Remove update/go from go/deps cmd

[vankichi]

Description

SSIA

Related Issue

Versions

• Vald Version: v1.7.16
• Go Version: v1.23.6
• Rust Version: v1.83.0
• Docker Version: v27.4.0
• Kubernetes Version: v1.32.0
• Helm Version: v3.16.3
• NGT Version: v2.3.5
• Faiss Version: v1.9.0

Checklist

• I have read the CONTRIBUTING document and completed our CLA agreement.
• I have checked open Pull Requests for the similar feature or fixes?

Special notes for your reviewer

Summary by CodeRabbit

• Chores
  • Streamlined the dependency management process, simplifying how module versions and package cleanup are handled.

[coderabbitai]

📝 Walkthrough

Walkthrough

The changes update the go/deps target in Makefile.d/dependencies.mk. The dependency on update/go has been removed. Instead of invoking that dependency, the target now directly executes commands to read, filter, sort, and modify content from $(ROOTDIR)/hack/go.mod.default. The flow for cleaning up Go package dependencies, including copying and tidying module files, remains unchanged.

Changes

File	Change Summary
Makefile.d/dependencies.mk	Updated go/deps target: removed dependency on update/go; now directly executes commands to read, filter, sort, and update Go dependency data.

Sequence Diagram(s)

sequenceDiagram
    participant M as Makefile
    participant G as go/deps Target
    participant F as File Processor
    M->>G: Invoke go/deps target
    G->>F: Read $(ROOTDIR)/hack/go.mod.default and filter lines
    F-->>G: Return processed data
    G->>G: Sort and modify dependency versions
    G->>M: Execute dependency cleanup (copy and tidy)

Loading

Possibly related PRs

• Backport PR #2737 to release/v1.7 for Fix update deps workflow: buf is not found #2739: Updates dependency management workflow involving Go dependencies, which relates to the modifications in the go/deps target.

Suggested labels

priority/low

Suggested reviewers

• kpango
• datelier

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR. (Beta)
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[cloudflare-workers-and-pages]

Deploying vald with    Cloudflare Pages

Latest commit:	a1e63fa
Status:	✅  Deploy successful!
Preview URL:	https://1da3074c.vald.pages.dev
Branch Preview URL:	https://refactor-makefile-remove-upd.vald.pages.dev

View logs

[vdaas-ci]

[CHATOPS:HELP] ChatOps commands.

• 🙆‍♀️ /approve - approve
• 🍱 /format - format codes and add licenses
• ✅ /gen-test - generate test codes
• 🏷️ /label - add labels
• 🔚 2️⃣ 🔚 /label actions/e2e-deploy - run E2E deploy & integration test

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

Makefile.d/dependencies.mk (1)

73-75: Consider error handling for go mod tidy.

The command suppresses errors only for go get -u all but not for go mod tidy. Consider adding error handling for consistency.

-GOPRIVATE=$(GOPRIVATE) go mod tidy
+GOPRIVATE=$(GOPRIVATE) go mod tidy || true

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 0b7176b and a1e63fa.

📒 Files selected for processing (1)

• Makefile.d/dependencies.mk (1 hunks)

🔇 Additional comments (2)

Makefile.d/dependencies.mk (2)

57-72: LGTM! Clean dependency management logic.

The conditional block for cleaning dependencies is well-structured with proper error handling and repeated cleanup for thoroughness.

---

54-56:

❓ Verification inconclusive

Verify the command output and Go version update.

Two potential issues in the commands:

1. The head and awk command on line 55 is missing output redirection, making its output unused.
2. The removal of the update/go dependency might lead to using an outdated Go version.

Run this script to check the Go version handling:

---

🏁 Script executed:

#!/bin/bash
# Description: Check if GO_VERSION is properly set and used

# Check if GO_VERSION is set
echo "Checking GO_VERSION variable..."
make -n go/deps | grep GO_VERSION

# Check the content of versions/GO_VERSION
echo "Checking versions/GO_VERSION file..."
cat versions/GO_VERSION 2>/dev/null || echo "File not found"

# Check go.mod.default
echo "Checking go.mod.default..."
head -n 3 hack/go.mod.default 2>/dev/null || echo "File not found"

Length of output: 454

---

Attention: Verify the Output Handling in the go/deps Target

• The Go version update is working as expected—hack/go.mod.default now shows the matching version from versions/GO_VERSION (which is "1.23.6").
• However, the filtering command on line 55 (using head, awk, and sort) does not redirect its output. If this output is intended for further use (such as for logging or processing), consider adding the appropriate redirection or pipeline.
• Although the removal of the update/go dependency might initially seem risky, the in-place version update on line 56 alleviates concerns by ensuring consistency. Still, please verify that no additional side effects arise from removing this dependency.