%U$81ggp8kBr%s{ z()PfUzZ_7b!+u>nXwCH~x9+wX<&>~SV-O_n7{zXXIWiNuRHG6Inc3aBFNfL^L_C%m zWxMiT)5+(xAX+GBwNRfO9O>=-gtU3t5>JFi4)tLStA74u2U1(zb|(K20Yfv(y`W&I z`4}35I1lrycfTu{rJcg2W*s#9(%TD|w-kEulDzQ;x^L85-;^0nD24@+{kkzkCl+~X=amxsdqY&&K@YDOVLj0hTMI-AER zwOOJDY&*Qbd{##mLzM%8R_;bC`64LxDc{~vP3kZbUjPvS00D^tJOmg42mmG)Ap|U8 z1|S)QwhnB1$a5p})arF{U|9tMV;3%p0vikk2?N8nH2?|;5F_){>UD8oSr!}*{ycRS zrJh#FkClGa{<=F4uNSPOAF;ZkzPKWuF7Qo{cGeR6?3%ZgaY0&CSOA%~ z*OF*d8q0N1h4xs<_Y_%~3a+0-2H(x%{tj(hE6?spdG9)V~tF|VG2z3YHlb2BM z#+XfkoUJFRVS-05s$9 zc6KAOl~vnZ=7V=*=y%SXo^W@ZL?M=+A>E75&3|P3$KwOg?f+dn)G>5z${Oj9JCbye z5)otPqv`51z_B5|#?*!jI8=UFw1sVOPP?KcFk6u&J2Fg@{1#<#_|9f`l`i?p;?B2RwXp3pcKeTrl;Td-b2q6H8rV6E`jrVuKM3B*nLzX$ zoTKZDGY4)TUxW$~Hg}wi7PR++UHHxOyHwfd=cQU{ sZP_ZaFT{IF`p$Ndo-}Rtf(Sc1oxsL`tTUqvGA4#k*w>jgJntA|!*H)MKmY&$ diff --git a/dogfood/files/usr/share/keyrings/google-chrome.gpg b/dogfood/files/usr/share/keyrings/google-chrome.gpg deleted file mode 100644 index cee005a7386d9c20b1500ed18f58e98d5ecb7468..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 10640 zcma*rWlWs!qOS2_aF-%2?i6=-DDFPE4({&mba0nqh2rk+F2&s`UYz1^{@p9*ti6++ zllAp^CU0hvJJ&DoWIz?bNL)HdV!{A^c2+`|Qt^fmCKKA@ezs2MNu0J=RmZqZP<$Lv z)(z*Nc#srcO?(ag1*(O4b#Q_b|B_p}n3aFIz@hgA9G;y~sm4CZJmY5Jtp7Ifi}`cO z!daf6i~nQf6SMBJv=jidv=gsHI7sAz3C{k%7E_)LB)(Lx&iqd7yS0kQc}e z@Y^YC@|zY;1-J@QW`(xs@4*1le^nJ83B85~y#Eg1U0#t-yuG8trWhxNlJl8l62szB zOaFbsiNqZ-Y<)U&DtP8a$`GN+Hcc%?k0pUo)Q41hibF@XV-{6gtKbqc=^)`MTatt% z5r~={qm)gRHjdkh=A6QPKdpkA=kZ41Q@r&;`F>`O;j?$^m;@s+eKB|o{raH{q_=`$ zf%zU-j#JG(PI=ieN^v(72XLUh+kDbL&7pLU7hxvgd6Y%P+wsa(L_ zf>aLdMJizX_lnW+Uso=SHefG1V;5JjvxvoiJ%Gv7!A>aB6y^ga5I_MWfQCaxM1Y3| z!r%ZApkZ)<&`>~PC?H-SEKm~1JplL#3V?)&ktY&@9#Em3FeVGgb*~(5SVUxcPczrb zI&$%xID`cx0KQR%*`K~>C8(0%B}5xvt$k}>sCa7yqW;~L90mfQ3c7c0)%y*5%K1%x z1Ug6Ck%{lKt~46LPZ~ev^^<+0cVveTrJo0+r*1N;My8UrLo`b&qqO+T1b>-)ORj>} zu+)7LJ0~b~SZ`vNLSfPGEH$$WT0dBS+kXrE{xqfDpkWWbhP|jjfH=@VvsY*pu)Cz*0Lxqdioa>hHTt8 zTAy+l=p*wN4moKS-JXu8AK`+Ma+?VlV>aXGws$5~43gO?*822b^i7NXDG&v#eQZR6 zUgKPHfCEUncAjwHoWh#eMsX%0!j2Rvt_SvI$nS{~4sP`U82}9n|AJInkqt5W)DzKp z72{gsLzI{iX;;>NcU1sgN)lf^Kg9N))NU>pW{w0pt>7{fq!eCSDRskxGg!Rki1W{- z;BD$4R(w|K-qWH2N$I=8II$G!#arBvDYu+Kw%@UtiF8 zbW%(W*X~EjE?pi!k{?70mZ(s&)zQPyd5GA=gYdg6x#ioTB_d^DKK?U0L|EY8RR9T4 z{`<57K!9A&pG-@y#=TkUg_<)Dg9S)@4#ew#Y*dx?pcCu{E<<0LJ&EZSl=K%>$&7!d zrG@f!4hjR%rqiX|QU@C%s4*|9l#0$cZgvKNqT12OZ4{x?Q6uh1(CiFig*ipDC`HA& zH2jKUM7fZZglj{>^6Mhhht}axjX3SF=@^%jO(M@1FJQ9BB+)Y{@q6;ytX*P|xG@9b zop#(VM*_rh)F%~|#`3+}d;p@f>@5E=VqNZ0^OBLpQiI~TLs*nik@I*LlKiL>CXZQc zQ8=oJ5e7*i{z6!k=PTf9S`l_P7Tog9KD~taP9O?3`IG)4M`Ss?ne`GP(x7v|?N^~) z1M_XGG`6Y34fk}hK-0C}m*YTAr?AAV#F+ysE=7;Xg=>#)DEF@9G<6(oG{ttobfe>J zI0>O492-hx`4^$VoC5)*HJQLm3E6VFNf_;~^d&96DMIZ;K9b0XE^Fe_41*Si4*`$? z3y8g<6+|!a%<{6VkAGG!5oopMK6sJ@;&tI!pyiu#hGTVex>j}5v-KZwNcD@-mnS8g zE!t*Vv!Fib&^Q#lpJeQ;7MhnKJQv^x6L`6Hog@ObEUHUrcuY8s+bGcJtGrYo_u*-pwsJ#VHOY%<%~drVVf3z@?TZNC4)JY zCwNtYVYb_tI7{##`@=sMBb5pZ{5wY2za<62;UFO*AOrs^rGE$he?KEyj{dGgx_6Za z&<%B5eK4O`aGLcp^eYFWkq;3*4ZeZJ4?3%_Ck+3V-@R>9=zB(?F&mxGM_dKdX-#b}2ttrb0{ARwrl)O`9U*Hfb zw!tVSP?+dxX{Zh)d0SNQS`cPSQ~0_|Duy2Dky$rT_&eg#W)wLR+p7USpO9UFjroA} zjp(?#hCjA89NXyyYcIcmwKiKYAjJsixT1q4XW^ny+GC~G8g9VF!y2dXdz=8ypq z_a@*^Lf+vT5x7sYY{;!rG2w?68r^xYWDLF+K#B`{wNZ~My{eRPSr0y zTXllsy<*^UtmM@ar;=#A5+ry`McRkx;rJPg$^i?-m31e+@iXq{&3V#v(?OjnF1TlK zfR&{ZYC~W`VA5Bm(wu;VwJ+@V+m@Fugy7zIjry;MS}2f_f3j81ybK?< z`V<8FVAjK1r{ldgp;+Nq;acCiW2!HR^$pu?w3IR`#^dZ#PZSgjn{%{DE1HG3N6)8X zMVF5}SV-a1bZJ3dy2)_Um~b}nx}1LU0VZn(!z2eu>}93z3<($dbGix z&T%B5?=JgC;U1RYFtK~Ar;@dw26-f$0Xu?yvh(siNpBKP&EAp{rLu++WL2}}#SUx| z59hvVm$6cg!4E$YFf*2|7m0p!W-+mMzSJs{IB=~b;x;{Ckhm#X z@3>SG1))(GVe!)k5jYI4f>3lH0_nE2-BhJRq5Z;ki%{~q%8@WU$4iF?j_10j(=fZ# z;9(aE5XQfJ|5=|ROk@Z?7mk1$F*{`3%`$aYF8w;-UD9;30+v*A%S#xP$`O4xl9G=B z8z$f4LAN8^Fu&|oEh~VdzI^-^VR1Vy!{_PB`qt_bQ!=PIo?g~cZeia#setTounzrz za2&$aU{oJ<7hXUUR2X$rI!Pt7pBP8%HD6cjg@POX zzemTK2$AGyy; z!lXMuIYylf)HJQji2Aw691fpq;BP?hqI;h{@M(?`z1367Jn{(Z+xt3t&WbQcS{FD1 z`t9sGvH(#;NIOdO3WLKv6LUxv}kE6BeExno$VvaMTN`J%CI6i z5BrpXaMjtxwZ)z)eH?0Sj%V~KeWbUoOZHu#{iaUKYw3Fe z*v&NAz@3*5E{Qg2a4CC+9cS`Zt1cM_RQ%0ss=2!oi!TGU$m$QgTg!z<+clwqOlRnk zH0Q>w?cl2OO;*We%>~czB>jC0HT3EWr^7qaES*Ky8t4aOre(%7q3(v2^&eheTtD}) z6LmsD`VDta>Ssj;`=nZ*URGmk*yjh=LIo44zw| zT$_t=*maC&LIXPb+uHS}{VwL{3pS|HdOU%Nj=QQ`J&&2T_~@EFa9!Y zC`I}z;oo|1hhSppb&QJX(sUm!mUbf~zOOIoK2;==TKzKnR#QH?087b`DsCodHto=5 zaO?%YdA8pnC*R=M1w7&`g01$l@D`Y4f)_1%3;QO*`)4BI-`Z%#p}(7^$Z=2O+{}k2 z*GyTW8iFfyiy-%UjCQY|Rg)6vqZz*@d{E&(uT+_i_UGR;3-tV2I?>gR!=3??R_h;v5w&!+TswlJq(_*@ zI)~9AYR3rRN^wvg;`j&Et^L4no{AjLZt_*wr1(Xkk0)wWSc@&L;fQX{@j8+!bC9Ex z^O>JM%f$NVOFqWv5TiCc?V1~%h*IhUJReetbC^|OBD_Rm&&Ub#lGH>>8roMwkdSnN zmlfLA4lQ@)XtR>U$|o0x#85mk0l^V@al+(yB%DVvUt-Tp>>0**m!i(E-PR*#+-j#x zYftEtyj+6>jmQY;jC-bF3Q(Am$aFWb?#2czfrMn4Q6&Spo(E&=*luuzy*?539gu)7 zyQLONY1?(mcy898(ul%$_Scgo^n|g>C&u;S)(X$W{5cyGzu0?#k6zQKSU!o=K@_HZ zw{cE>^A#SZZ+Zrt$$^);(_vSbE3>vB{q&h#`sT>-5XAGYXbTskS_MI{e02lJ&P_A*N!oLi zWmI5}rsQtjaPYJyg~`ggkA#SWU@H#*Xd#(H=axtJj`mj@P{A!uzkg=k)4v-n^4Lnra%4pz^phht*)$BlPOXDhMrk>)+%x(K>*X# z`o6OMY>f|Xh*>}T_1$7!?_h4OG@6*R($C&V889%p1SyQEM;5M??RG88IesgX{H7QV zM+w3brwQKF{?z*rJZZjaIE;ge)i9$F=2M^S^D|Un<95=bEQ=BIBKHzbK7_)8{WP2~ zvr|J?hs&3dg{z|J#!UHC$a)XYcAX(DyPLmQ$uNLVcUOVwYKaHSdTd6&Lz; zQ=gZ~_;ucz+sl1Ed4y_qX0q65s=#h;*?n0cw_^Fx$0|jgTFa>;%}N`Oh8W93Z^W&b zQKSLw+43>80431?o6T77&=QMF2bWiWJ1(u$$^G-6-@oYU{^V6?7iVi8Ibq5{__3*tFEPW5tY^nM{P1bidq8ln*7hL3CHKtp6jR40za z3SuNFJDQ3os-m+YS(?eoKpY5B$fo<4q(gfTYrKUwPgEb=VMYM|jj&`ZGc#8ot2`L$ zJiS??#EqYpS#MhJn|wE{?CIiy2Njf~UecpzApRN4#IZfK3?Qw!Fb zH%xb@Cs5dbjFSE$4O^zW*f&Bu`9-fy%O4@gLCI%5rhPC=gIomnv4@#}@C382Yf9hF z{j}AjI3}Yysay=lLLwQ*ri#!_4C!m*Ky&Qt?3wX30&1U}_Ltz1Tob8SC=5~>koG>o z{J*uiXF-2K#Wk6onq@@67bCY(sx1f5Bd~FOKBg{J(GzFU?-0F2)twXstXeNOS3Z+M zr%PwaBAK93v{zNdbw&-Rztm=M4fKqgFVyVL3VFQ>WM$8Jhr4~gG%T5808(=wDfNc5 z;5`1^KH?2SNss>6Pr?2wrw}s|(Tv?INUVFVuhHB~qSAR;4VAge*p$hGOsgmuQC}CM z0RrPsJWGSC%wzDn?UYt3(7awYE$ROJ$c@iR-gUHA@hNzr=5-h!)no2x5H4E+6ev$K zb(@UVzsZbLb4;k}#^dz7#-}$bAXCb!2h{G_1`;9kEXJns#O<;{lmds|A@P0N#vgU8 zR;DHNPE3dYC>hy4e8Ek!Y@5eXW-I=VzYYZo0sgQ!{K!&E+C7M{VMdCII7?!gX(=C+ zrbv}X*)*(QeSN7(vf~u?!ury=dvo@nFy>HL5Cgp*zgd-myn$1#5>BG3ymrv&J5lHs z%Fss8bSH~^xPhZtiPmRd$sxEa-3*V$Mnh+s-WEpWM> zfm|WuCrlH0=H1LE-V9e%?OHetH|s(YLe$w`(%J^bK_q~%qkG!y$-W(TE;bI~T0(uC zs&_(VS)SiMC&UqBM?YUsVpFxNDM|BgeQ$LX7$NMib&doP&7#X@li~mci%L>us)Q%w zzuM??zEu6AO+`ZD?bX;R?cEgaNuBxshfw&iA?xQD*i}+b~r-AI*v72eDQnQN9D7)GI-_-*Xlh{L&!L)>J z-?_@Xm~)Rf3dlV)aZ`+T^{K8U-V*orkD8Um{#ZT1cqj_IX@0SUndy*?i92#Hq8X5v z@#>+fll1v2d!9KyXRgKJ6q&As0&Xf!{xFc0NhjQ)y` z7<_EkN{wV5nByM~b9Mi4q4SA+JKE7K5yq83st`(ED4Ke;9-hyTW@3dJthfu}KuD*( z$N3|gOC}_%1KWDC9RF2L?=+GE^_nbSw^+)=T$y^Is~;pP%y!lH9%Ep0AIz_{OaacqW#9G`1#c?O+K(czcriqq?nAe)$^ z^_T^`ucrRlv&|kT=+`%4t@{U2^Zqg=NM^#ta?#(%?hi13y9(HbHX{pYf5_>lz*I(q z<%3793z5yR_aQgm>qQn~*3LYGv^Q434=k#SP^x@(a@*-))B(*4e}y=AS)`VpK3f$F z=Vtxq+WZ~N|I`NI@4L<4N`J7ilD!%)1A(7A`E-XnN57l0Y#`aoFW1R zRDQ6i;q-=Tk))I6hY_qt1NlqcsBu=h- zmkyX&+1a-)?yY{kdn@1E6;~3`nZl|!adQo~HNA$kmZ8U5z)!Nt6QCOlJ#5W&W_6;K zO_=8KeVeI!H&Df^nReVb>Q5uCj@RaBMC=u_S>V+EB$^~wD&-Sq~%WzJCJd2mu-{f$3NE%<)mv$DidqVvvR zy!L7knFNQ;#k&?6%%DJWi+_)bL{qeRe*YoxPP3Ag{)E|v7imPW;g~HAQaMSmvD$Dq z8b*S{1a;J8B5dX@R@q7mI1K%m!Q>yn(WB$%HH;E{rPbsHrJ-3kmfD>*i_j@0@T8c- z9ZLO5zD*7nQ6WF4R;v_dblxN*M^&=%7hP1zAlCt9@o#Xae%4wgqYiI`|M*-+U8Ep9 z+pa?Jwu;6lUQ~+K`>ZBv$p4CK8T9REi`C0_!iZ4PFA&4ojm%5`1Zdpf8~SGi99DKE z@t42nY_@y+Qn2PfG(NS$Z&5fvYyL4``nNU=LKuKn?75nFfD<@J?6QhQnb)27{J;lR zB}~n_lQVJmD62!W_M*3cq~4m&V)vO+N(LDkC{})JdjLBr&RcxEV;CugaN7YGwi|QI zGv&v~2`_xbY+N*vfA@v&nE=o?o~=``YkOgevX-%idU<<%m6T*96X+^Axmw=uGGsUa zqr@p`77Grg#kO$F3kN&83cptT&{zA3qr3Y1&&2E~9nmM@c~*VFn|n7X-lL>j!kO@V z`7wQ-p)9YeVrZ4+m<#4gGY&1g0@roT;lM=n&oSwc)zT+qr2KyH>eu6z+E0wVM%xM0m5Ib?nS-)xS;lc4qQe3DR z^djjLGWHpCBg-AERTb*0((A|RmOtv@Ay~Sy0h;fFEf_S#u*$c>`+AToOBC6l!s7>& zpWHb_NHNs8RooL$kgRrQR>{< zeL)X2el25BxGPqv>0%`Ch4K_g_Mi#$qHEVzeoc3cWbHQa_3-hvV&8SANP08lBB&+J zuCk5sdYwY3%giQuB*?ZEsJOS)KQ?=EwhNzRdHDybFJ`S|?KtaDlEXI6p{0u3VI1QR))OzM0l|kPiJ36{4uTrreQF*f z2k+Ff)Co(-3UClTDl-mj@?5UO)2M?4dM;wW}2 zHxgyI`V?knrW)+?Xbk*N?eW~XIgJBEU zDA&WdE`b*R5DdksGMKLWgKm>UTA#n-#ns8cT+wdI^J{RCfnqxhE#@8&t0`#v{Mf+fUfqS zoi_BDs>PbZw}k&B3fG+SP%Vv<$PpRz!urwD+i12 znilD`hU@_Cf|ue{_grL05&x6l<+goHHg@4?%f*qVu zs#fq<2CnUO8WdJkrwx5`pM1DYgc_Jm>3i%mSjhpKAEDd}9Fw!vc|)@W(2zqw)d0%W z3)K)?b5sKk(|0Gr)71~{@GWZvWHF8elJ)<5VT+H(V$J$e`A`Zu9~K>ae&7vKL0iv` ztzF_#l5b}Bnrv#+vH{L!;PH2DpKnU4^U%nBcbc_m&)^SGEQZESy$aD=KE{R#{!T85 z6woL8g5df&|A^L)h)1e1#C#(ab*52J*K#wj#RCwcpfGkk z`xD-L9~qC}ySwZf$8PXef}pUve49SL1*!EU zHb0bmRIc$q;GHJ$+aWveTo(n z_pG+!-sg$;C-)oDtv5ESq2a}oTs~KWtHQhyM0VR`#XYxfV0=?qdgvR`M_v~5JOV2Z zrewFH^H^H%!P-B89R#Fg=8tVi8n*0}fpz`{Zcv}geyx;=!+SJblHPjom94E@jkAo} zLU@t13uWp$Z&vAQ7j4#>@V`@g8aalI;?ZErzjIa1F?e%~VqwP$Ch$=8i}0T}QzxeY zMBz&e%*NOZAndO_D$nCr@aOk$4~a;y6szVU+H7!37%VhFYuC!R)y_Q+CT~Dud+y)9 zBS>Nci_dS6G`)=L%9nAgJDTVKt3fc%WV8_O!RIbu=Ri&hObcTB;9qS_&mKYlXftLH z9DlmRw=Ht7FbfHai)@UFua0KjwK1gE*YxHg)m0GV3Xz{kwSDf zOAWlw5r^e!3?pSK148Pa@DJ~1s%Xz$1&o^4q6{h`%Sm{5&k8_)+5Xbvu=8iFLSqhk z73hqabq;j4W;&-{a2o8hm@!UTOrq*|D)_fKPvSS`$qr{%6_XpEVRm(r>Cv&UhtzuSG`5(QVbN12(>B~nq zVuS;T<6xbm;ie5!ut?opqGg{o9%~~B#Dsrbf3bK$ANk!X zgaCu=;`Z5_B;2rH1%6}x6HB8g{B7Y@7)H1rfKM5(G2y;TPM9u@3RF${t>QkWcXH>^?p|!Li=ZL2sqLX)?CmFq+UrWm1?jO|uT${gx`Cqj8 zd;C|MqbRTEES8FE$zSMi0wW5G#Z1Bd1EN!vRTIr-ZACk$8!iMz#zd0JoZY-WP=z1) zyV33KmlJG4;i=Qu%ZCt{nZrA@%a!!u;!3!5WQjSw)i{kSfxr8e%R3a*QE44Fb;Wnn z^pluG^8{`&iWI0ul!OYm&uP0b;BJ^PmX+kY8$Vi4qJ{FXt4Ck2PFgNM7A=nqUY{e6aPGXup{(p)d1<4rP*2X3M-Sk#b83o*x#`lR1i`J?R| zyv+F%yq~t9aZKTTdZwNwb12}Ey4#F)wkEMS3UGhSByJ>B2qJRbHX(ayDr_v5`>Z9% zhrx5IYiPG|t*^2g*MGlZ`Ql^7hG_ZOW>miSB3Cb)p$U z0QM|$Sqp25$9}_#uisvC_1M)3{-(wpm4txMIqbZB(ok-0Irq2uL+qRJGO)iiOu)tp@^dcL5fwp5*@#YZDZ0+x+eua=p5BS3TL>Y z!2B_xj!~2AkWJ=Yd4CF0!Om*5>DH?#sq&PjleC6QLb%CTIgzQ+=A4qDu{=GAckWH) zGMMbzsis3fg_&APU&fNoH6nE=>W#@aE%69(1_MKLfD1ub){r|^tdg5k67EA> zCA$;T?ZqyIX8)1T=SNEX?XOg))Ed)d=zd%}ZG;yGtXd#QV;Ibfz{5<+r{j3%53#6O zlyz65pA1O9j%m&-H=hkC)KM2Kh|^o?xzyEE`otZTrMBC};keoI{m7{HTRmcuhu5{h zS_J{Go_&0xjw9Wc7=Yvsr?5n0BMDgzE!mO?N#E5F@zH8vX>C`GJh+Ty7k|0( NoHjgY=A3`m{~vJw|Kb1u diff --git a/dogfood/files/usr/share/keyrings/google-cloud.gpg b/dogfood/files/usr/share/keyrings/google-cloud.gpg deleted file mode 100644 index 0f478144f1491ce0e6668faf181eb8a7f24a208a..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 1210 zcmV;r1V#JCz)b{Vh_%!K2mscYq|IbT7J+=b+*`^Oj$cN)IJ9G0;1{?}mAAo~T({7p z@JRBJPSW&4=qGU6)ec&2A)J#VmCA#C z|M1{S^3O7Tn&fI1N7}adYPQ9-dtC8TNI+&0-YS5c37a=4rb<3Z*5_8X=5N$X=iR}Zf77%WqBYd zV{C7AWG!-GaCCKYWi4}QXKrb3XDw@Gc`Y(9GBPbNGc7PTEigD=Ffm^+F)na*VkyGF zVgwTb2mlrZ0%C}@)Cmx^J;)6c?e7Hw8v_Cv0RRBOs0aXjKodwH-O$)Q+G-l#k-nP6 z-g(UI5z^V~isDhA@#r?{D>{&`^`(q5^Z*Feq{hq1#6f&HM)QRxBLNe^^t$sHNzEqccHSo% zWsaw#U7E)!v2s_x`5>lsuP6)$+R`k5+AN^`i?ZAY*DKFab29GU>|zfq z_$t}Yd{Gm@ThG7^`GAXx1RftieU>Qkk}w6Y>tP2%D?0A$y8~GIYu!JmKzju)uj)x? zh{SvDEbx#-6}|z)m%#-4gluH7ZY~ZyLT^FOIb521d65cueP!h;<8zGj#n0vikf07;k#0EH9e{n2CZR@D7O*RDY%Wt_zHoYaA-|F+zb ztzM99RzL(CpW>Dy20yYatT)@uKm3)htg12E?8K{BU0nB_L~;T~=yeu1bkd7jL+l0@ zc^L1E1ukma{Wm(HKA4kQvSzePTx1NxT5T!@PC$-o`; z(ghh8M)_;m7^ArH11OC^u!uzAl7Me+BshQcv zn$%;AzR1N#hH7P2I|9&cO8(!2FwNJAb;A68tNAPs6q8G($>rU`APVqOkg_aD`xbA{ YvDCB4XX2J{8xPZ_^SyA%2cipL&5QI%SpWb4 diff --git a/dogfood/files/usr/share/keyrings/hashicorp.gpg b/dogfood/files/usr/share/keyrings/hashicorp.gpg deleted file mode 100644 index 674dd40c4219e7f397ea58978a945ccf952b79ff..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 2879 zcmaLXcRUn~9|!PrHizTv6%kUQG9r7Om7G0`jyrptkv)>Vg|b5;GS3|{I@vtp?3qn= zgskJ~>GgYF&wsyvKi}`?^XEGgNJ9c|X<8-%1J)pu&6U}KU5t*M&8s9XGK2nkr#mWq zE47K;_lyiJS!FtclVU8=ncE*{1#LHRnz0KPmObz`ViQ`6D)>6v&)?Yx%RcjfO0CEJ z%pu{3F|eLx^Xtl6F*~zxBzsQVu>5QTc{tP!F+YhD@^VrrV{UU6+wCGHFi(}_sK5E* z(;7e%IsN=cEl36-*>$DuTf}?5n$ro`;9aqgw2kT0oQcl`Ntz-9#CzmQx6o$hBG-Bh zi#_*_1Lo9TpJAe}-pFt9=rc_I+G-Do6K;*r9wO8p;+El8&sAKtE3P2@v%89`oG)Z+r?s-O^)Vz_ddrqiJIR=Ip2 z=+2LnA5Qvqq8e$cQ}le43Z=2*0SRl0%p1mYvqcJ|E%(mk7G{CWk{K^Tv^uhXq#G?s zhMF?}vhQLFxR_5Q1@zzDYTFNZY&j}xyGZ`pB{HJ+g3m-!tF%K_0K2`!=@Cc+-x4QI zP^wvQT8=_A;Y*cFHFh3yW7C4m0rW%wqB@v{ji=WI4z9?XJhGnu`?}@+=kz;NwEt%U{(C|M?&cyN12iOo5K#c+fgHr7)RYwD zKr$vON(yQq2{VwG2*^zYWC>;FCGm^hw$rs_QjSkl-YsLkXnxPTPDBcXw=~OUvr(*Mr5jH1`k||jxdr+*-W_3-SfTy` z^osJ1SD)O%Y)xSy^A}wsWukMPB5%e^wU4c?c&b(!Z-nJLcHu7`Uyo zF5r)@WNJ+4xe#Qa*8I*V;WEe!gl7xzbE;jRK@kNzea3z%8+8^=fz%0UJM%q0Gka@fL9KZY_~q{(Qzl6`fhckQ;hN4&e9(E zYD0DdM@f1nt9kGeYrYRAJN>Q{cZ!FT zZ>l@Pj%rga4_PO0v=oHH9)}KG#iKC`vVzI|FtC2*C1eaJKJ#Fm*2<^iAy`_z=xu%H zu-+kKb2iR)N33Zy3J?0$MAw2120oKn zY`@BH{n@2Q;qnZo&hmcPud%kV3Vioo!Iy$fT#iG+xy~$!Rj3(nS`hT)m%w{(S1ieZ z5c1yn_*KRpKC$X#J0p12j0!Ohxw?-jaP?Hzgf?@hT&y#sd*o7U=Bq6cxzFrM>Mu&* z6pzjZyf&mFQ?0FK7ec!DQwAFbJ2H;}QsK%7kdMSuuM*7?eFZ*tbYS!_ESv%tHD)=UHw*4`@5MI-PvF4fuyvs)n$ljz7VSW32OXn$#4@n_-_p_(#rh+hex z5NA)dZ?I?lH-`}x_Z;<&8iCUh2HSAdi&UBH!_FFOWmUyo!;(v)6%UL%A#=|Tv)9^P zurqU~!~sq6Ph0?L&?f|uCrwhSw3K0 zg4l$-V1|)j;s)^}_&9nbGJ)Zkhx%!nA0E+C9aU2Nt4YnGgpRZ^oVNA=*_7Mshpj%m zJrD)sl*x_huVP7x5hERK3mTTey-XfE)0+J7Et)_BUKq**yBL^6;e`Jxzcv)W{6a^;NVIke)$|l!Jq5RzKRi zxr#>zGV(wEP;*lo*zd!^U_#rs$@}Ke`mt#`C^BT6uOClC&h9GD(D}kEI3MsMKo{2j zQ!acvIYLB8jmAkj1B+^e(;oXDAa1|~&~b7d6`>hS&wui&dilN-c{?(`P~-{|%gYbH z-M@6IN{&s{7YgWmKz;mG<)-JcV2c%y;RZ|Z`uzkcsI#hXU}0-u9`s5hIQTEw?9sd0 zr5tOD5`6qsbXS%%M@3g7#*dAwtB>esT~>XR3$EpBuX^qaQsW3#mxmDsUH$YI9rcipeY5CQDmd zqyMIgIcX()j=9&$sw4vn*?*cnzw<#cj!7nu(92t8LZ!`^o2*ZaSz}vO%<8PPbSKc0UOr}gIX2YGn()Dx(H|Sotn{XTkPx(+MTa5_XT_Hf* z$o@(MLRYA7q;h9rxpj(P_pu|Z>_ZSHFBQ^1`s9qPnC?!7ypph1nXPQ3`?b)WD$d|GYo)}xHWVvE3KON1l#20Mp znA4=!S2rgXCT7tiG*)Y6Y@x7J*ecQS!!IOAY zcmkMJ19R?QXs%;4J4h+BPC*r)AfA*?s&J@OQR1Sd$dWr*qF9}5+HfM~Kwc{zHw0c? z;~B4dozFzq@@7gN!l*9mt?{yh?50+f1&-l3_%pE}l()W*&{OU;j`U+`p-j(Bge zDCL?^&tSJnGE0sHbClD F;BR8aVf_FA diff --git a/dogfood/files/usr/share/keyrings/microsoft.gpg b/dogfood/files/usr/share/keyrings/microsoft.gpg deleted file mode 100644 index 0cffae08d061d6ae8959b4442dd2dbce26c340e8..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 641 zcmV-{0)G9O0SyFJF<6WN2mrt;hGAw>aTw8-&ZU0T;kCvj9-@p2hRX&3tKIp#mk44K zWSkQ%c4{HQA}s#tsn;1=(LHS^JIEF`F{wkR(&D>9o|7yP=~Y+NKK3;C`4axI=rYyq zrB<*k)BskBDEsDx5Yd^pAvz|*XxLN^Rs1tKcJz?E$yQpt@e`p4a|{c zMCET7wg8i5k#M`dMmXStEMdYRelqXC@i+Karv74@Qsaue67_2{MmJAUtPq zXLDs^b#iHRc|dJxV{&hEZ)S8ZV{dIfi2*eP69EDM9|ZzdF<6WO8v_Ol2?z%R0t6KT z2m=Ea0s#UZ0Rk6*0162Z>pqmNz7i?V8k-0IeXlDmy&evAAJ<zH{duFkO6N3 z&j)GB_6-&>FO*4L(_oK+UEBCNPtqruWb}jtrH<)Fo&NESBL93CCK@(!cM{sFL# zl3lGc*OY}TPJY89Y`5yhtDjdGdR`sF=-obeZ6|&)Q?JB*^tR`Hs`bI;7%7s23ub3m z2fb~VjF|gS`dseajhzmSVAqkLq?Lzd-||b!CPpP=s@8rTvf6|&1HsVQ^$#~j*4_B z^wo#Yk$Y085z>xnXPh*YyXCM?X!Pz34&qQJWF>^y#mQ?Jy36e=iZ;jd+pzLw&Z~qp z9J+_wM!!;)U9TJ>|{QL461&b!QjK$m6TSoI*Z?BZZUGed_%I zq@w4C+YUK7V*G66P1FMCB=1(Q0v{fk--rSn_+rv#2P+VoJ}C|S6~o~oM@taQ>Mq^X z*FGXUmgmLfb&~)Q0RREbAxvR)ZewV0VPqgsP(dJOZ*m|`Wp8$AZ6HukK_FCRVQs>} zcmxvx0stZf0#u33qXHWP1`7!Y2Ll2I6$k|8!UY)ML z?f{O&>KSG%w!M&okwu6`ShMAUxoz)SabFLueiM$KoUDI zx!sM%wVVU={@k`?+zS~>77|toi>_NThL3?qSo_W5_Z>u62g!RHUcPk*2{p^0b>g{i ziDBYyHCIbR6O^dmyn%PY9&_=gKp zB2Dn)pL>}Y{`@YqQu8<*4#ucVWl@T&o5F~wef_KAIEV1sIIj~eCi0EgcN%>#{rn3}1Kqr1_6^$8%9?VPE|Luu{wV46z1K0qY z)(wi}yw|tNeAvYIe{9Y+h3YF|_DbZK{aU{)%!HvAI@XQ2l*@_?a{eX+*?xmo{IGSL zN1<|7K7vgV+wglAXB-kGG=3%>aS;zFV(>)(XAd33BS8gDHd1>i`I4$HM@B6louE|l z9S<|tIVype8a)U%K+6>rhV*aiCCvU^oE*b!t)6Up6TUSlF!29uX6SH&*c! A$N&HU diff --git a/dogfood/files/usr/share/keyrings/nodesource.gpg b/dogfood/files/usr/share/keyrings/nodesource.gpg deleted file mode 100644 index 4f3ec4ed793b397c15b9cba46c45cac6315dcc62..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 2206 zcmV;P2x0e`0u2OHn zGb2pT0FAJHnQ9LOen#@%F5|z&XQSYC`H_RzY$X#LGtDigk9KP_M=>ehkUPDXTu;B(V3ubAZ5m-sKU^kff*x~ zZ`Cm{)>!{y$rAt(0RRECA5L#%Wm9i;a${v6JZErcKyGhjWpi(Ja${vKV{dIfi2^tT z69EDMA_W3dnMyIxRsH;0PMkg$clS^{YTdUXw+PSWLNu=D0z2yO(O z_L)x-nN}nt%nnbK_KGzgha(e!#vOg#< zDV3pDqn*)=Wy$Atk^4+1CMYk-4;}Z1C+o<{-7M|O=%x6uUWppkB0=VIvbXoDGIP-N zq-m;2y#N%yudo`pz(4g63%S%092Zt2H^_rSC8@r4%OuDm1PL6`jbBvv&sE@N5AEzZy|9o#Den98Na`3}LhG;}Feurl9!o_En{3W5c`HWwC zvSc;MaJ?9&zEC5mh?eByw7&Ppa*vpR17SkBOr1P`{D)bx#<9JOtw?%LWi~MSqr{D{ zNjSP_F1-9@r_I*qq@)UvjrYg^>X!8+E} zMwR_59u1pS&LPPvZk6#cM&0>l7ErehWFIuqaG#&4Ss;8^akyF#TUGg3cgWiK74@o9!uIFErdKdjjITX|v%3 zUsg#~(bn4CnDl)bGku-5sX_4x@XYO}ba)la7GdHy$Y9)s2Tbpjc2)mqec%8wK)oeH zzf1hLr$%$7#PmA*m|+E-0|z^d;WJU%OJiZtIE&iROSaP6d~Rq$Tta(Ayl`-c<|&nfrwbw=OFZp*dq>L1av);N3wE+aeWA@@&(c_& zN2PxK=Q;j}EHb^6r7iLOnpdDXB(?$@3;+rV5EfOSt7unZfP>Hw0GwhUD@R{&F_wRZ1~2By zI%84XB+wDNIiGz3sLe0y#;2Uq6F0%fi_`)PxM*cuSB7^?5x?|R&E{jBF|dT)L!2P; z)Q-A^MBsW8jj{Dwp5ygBlBh3#1Opok&DJ21f%;F@xWJMBAp3s0;Zqb`x1+?$GV+=x zPki{BDcOI}xZGi?mk1f9TeS^apSix1lpg*3{%l*6d2`~ur^_x;oamqi;R^bh#Q5dw=z ze+M&hc}-v|&mj?`V^PuBYxBa+-Mi+nnag z9eQ6NssJ;!_Nnu}AX&>9GxCH~+^$})WE9M0H`$0SR}BL08A;u-$u3-jNK{Z@SnEeO03#02lO?o~>rC*DA4s+0G#EbI&sEr!W(OV diff --git a/dogfood/files/usr/share/keyrings/postgresql.gpg b/dogfood/files/usr/share/keyrings/postgresql.gpg deleted file mode 100644 index afa15cb1087de3aaad67e6d95989eb21b7501377..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 3494 zcma*nXEYlO!^ZIlDq_VdY816<&k`zP@2$0}t)NBiL-=9GfZ@+Xn&R_lzyYq^^jnS2d*%!PjR z2g1^bzvXBziWS@{+O>q`Kd-UCH(&ZZTSg1Iwg5j2l~4Mt@~1? z8;^e3LduJLEtOb;EA+*D#PS;|%(9oOhS@agx%J;Rhvq-0>Ur$CTJGAx=0xtN*;dqC zKG?%kfZ{l@tCUQW|C`iIG?@JHXH(@9`A2b)nd4G0(+(<6L#w;*R|OYznjba%kmcvW z!jz}JhKr|mbuB}0C1ha7{>U;uYX2tYtobtK>s>#e47llH?Ax7i*$7|!+D$s?C15rA z{hT`w5}VK*zb1rcPT)YRPpmwN>%`B9GP^l%M}%Hif*9!0tEnOhXI8+M|U`{pJ?y zxYMLiH1WAx_CG}I!Rjm-1@hsVhp|V`deV7k8`RQG}ReZ5x6Z8M@Qml z(B3EfmW~Q4qz&AqpLYK?eh6n;$rnfN0_aHqB#j&4S~|8j&%QfB*_Wc2aUGN)QDpIWw3NL`8lVNJ;_#a*+U8LhkaA;R3>P3XyrEluJc8<7VN_Zjo@}E~Zp+;B(VuE!&~v*Pc#&$uoGffEV5pIOE@~>a|+a2XFB#o;z#@s1f?TD*!%oPdHPz7uE)No_%jj zB+-&N)YMWbkRnZYPoj&@-phG{N(|Y>y<~)YjxLLjAMwjlv?>nU67qU_A$YYIuIfEZ zU|zg+{rdU4eMtFWTMX!UJILI`!lXZ-A$xA4n8tkH>JU~68rLDVX$IwoU~l#H#|w<= zcx;-SR`!~|U2?EyRf;mb+hkJA=qtFTF6ZqMJe8|PGExT2T{6czF;o!zzPx$Wq@lpC zOGDegs==H;R*BWy>pcZED$F>NU={+w74i{y#*Lx!2Y>o}5AW5QcA1gKZ>hb|!L9{k z@AHjN*_xY#MQ$E zZ>kx-eyAb;Lr3%y6mJ0!ZfOc>SeAvWf}E-^#ncMp#mmcEYTWC^aHSMW9Su@AW43YL zi#3RF(nK|%i1)gs|Fl!(L02ICud(RnoZW){nrPgt7hm{?Z++6qnPXDi&2>%>zk3*b zThc&K`A11qVJ)}lYT~p*JI|Ih>-&cFB@}dL6I&~Ris=F{P18KnnGHR>pjL8@u(qUf|a0;?b!X`Zd{OHUxY@sLjb*-m+h>za8_Bs zOPlwi3|BXmnfY@m)cPvk^Ufy$n)RQ?yCR(G`6q*~@X(J@?_sZ%orKN0icb_AB z97*|MCL?XNwXc)ynK2}RK`no72V_Mxlk+zsU-^TTf0W8RxPs49S;iVE?+P}=Wa7=v z*~a(QlIS%CMigkcC8fb4?JUtAqGxHYS*=<--U^@R0zxt}Kl+t!ThFGtub>p3R{IgNK3E?(75tIY8jW5ft=)jY1C zu-aPUTHrw{}5PMPh$Fi57lrphs;xS@YoGHm_-pH2^I*&?WW(|aG_czh=Ur1}zS4@-sDMx%bx_VH^Yi)aQF@Bkr6#A*q?p(l&kmlj;+QE3N7z z_*`jgOw;DutA6A4y+1`&a}UWYu;ee?1+-oEShN>ftY6%(G2V^xNMlL4HbnkHRI2L0m$1#!X0sc3?9Odni>pNN&|H#dL~;_N$oAY5pEL$hE&5T6AeDMWV`}=!W{g&^HO$rXo)5C&xx;FARzxn#gG=%zQm=U?V^xlr_;1V5 z%Q7@ECtemEALdqY3lB831Uv53QH!|HFlVaW53f(}MICpBW-BFBJ1HKVih+rL^{W)0 za_V=QFN^Z6>7zR>P}})EM)b zZ#oDZnA$^Z1~4Mf+-W~;8QJ!pQX~NtVWmlE*_8Ma7t;nqtMeS{!M+xy<7107391N! z7@J4tB#vy%%)Gwc<>~HDPH5+pnlfs_&wMz(;@$@0^z2yEcz11n&_PkVQfNl}y#3YL zUdb5mu%h5)JNk|xJj!LND~QA@sHQiFi{6*juGmmYQ8ooluTS9KQOI0yhnDXPYn98YJmZS}h`XL3*G)aeEia-Zskt>4x1`F;As< zaxT9MQ8%~4fY#DSUT6knXGN(d$}0^T=u<%RcI8GO$Iub+U?=QMur?#^ar9WmY2!Q#-t2RfiiA zHAxj1ez^bn;&hs-w;Y|fOeIFn60pADZnQ+NApR!};XwOdyx)L&FYKL1eNINWygwi# zO+okseb-X;p1?zgJ4oHJ6s%p-)tM>9CpRF6A~Pjde}HG$-7%%3?No+q6vF*Zgw$FP z%+#d)Qgri#HjOOS^wdZ`C~#0a8#Hr{P@74z01ugq=k3G5!IRYpYk-s-1R~m< z3JU`aH(00yj{H|dbGg*sH1fU4Pre9-CPY5WBViHI&v;&4|7gf8-STP+Jx zn=Wu12niSnxCuwYz`=$<-T+`}U}|n-O2F;@&zs-Kz=jUs#v2a80fqwn1Be(LM^L>H~Y4mkuxbYDgIM4Jd95d1Ar z9vBiq(jE+f88+g!o!ol&}N?A^Qc$xb3WPWZ-KQe(TA)DV4(p!d47we;O85CEhI6%>`X``ec zt(>fv(?gT^vPqeNsx0nPMV2*?t@@LvF2&O1Yld$ck7dt&F3Ur^hxM&N*#h14hg-{leQ4i*P_n5?XR>^=-AO+C|-v1cdDUGe>ax! z_@fl<27ITL9UyjPgp%apg0S69orWSIJ3T4&P3=dYHGaLaDGGH^{u<3e*-Eq0f$2IX zi_ouxYAxE3?j_lqw#qbLIx7dNwpQBGcalVU7ixTvUM2zH3V&6Ko|;Jj7ID0 z(5X|L(_^Qb3TvH=h3i&JkAgH~koeQt^wGRjJ1MRyZEDfs03!2OK{4_Dz0Q5!xueCn zu3bT`R@+c_8ym9y5d2|fcVLL;j6WW~C)FWA+gaZ1@vSX@y6r!tnVCcEl`PFiy07YP zTOM;JntlSUJwv$w0SXNs?`x3ajl@WOl#`6BxsLs`IETii{5C`Sy*VbZL*VC}%F2@3 z(ec^p*Ze~%dKQxxf3wANzW{pFMg$fMN?4j)m3G&Ty#6 z@!3AsbOiA#XN*9OJMdW$2QQlJLte8~t9M`qy*N4tDV0IS1{#-YqJ1YfZockiGddV} zuPOIw)OGcYx0GqW|vxq>{n(kdvjQlKD?Uyg1svC;MaJL z;o%Uv1?jMpqaU_j^>z|!^~BNhIY9zZLZadiSq1R=52RGxXlY`IDW=yr{gO}HhH>gX zCiwn1A$j}F7O!z!bA%`PB`Ax_*nFh#%smQ`6LALv=A48aTIB)vM8T=_T!0?Radd%I z4Nv^aYFJIkr?!7k$P%K8%|V;@dtavAwT*p9hPyeqRNu~ws;1W{$D_7nm|p~Kj)CV* ztFH)6y{m&rFegl$*sX9se=GC!Xo7f8imh3&^4szD%*kbXXDwYM7-cTh=PB{F{I`lG z4Qow7I|ZrExllR?iMXFf5iQO6UA_a}u!`1{va+rL>Ay%54uTK%^Bd*_@K=KgT(G0eJ9a#Df@|4O|e1e6jEIcz{Na4 zS`~K)x()`GsZK?ukL<86Y7zcqh1}_)Ia{hjp)wbw-i4WG@LxUIMa`jR>0_>7Q?_4; ztI&4tRqewoB}p3X>ZiKZ6*Hk$y7xXaXLd+%BrMw@1Qk+x67zlO=nQ|#^v{ubR*(%a zj0QY;2LBKek4zV;6Ia~qlZxGdZwuJe7JVFz_T3N*)2LWS3oK)vvs%BUnVgNtC^Wi+ zvFUFhi$fdI3w%=rU9NND0{2Ziqt;(BREDTwF0oC9jzrSQ<1N9~i6NfrpR4LE*?})S zKp&gX3Gw_JblO@v_?F>0jREf z`$7RBBo3Y`=a3?;ka2s2x8b?O7Ui?W8L!T<6tyia*>==u3^t?6t#ch(dtwRDJC*5L zVJr8QlK2xTespG*HqJ?p>;3ZGslmRjo7!0!)U&{$+!zO))_6|HGL{y`7V3!4>+g_u z1rx_>g&w6n20dc?{cW%eynetAniQFz_0bw$Ge_Ht^SKYXNwxvj{C@phsVkRguF z!;C$g&OwrQtneCVl3B_{Z>v+%1A{Us+w<=#ld2}j@9>e^Gq`Yh>h0^zC&efF~_-*Dk9uNT~RsJs4}1t(H^yzKd(p4n92EM2~I#UI?rr+#W4cU~OChxxso zg0@VNu$->+Pn%A+yzoC|#q{>gI+V{8i);RLB9(d$QKw69+jKerL66O+n;n;^+AhfY zbDS|%*ZI8lTS+G1k;`lvAtIwdvUObQ>`VtidUfUP>SMBlexzte5fC=wOoqPm>Ye~x zmXm?kXNr5q8(lf#Dvtn5&%shOzSpn33Og)o~`B#VM*z23AR0}jB-Kfmv zp2)!pke!>g$q702m_CC}yF|AIGeQfx4!g=kgtB3*(~@0~{>=RLA2q^7^9^HHt<1Aui%N zBsiE$v6)_9!<5byJzoE&XOpVsae!uF;>6#$G!i2EOi5p8+uJz81KH6`^1fEh)}ioj zJrRi|LnE7^|I1GXp|i#ewaXA2ULMfW_hKB|tU_Mw3^$$HY)foM>1w z;3o<%z!6F%@?m@cbY(%}xIzai67j+wVnWS*q{4G#zBQ5^-xkVr{wUP{@Ua(xw={tk zM_Xj<$q|5ivT&HT8#LGzv@r{Il7@*~!W7^GE{)7#r@# z(iv$VO-G2&hhCCecD8V~X2kjS08Me9ZIrxhDt$B@#WZetw2+ze6XAGu(0fbdR<@j6 zCw+|QCA1NjnZr0=M>8|e2R63Hk@~AXap`FGR(D4zOZobX`|>WIJF*4 zp_C;2^`y0YW9!6ht}!tV_PZUq@Og+)TW9MDBJBmyjC*%X8ZC+ac-vJY#Fh1D^w@?n z7$Z(mf0J+ZN)Z$@4rF~fX(q-2Wo_q0=BI@vp`pvTu&@g7A-%Fpaa2e5sC_{1ZPPt+ zFMsI*3reGds&i=YiUMDvW@K53g^YVu8!54NX~G4Jk?9{yWV3xLgez3gt$={O*$GC!%BuWoPE$ktihJ@JrYdYy@rzaXJ^1yV0cqb0J&pUe=T z^QBvU&JO6BMEYny&98?Fb5p>Tv)Qh98juxR7ZY zqt}iMw%BodA3)jNs+D2o9JTGT$p8ufPM{sknI9;hgS?*wgA4}4D)U?1!#qRE5O^tt z=^5daAp0`FDqk)mE>w`pZvG~JkMx0K!FM7)t|MF?Gdx zZig8hEQ>sW-|MVpt9WmTv_E#K$c=nen>eM(dSr6)#G9_h{c6nH7<>uE0n~A!KgpWO z!Z`ID5%KcwL&$T`KZ$*kEQzeH+P`{`SUOqX_?O(>fkRh&)>oJps+pi0FN+Uf2pN1e zLe~2-N<_YN%?TTr*}HJ6J`O6R0p zjJWv2YiX^y!%7G5jFw;SC`jwfd3k^5Sh{z;Q&V`I+cW_oU^@q8AggM`P5QK?Z~dZQ zXUH`qTz4F?8(ebA4{%50doiz(x6V=B0@SR~hJ_`}DFsv}=r62VD^$AWfAWGkgv2ld zpr*v(*l5St`)%ku%h*$qgx;5SE2m>7Cd93)j2qg~@;Y7o_`kIBS12HwB*w(xP+;h3 zg&>swLneO%^H(OK{U~ssB&m-M*$7{J&PEMa_&L$-o$yDgOZRH-HJ`palQLqJBo&6= z8Uq}xh1o8qK_vNnAITWy1UA<|%JLJhuO}bh-HG^Ny=%Ue21C;fC11a`Y%A?S5Gk%` z*t{4}@7Fu08L&b)y-aF}1ji_X?-sBeh0U!o*K=nlyWYv^Cx;PBsS~Ty*-dnx<2wDN zhWlIgF*QymeuWFQ?~R7JEIZJ3^Q^QGnPiSqYq2`0r_)rn&Ti1S>l1d?__O=jFWk-i z?3o_GcaI`gh6RiF!Cu**?SM?9=PCy~xSpj-gVxt+OU#U?lfoJDISlj0ecPOmjB>it zCZcHq>B|Xb7Tom8aIcw3+;**6hCpF?rrGCEhDc#Yj(FKj31`<1>ibGs?&-IOgc>P z$qKmif$-5Me1FKLm%L;PIN#b40l}dj)>_)e2wy>_Y%-}Q12ac#*qpW>u${d4weXS2 z=C22?u(e^5lE!w*=h28e`W6Y=4(_@;ZUryY@$I=x==Ggv<~wm3h3~`vAP$VBExd~( z;PvphZhQ~k$t3ykjAd$h36)r2k8w_mu=N$nUL@eas5p}v>to)yh%ANu=y37Cn6IO5 z+`Ms~*R+K#q(A9@swK_xpRJ=n1raEu_K`k?w84-zj4n#}T#oNl57@|rk&=RFhjvQD zx1c@NV*`DP6~+%*wo9e2?OVht#}*V=yr?$PyTA)X@qjByrmMoT9|w1^ zs91u#ECi-Xa(mp}Ngt}Y8P*6Dd+Fv%sBLRtScRTJ5nn~)3f3E#F9kVMb;{*YftKI; zWNPlMCPZXfyPwFi_K_gk=pmafZfjqe(QbGw+-6xR;vy&+ zhH?v1-`0hSEnI1m$&aSI=(O`d$dHN8x#{8k1s?v=k(8rA7=PS%l}r>&ZZpkoj&d-p zD219ZAyu}~_Nplk>jRJ3Ml|SM#-xU570@nL$(G#65dl(?0cwTtqYO+LoS}gt(7z{KSY&+WFhan!@ z>G^tHDnjTmhAkE^z8^U&;oBiV5NVx$D6elKfT0!je!N*pO6d>=(C@`NaJj&WD%WfV3Xo;R9i!2&-(N#Y;9{DL2O0Smt7JoPE^l}I zFZXkp_YtWfG67ir_WLFUdOIB)rsxHi)_I(xNhH&JW1IVS8b7$89;dd?e4RESe@n@E z&lJ6h^0hQoQ~n%bu}OHwG4czJfRPObe0~)3jy`Q6o1g zaec6*88EUwexQa^*u~O2#_XSiqh#=b%4}3-35+q4Z9_prNR&=G*c(MWdzS!zL9tGs zmP5z#N8<8NymuGD0kgMLtHSFpJ=%8J&eI{4j0aE*H`|c@;@lzGp^F`i@tmJr;<>4H zW>L3rTdpFL3}r#s9Y$w$^|5Sn^R4heSb9}*?ka-sCl?dg&HUR|>$Cmpy|<;v8zrEsy+ zOSY-LGEmLbQ}9UxxdubhyAzhHo5w|Q47Q7Kef=hR!_SB8bqiK0`-G-oQAzNki3jp~ zHlfY_=-Dgjb|qY3^cdUs|J_#p#^PUX1;m9G=>O4H{?7ar%#PEn&F^oSeM&flZ?`=f zC=*uyzz`rB_LZy&)%QgBRwTJF=@8(4%)Q23ZE$)88fy}?-JEj6*GWt2APeyy)4B}4 z!QhRV%^nzieU&B_!f|BYPe98+ozXv-p89$?z zV7_4J)As8)ud@lf`xjdABB$7maRrR3z2_y$LJsU4*qiDXWEscCs?5$@qcTsw?oy?( zonZMl{O30rMI9MB0MT+QyOd_B$%HBTL*j^a*=}XEGgzsT-6s5kX~Pgyx?Hzkl{hhS zDZIYADzpYM9EuOma_KI!o}uoodbW|*XjQ0TxSSc=T-5}Xt{sp5dVVwNN^zo1@xfS% zPIZ>1rQGiPBu19v-wU$FM3>C<)=OT7v}jx0!8Ua`lxAaL9Yv^~Lq$RPatlW>Us?1F zIGO_hs;rS~`7INnfq?52s5^#z-m;EwuNC-5;hK8W2~7<_9`IHO>2jTgOX^*(t zUWV!Ci)g!UTlrahneJI}tTqE#nxsEOWz#ZaO&VE^ zB8>JwlC;+v0G*~Nu;yp$P_UBpQxA{@I^uN>^we9=)>@!pl4>TOLh{zS#isard{aXwwKI{iBs)K>aG9 z_hyLeiu=At3a(n`!hr50y$ct)onR&|oFd^{A~b$4<7^956ew-Q?=wj~ClEKN_WXxm z7f#5ehjzvwm$gkILS`I>$%+dqB{eF##kY+mH@t)&Q>}LwI+{G})Z^jM7Xqnj9aD1G ztXxY7Zb0^O-26e68XS<1+-VBRTHqnF9SZTjgj}m8EBGtcr+-ro$d>XbDfScd?17U^ z>;|oE2wn62XLQTi_;8hgLYLT!xq8V{a+PiFADmUU&#gl7IBZ|>fbHSMKr$T$7Kxg7 z7KRdn-~A1PvY@ghH9OB>a=+nCA_p)~(CWl>0+V>%#!+HGo>hQ|M8NHF8Wz|j%(w$F z0ocQlzvA}$1Ar}Y2TXsYnQ#!3JU2K~7l)3I<;e>Qiaqi4lj+PCt$4(!DZZnjM4jF> zI3Glkb~;}Y15_5sE0wCoiehGms)3ZuoBI0dwyVR4Sf8LpJs`^3jlCTlh0d4KdWic1 zo~<*P`a_sY94qd%v{Qe?9j#T}WZr1^CaP)0xgrVOI!Y#Jj_W=?l3NP2ranfs6)>qv zCHlKQe)WjCL+rO8GPNK*xQggI*`afDpc-0T+UL-?3N6K}Hs2Lha(?6!Z{@+T*)k$8 zFSj+vy-y#!%C&2qMY0bx_9{A*CQO(iTQ{L)Cf)AC)nLRPZ^)bew^p?Nbp#{(M=0oo zVE?S97OG9v9HWpOE&u*)0|x<2dj^3+!HLe^|GUJ1{Jn_%&Cy@S5FewPhW+Nn^PfZb zwtK1C`iwgD?6uZ}-7tjJ^+bzR@x!|S`eN-+c#?QNMf-S(qT|Qb66=eVyPLV39oI=# z0Zt8~Pc965gBhzs{esu232H=IZhwp-<`OXXmbCb4-Yo8G!SZP4ymA!~QN*Kxn^X`M zeQp|i8&9Q2O(U;f%+gb*Ni7U?0Qdj7%xUa1e8tNh^v8n=plcF}ewB;<@)MLlBNYHH zL$7PW?zISli>uiug|fl`&JhR|%{IJLIY=z@lk{$AE9kmmokfvC0#n#VYVVBaIZN~k z2^qvtHy~wk28JS;id~nqe0)25bYsb@fD#gY#*=sO0r?!zUZ*^N@}=13?-aFV(s{kEfWLu}V@B@n7|z5D@N!kpLM}?pH;%0UOPu*F*PKnfOnGy2c>|DV#U#rQBdP7?nsSqb8kK1_n&1T14u!_6-M9E@KBI>P zY{wcS`(s4r&qfc_AT>C_*+{bzQxYlbpZCK^t~mQ+$33HW95=GG24;i zKBDwFBNM7?1Q&eABx6?1sf-;&>+>aGvmhGP9gXTUopTbO+eoNb!6w%ArkOYoHo_RfN&msyqj~ zG?H!p{p)Oj~(}Y%SElD z+jPF>WEGtwT^#tPQolSU{<@Y{dBh0@{em}?6_-r`8OHQbz#pvj0K@ITn)KOk`AfHo zYL9gvQ;pGwcuY`CZb3Hf;(4qierp(Yovt3edy<5qZ)eesqtO#_$ELmlSm-yaZ1r&x zSpa`(Xcp#~UI5BAXo8TIkaFgu?FYlJRJLw#uVrqGC~XEBoMZeQ1VmMA?`R**c_&Jq zK5ZRQ@R&K;8n(c34n>IUu^W8h9}~ad#F~`EuZk9nF>oBkbamhAiT1OJl6r2aY!)q( z4Fva%bvS<*rOF3>ZsnS-zl$_@8bw3R?_*50Z}TPhl?bWiEmt_buLDE%{L40MkGB8V zCQo1_kzx>j_yh)#&(0p1Adfk!DFdp>o=c*ekgh)=p5G+&Kwnz zqFg;`* zb@un^WMU=jaKtzw#Wxa435tt6za&Q%+7Yk1TCrNmy2p^WJz|&LWSK^7MdKIv@$vUj zU`Z?we|Srs9K=k^j(ypPGx-jUZ!{^_lroH(j>;%^^(QOmqZ!VUOmjXhZDtJJK=0RX z1BSr`BWpF?@2ywIZVBp)X$mUw_@X=%7gX*a(molegA^2RSo0R4FxF5lpEuj0C4>WW z=vC(_wEkeki55~~)s@CyS(9Z*UL}Ja3_EJw5xavv?IN|7Jpmuf%I#*+NyNN(D ze(~iHK~{mJ5g{s+P6G)*O2Za#pg1!TR?0(ziQ&sTX7K$qcD0;4(742+^g(?BqXzMP zpfr=vl3y=8ZDQgKtSA%FL^(H=oY-z+n~vYc8rtr*J3Jo>k!UE1Zyk+Zaz!svj7VTb zMa^cWWB??R8W90l*h&3TNj{~Yy=^Zkc)yrcmXaBYv$(@fg#x9$Xzvj>T~_Cxu9My| zIN8(E?1-y=>y>rUi=|DEwJa(j`D!}|fYB==zb{wukGbGU+MP}ZB4*j!(hSSH;Ba7HSmkCAm6dST}hwr+5 z9Gv7C4A;to)x5+oKp<`o#=_R1M4*_SS@HQ2Dpvt*i8r3%_X@V@cWO~MXf9EiGX6{h zrcsZfLRLh0GNHy}F!AJ_E?5y_VDoUi`I$iv`wU^yGbl=~q^2F&OIj3Yk%SMG77;N_ zLe7!cA5JypRupFveX{*b$&}7-8on>(V^%^7t++iP6-pgNXoWE%D1Hd9xwXlm2JtIb zECN1K;F?p2Oo^~A=z=CdqAMq$-D_LO&Qs9cGdE=sXL27(;r`mD4JYdb59amk za&3g#S=;HG6&|^%u*s?gLj7&D^5GBnPhW=OmV4_tyr;!GEvZ~CAo|r`KR7V;La45y zB6w)Hp&8_p1&KkuTWg1K{L&GjVI|!V?s3L)&^S(u)g+%

Prd+gVg-ef(8q}3NjtFhH=g9%!QZ5Oh0K4hD6Ko`dY5Nan_G=W`8Y%{6n zTYI8+Ku)0vJHzP=js*-}jfPt+1U+ru1t?0BIHv8u z$Ju9_BN9UXS5Cl?!D7+tPWFU7)Fs@lYvjh6;-2=Rf;YH>Q>l2x^e?|*QzIGks)B+R zPuZ^9n$@v~0gRFanxtd1ye|cz2$GY`I80U-`*)8v>_)&wS(Yc}OhEt?eeqcKQL(3O z*&jjQNlz&_q7HT>QWzGvkhvV9NEMF2bDvcSpWb4 diff --git a/dogfood/update-keys.sh b/dogfood/update-keys.sh deleted file mode 100755 index 9ebaf77bb5256..0000000000000 --- a/dogfood/update-keys.sh +++ /dev/null @@ -1,62 +0,0 @@ -#!/usr/bin/env bash - -set -euo pipefail - -PROJECT_ROOT="$(git rev-parse --show-toplevel)" - -curl_flags=( - --silent - --show-error - --location -) - -gpg_flags=( - --dearmor - --yes -) - -pushd "$PROJECT_ROOT/dogfood/files/usr/share/keyrings" -# Upstream Docker signing key -curl "${curl_flags[@]}" "https://download.docker.com/linux/ubuntu/gpg" | - gpg "${gpg_flags[@]}" --output="docker.gpg" - -# Google Cloud signing key -curl "${curl_flags[@]}" "https://packages.cloud.google.com/apt/doc/apt-key.gpg" | - gpg "${gpg_flags[@]}" --output="google-cloud.gpg" - -# Google Linux Software repository signing key (Chrome) -curl "${curl_flags[@]}" "https://dl.google.com/linux/linux_signing_key.pub" | - gpg "${gpg_flags[@]}" --output="google-chrome.gpg" - -# Microsoft repository signing key (Edge) -curl "${curl_flags[@]}" "https://packages.microsoft.com/keys/microsoft.asc" | - gpg "${gpg_flags[@]}" --output="microsoft.gpg" - -# Upstream PostgreSQL signing key -curl "${curl_flags[@]}" "https://www.postgresql.org/media/keys/ACCC4CF8.asc" | - gpg "${gpg_flags[@]}" --output="postgresql.gpg" - -# NodeSource signing key -curl "${curl_flags[@]}" "https://deb.nodesource.com/gpgkey/nodesource.gpg.key" | - gpg "${gpg_flags[@]}" --output="nodesource.gpg" - -# Yarnpkg signing key -curl "${curl_flags[@]}" "https://dl.yarnpkg.com/debian/pubkey.gpg" | - gpg "${gpg_flags[@]}" --output="yarnpkg.gpg" - -# Ansible PPA signing key -curl "${curl_flags[@]}" "https://keyserver.ubuntu.com/pks/lookup?op=get&search=0x6125e2a8c77f2818fb7bd15b93c4a3fd7bb9c367" | - gpg "${gpg_flags[@]}" --output="ansible.gpg" - -# Neovim signing key -curl "${curl_flags[@]}" "https://keyserver.ubuntu.com/pks/lookup?op=get&search=0x9dbb0be9366964f134855e2255f96fcf8231b6dd" | - gpg "${gpg_flags[@]}" --output="neovim.gpg" - -# Hashicorp signing key -curl "${curl_flags[@]}" "https://apt.releases.hashicorp.com/gpg" | - gpg "${gpg_flags[@]}" --output="hashicorp.gpg" - -# GitHub CLI signing key -curl "${curl_flags[@]}" "https://cli.github.com/packages/githubcli-archive-keyring.gpg" | - gpg "${gpg_flags[@]}" --output="github-cli.gpg" -popd From b0f34cbf214a96cfdd4f5d3b72d5d8c3c6804295 Mon Sep 17 00:00:00 2001 From: Kyle Carberry Date: Thu, 17 Aug 2023 17:30:35 -0500 Subject: [PATCH 25/36] Tag and push with branch name --- .github/workflows/dogfood.yaml | 14 +++++++++++++- flake.nix | 2 +- 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/.github/workflows/dogfood.yaml b/.github/workflows/dogfood.yaml index cc2c0d620503f..7446d211a9f2a 100644 --- a/.github/workflows/dogfood.yaml +++ b/.github/workflows/dogfood.yaml @@ -5,6 +5,8 @@ on: branches: - main paths: + - "flake.nix" + - "flake.lock" - "dogfood/**" - ".github/workflows/dogfood.yaml" # Uncomment these lines when testing with CI. @@ -23,6 +25,14 @@ jobs: - name: Checkout uses: actions/checkout@v3 + - name: "Branch name to Docker tag name" + id: docker-tag-name + run: | + tag=${{ steps.branch-name.outputs.current_branch }} + # Replace / with --, e.g. user/feature => user--feature. + tag=${tag//\//--} + echo "tag=${tag}" >> $GITHUB_OUTPUT + - uses: cachix/install-nix-action@v22 with: github_access_token: ${{ secrets.GITHUB_TOKEN }} @@ -36,7 +46,9 @@ jobs: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_PASSWORD }} - - run: docker push codercom/oss-dogfood:testing + - run: | + docker tag codercom/oss-dogfood:latest codercom/oss-dogfood:${{ steps.docker-tag-name.outputs.tag }} + docker push codercom/oss-dogfood -a deploy_template: needs: deploy_image diff --git a/flake.nix b/flake.nix index 797f326702e69..65eaadfb3d225 100644 --- a/flake.nix +++ b/flake.nix @@ -115,7 +115,7 @@ # This will import the image into your local Docker daemon. devEnvImage = pkgs.dockerTools.streamLayeredImage { name = "codercom/oss-dogfood"; - tag = "testing"; + tag = "latest"; fromImage = intermediateDevEnvImage; maxLayers = 64; contents = [ From a9f623c6e73ec6db64592b5533cd0b65527a1255 Mon Sep 17 00:00:00 2001 From: Kyle Carberry Date: Thu, 17 Aug 2023 17:35:13 -0500 Subject: [PATCH 26/36] Fix tag passing --- .github/workflows/dogfood.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/dogfood.yaml b/.github/workflows/dogfood.yaml index 7446d211a9f2a..3c5107839e1b8 100644 --- a/.github/workflows/dogfood.yaml +++ b/.github/workflows/dogfood.yaml @@ -47,8 +47,10 @@ jobs: password: ${{ secrets.DOCKERHUB_PASSWORD }} - run: | - docker tag codercom/oss-dogfood:latest codercom/oss-dogfood:${{ steps.docker-tag-name.outputs.tag }} + docker tag codercom/oss-dogfood:latest codercom/oss-dogfood:$DOCKER_TAG docker push codercom/oss-dogfood -a + env: + DOCKER_TAG: ${{ steps.docker-tag-name.outputs.tag }} deploy_template: needs: deploy_image From 986c1a8dfc706493c7d63d8ead3ea75159464afa Mon Sep 17 00:00:00 2001 From: Kyle Carberry Date: Thu, 17 Aug 2023 17:38:17 -0500 Subject: [PATCH 27/36] Fix tag passing --- .github/workflows/dogfood.yaml | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/.github/workflows/dogfood.yaml b/.github/workflows/dogfood.yaml index 3c5107839e1b8..c29fb1a1091f4 100644 --- a/.github/workflows/dogfood.yaml +++ b/.github/workflows/dogfood.yaml @@ -25,6 +25,10 @@ jobs: - name: Checkout uses: actions/checkout@v3 + - name: Get branch name + id: branch-name + uses: tj-actions/branch-names@v6.5 + - name: "Branch name to Docker tag name" id: docker-tag-name run: | @@ -47,10 +51,8 @@ jobs: password: ${{ secrets.DOCKERHUB_PASSWORD }} - run: | - docker tag codercom/oss-dogfood:latest codercom/oss-dogfood:$DOCKER_TAG + docker tag codercom/oss-dogfood:latest codercom/oss-dogfood:${{ steps.docker-tag-name.outputs.tag }} docker push codercom/oss-dogfood -a - env: - DOCKER_TAG: ${{ steps.docker-tag-name.outputs.tag }} deploy_template: needs: deploy_image From 600e9b2e6c2c3ecfd889eafcf965ac4ab2b96b9a Mon Sep 17 00:00:00 2001 From: Kyle Carberry Date: Thu, 17 Aug 2023 17:43:06 -0500 Subject: [PATCH 28/36] Remove old pull triggers --- dogfood/main.tf | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/dogfood/main.tf b/dogfood/main.tf index 554ba21eda07f..da3e0a4960ca7 100644 --- a/dogfood/main.tf +++ b/dogfood/main.tf @@ -266,9 +266,7 @@ data "docker_registry_image" "dogfood" { resource "docker_image" "dogfood" { name = "${local.registry_name}@${data.docker_registry_image.dogfood.sha256_digest}" pull_triggers = [ - data.docker_registry_image.dogfood.sha256_digest, - sha1(join("", [for f in fileset(path.module, "files/*") : filesha1(f)])), - filesha1("Dockerfile"), + data.docker_registry_image.dogfood.sha256_digest ] keep_locally = true } From c00fca78afd7ca1686c31b0b52c2c28ab70feb92 Mon Sep 17 00:00:00 2001 From: Kyle Carberry Date: Thu, 17 Aug 2023 18:02:30 -0500 Subject: [PATCH 29/36] Convert gen to use Nix --- .github/workflows/ci.yaml | 34 ++++------------------------------ .github/workflows/dogfood.yaml | 1 - 2 files changed, 4 insertions(+), 31 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index a5bb76489e086..3e5711eb77427 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -169,38 +169,12 @@ jobs: with: fetch-depth: 1 - - name: Setup Node - uses: ./.github/actions/setup-node - - - name: Setup Go - uses: ./.github/actions/setup-go - - - name: Setup sqlc - uses: ./.github/actions/setup-sqlc - - - name: go install tools - run: | - go install google.golang.org/protobuf/cmd/protoc-gen-go@v1.30 - go install storj.io/drpc/cmd/protoc-gen-go-drpc@v0.0.33 - go install golang.org/x/tools/cmd/goimports@latest - go install github.com/mikefarah/yq/v4@v4.30.6 - go install github.com/golang/mock/mockgen@v1.6.0 - - - name: Install Protoc - run: | - # protoc must be in lockstep with our dogfood Dockerfile or the - # version in the comments will differ. This is also defined in - # security.yaml - set -x - cd dogfood - DOCKER_BUILDKIT=1 docker build . --target proto -t protoc - protoc_path=/usr/local/bin/protoc - docker run --rm --entrypoint cat protoc /tmp/bin/protoc > $protoc_path - chmod +x $protoc_path - protoc --version + - uses: cachix/install-nix-action@v22 + with: + nix_path: nixpkgs=channel:nixos-unstable - name: make gen - run: "make --output-sync -j -B gen" + run: "nix-shell --command 'make --output-sync -j -B gen'" - name: Check for unstaged files run: ./scripts/check_unstaged.sh diff --git a/.github/workflows/dogfood.yaml b/.github/workflows/dogfood.yaml index c29fb1a1091f4..b32aa6e330f39 100644 --- a/.github/workflows/dogfood.yaml +++ b/.github/workflows/dogfood.yaml @@ -39,7 +39,6 @@ jobs: - uses: cachix/install-nix-action@v22 with: - github_access_token: ${{ secrets.GITHUB_TOKEN }} nix_path: nixpkgs=channel:nixos-unstable - run: nix build .#devEnvImage && ./result | docker load From 18f58c4b7ec2f2b94e2ff5d195838355732ed7df Mon Sep 17 00:00:00 2001 From: Kyle Carberry Date: Thu, 17 Aug 2023 18:04:43 -0500 Subject: [PATCH 30/36] Add protobuf to the flake --- flake.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/flake.nix b/flake.nix index 65eaadfb3d225..3903e69b2c68c 100644 --- a/flake.nix +++ b/flake.nix @@ -45,6 +45,7 @@ pixman pkg-config postgresql + protobuf protoc-gen-go ripgrep screen From eb95b64cb48267e3ae445de8377fb9e099379922 Mon Sep 17 00:00:00 2001 From: Kyle Carberry Date: Thu, 17 Aug 2023 18:08:27 -0500 Subject: [PATCH 31/36] Add prettier to the dev shell --- flake.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/flake.nix b/flake.nix index 3903e69b2c68c..28c4ef2a9cca9 100644 --- a/flake.nix +++ b/flake.nix @@ -37,6 +37,7 @@ nix nodejs nodePackages.pnpm + nodePackages.prettier nodePackages.typescript nodePackages.typescript-language-server openssh From 24e998d69da9fdb30ecd19c37b3c117d2e4daad8 Mon Sep 17 00:00:00 2001 From: Kyle Carberry Date: Thu, 17 Aug 2023 18:12:27 -0500 Subject: [PATCH 32/36] Swap to the faster Nix cache action --- .github/workflows/ci.yaml | 8 +++++--- .github/workflows/dogfood.yaml | 8 +++++--- 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 3e5711eb77427..8212e77e9b2ee 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -169,9 +169,11 @@ jobs: with: fetch-depth: 1 - - uses: cachix/install-nix-action@v22 - with: - nix_path: nixpkgs=channel:nixos-unstable + - name: Install Nix + uses: DeterminateSystems/nix-installer-action@v4 + + - name: Run the Magic Nix Cache + uses: DeterminateSystems/magic-nix-cache-action@v2 - name: make gen run: "nix-shell --command 'make --output-sync -j -B gen'" diff --git a/.github/workflows/dogfood.yaml b/.github/workflows/dogfood.yaml index b32aa6e330f39..d61a75cf833f6 100644 --- a/.github/workflows/dogfood.yaml +++ b/.github/workflows/dogfood.yaml @@ -37,9 +37,11 @@ jobs: tag=${tag//\//--} echo "tag=${tag}" >> $GITHUB_OUTPUT - - uses: cachix/install-nix-action@v22 - with: - nix_path: nixpkgs=channel:nixos-unstable + - name: Install Nix + uses: DeterminateSystems/nix-installer-action@v4 + + - name: Run the Magic Nix Cache + uses: DeterminateSystems/magic-nix-cache-action@v2 - run: nix build .#devEnvImage && ./result | docker load From bb489cd961478dcaedb4d636d91ee356186ed757 Mon Sep 17 00:00:00 2001 From: Kyle Carberry Date: Thu, 17 Aug 2023 18:17:37 -0500 Subject: [PATCH 33/36] Add the correct yq --- .github/workflows/dogfood.yaml | 3 ++- flake.nix | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/dogfood.yaml b/.github/workflows/dogfood.yaml index d61a75cf833f6..2e8a28b6a51b7 100644 --- a/.github/workflows/dogfood.yaml +++ b/.github/workflows/dogfood.yaml @@ -51,7 +51,8 @@ jobs: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_PASSWORD }} - - run: | + - name: Tag and Push + run: | docker tag codercom/oss-dogfood:latest codercom/oss-dogfood:${{ steps.docker-tag-name.outputs.tag }} docker push codercom/oss-dogfood -a diff --git a/flake.nix b/flake.nix index 28c4ef2a9cca9..f7287b0243afd 100644 --- a/flake.nix +++ b/flake.nix @@ -57,7 +57,7 @@ terraform typos vim - yq + yq-go zip zstd ]; From 0b27d6609640469938b6c7a0a557504d8484aa55 Mon Sep 17 00:00:00 2001 From: Kyle Carberry Date: Thu, 17 Aug 2023 18:38:04 -0500 Subject: [PATCH 34/36] Fix gen --- .prettierignore | 3 +++ provisionerd/proto/provisionerd.pb.go | 4 ++-- provisionerd/proto/provisionerd_drpc.pb.go | 2 +- provisionersdk/proto/provisioner.pb.go | 4 ++-- provisionersdk/proto/provisioner_drpc.pb.go | 10 +--------- site/.eslintignore | 3 +++ site/.prettierignore | 3 +++ 7 files changed, 15 insertions(+), 14 deletions(-) diff --git a/.prettierignore b/.prettierignore index d68357703d7ce..29a161fcb86f5 100644 --- a/.prettierignore +++ b/.prettierignore @@ -64,6 +64,9 @@ site/stats/ ./scaletest/terraform/.terraform.lock.hcl scaletest/terraform/secrets.tfvars .terraform.tfstate.* + +# Nix +result # .prettierignore.include: # Helm templates contain variables that are invalid YAML and can't be formatted # by Prettier. diff --git a/provisionerd/proto/provisionerd.pb.go b/provisionerd/proto/provisionerd.pb.go index d7db84d69813e..0a3d897150913 100644 --- a/provisionerd/proto/provisionerd.pb.go +++ b/provisionerd/proto/provisionerd.pb.go @@ -1,7 +1,7 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 -// protoc v4.23.3 +// protoc-gen-go v1.31.0 +// protoc v3.21.12 // source: provisionerd/proto/provisionerd.proto package proto diff --git a/provisionerd/proto/provisionerd_drpc.pb.go b/provisionerd/proto/provisionerd_drpc.pb.go index ed3155fb21eaa..058af595809b8 100644 --- a/provisionerd/proto/provisionerd_drpc.pb.go +++ b/provisionerd/proto/provisionerd_drpc.pb.go @@ -1,5 +1,5 @@ // Code generated by protoc-gen-go-drpc. DO NOT EDIT. -// protoc-gen-go-drpc version: v0.0.33 +// protoc-gen-go-drpc version: (devel) // source: provisionerd/proto/provisionerd.proto package proto diff --git a/provisionersdk/proto/provisioner.pb.go b/provisionersdk/proto/provisioner.pb.go index 24281d4c252db..52f60cede1d51 100644 --- a/provisionersdk/proto/provisioner.pb.go +++ b/provisionersdk/proto/provisioner.pb.go @@ -1,7 +1,7 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 -// protoc v4.23.3 +// protoc-gen-go v1.31.0 +// protoc v3.21.12 // source: provisionersdk/proto/provisioner.proto package proto diff --git a/provisionersdk/proto/provisioner_drpc.pb.go b/provisionersdk/proto/provisioner_drpc.pb.go index d8b40060cd376..d307402447c78 100644 --- a/provisionersdk/proto/provisioner_drpc.pb.go +++ b/provisionersdk/proto/provisioner_drpc.pb.go @@ -1,5 +1,5 @@ // Code generated by protoc-gen-go-drpc. DO NOT EDIT. -// protoc-gen-go-drpc version: v0.0.33 +// protoc-gen-go-drpc version: (devel) // source: provisionersdk/proto/provisioner.proto package proto @@ -76,10 +76,6 @@ type drpcProvisioner_ParseClient struct { drpc.Stream } -func (x *drpcProvisioner_ParseClient) GetStream() drpc.Stream { - return x.Stream -} - func (x *drpcProvisioner_ParseClient) Recv() (*Parse_Response, error) { m := new(Parse_Response) if err := x.MsgRecv(m, drpcEncoding_File_provisionersdk_proto_provisioner_proto{}); err != nil { @@ -111,10 +107,6 @@ type drpcProvisioner_ProvisionClient struct { drpc.Stream } -func (x *drpcProvisioner_ProvisionClient) GetStream() drpc.Stream { - return x.Stream -} - func (x *drpcProvisioner_ProvisionClient) Send(m *Provision_Request) error { return x.MsgSend(m, drpcEncoding_File_provisionersdk_proto_provisioner_proto{}) } diff --git a/site/.eslintignore b/site/.eslintignore index 9bed2be372b11..71c636297172e 100644 --- a/site/.eslintignore +++ b/site/.eslintignore @@ -64,6 +64,9 @@ stats/ .././scaletest/terraform/.terraform.lock.hcl ../scaletest/terraform/secrets.tfvars .terraform.tfstate.* + +# Nix +result # .prettierignore.include: # Helm templates contain variables that are invalid YAML and can't be formatted # by Prettier. diff --git a/site/.prettierignore b/site/.prettierignore index 9bed2be372b11..71c636297172e 100644 --- a/site/.prettierignore +++ b/site/.prettierignore @@ -64,6 +64,9 @@ stats/ .././scaletest/terraform/.terraform.lock.hcl ../scaletest/terraform/secrets.tfvars .terraform.tfstate.* + +# Nix +result # .prettierignore.include: # Helm templates contain variables that are invalid YAML and can't be formatted # by Prettier. From a361ca859131a62dae05e0deab95209899ede0cd Mon Sep 17 00:00:00 2001 From: Kyle Carberry Date: Thu, 17 Aug 2023 18:39:38 -0500 Subject: [PATCH 35/36] Add make to the flake --- flake.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/flake.nix b/flake.nix index f7287b0243afd..2cfc2acee8b8d 100644 --- a/flake.nix +++ b/flake.nix @@ -24,6 +24,7 @@ exa getopt git + gnumake gnused go_1_20 go-migrate From 6c07b2af83e7229bb93ce960f1dbc733301fe793 Mon Sep 17 00:00:00 2001 From: Kyle Carberry Date: Thu, 17 Aug 2023 21:06:16 -0500 Subject: [PATCH 36/36] Update extensions --- .github/workflows/dogfood.yaml | 12 ++++++------ flake.nix | 2 +- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/dogfood.yaml b/.github/workflows/dogfood.yaml index 2e8a28b6a51b7..bbed89679f7d1 100644 --- a/.github/workflows/dogfood.yaml +++ b/.github/workflows/dogfood.yaml @@ -10,12 +10,12 @@ on: - "dogfood/**" - ".github/workflows/dogfood.yaml" # Uncomment these lines when testing with CI. - pull_request: - paths: - - "flake.nix" - - "flake.lock" - - "dogfood/**" - - ".github/workflows/dogfood.yaml" + # pull_request: + # paths: + # - "flake.nix" + # - "flake.lock" + # - "dogfood/**" + # - ".github/workflows/dogfood.yaml" workflow_dispatch: jobs: diff --git a/flake.nix b/flake.nix index 2cfc2acee8b8d..fb7ba9f64f133 100644 --- a/flake.nix +++ b/flake.nix @@ -98,7 +98,7 @@ # These will also be applied to the container config. devEnvVars = [ "PATH=${pkgs.lib.makeBinPath devShellPackages}:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/home/coder/go/bin" - #This setting prevents Go from using the public checksum database for + # This setting prevents Go from using the public checksum database for # our module path prefixes. It is required because these are in private # repositories that require authentication. #