internal: check deps as part of vet.sh
While we're in the $GOPATH transitionary period, a dependency could
accidentally find its way into our require statements without being codified in
go.mod/go.sum. This CL makes our CI check for such a case, and exit 1 if it
detects it.
Change-Id: Ie087bc8ef91e9099d4520c4b55863de36d977c27
Reviewed-on: https://code-review.googlesource.com/c/37411
Reviewed-by: Eno Compton <enocom@google.com>
Reviewed-by: kokoro <noreply+kokoro@google.com>
diff --git a/internal/kokoro/vet.sh b/internal/kokoro/vet.sh
index e81d04e..0bfec23 100755
--- a/internal/kokoro/vet.sh
+++ b/internal/kokoro/vet.sh
@@ -14,11 +14,8 @@
#!/bin/bash
-# Fail on any error
-set -eo
-
-# Display commands being run
-set -x
+# Fail on error, and display commands being run.
+set -ex
# Only run the linter on go1.11, since it needs type aliases (and we only care about its output once).
# TODO(deklerk) We should pass an environment variable from kokoro to decide this logic instead.
@@ -28,12 +25,17 @@
pwd
+# Fail if a dependency was added without the necessary go.mod/go.sum change
+# being part of the commit.
+GO111MODULE=on go mod tidy
+git diff go.mod | tee /dev/stderr | (! read)
+git diff go.sum | tee /dev/stderr | (! read)
+
try3() { eval "$*" || eval "$*" || eval "$*"; }
try3 go get -u \
golang.org/x/lint/golint \
golang.org/x/tools/cmd/goimports \
- golang.org/x/lint/golint \
honnef.co/go/tools/cmd/staticcheck
# Look at all .go files (ignoring .pb.go files) and make sure they have a Copyright. Fail if any don't.
