From 0a444e205a7547efdfedd4998aea1788cc719f6a Mon Sep 17 00:00:00 2001
From: "ryan-distrust.co" <ryan@hashbang.sh>
Date: Wed, 24 May 2023 23:18:29 -0400
Subject: [PATCH] go toolchain 1.20.4: not working, need to fix GOROOT

---
 Makefile          | 47 +++++++++++++++++++++++++++++++++++++++++------
 README.md         |  1 +
 config/global.env | 12 ++++++++++++
 3 files changed, 54 insertions(+), 6 deletions(-)

diff --git a/Makefile b/Makefile
index 4b72995..2709cad 100644
--- a/Makefile
+++ b/Makefile
@@ -111,6 +111,15 @@ apply: \
 $(CACHE_DIR)/secrets:
 	mkdir -p $@
 
+$(FETCH_DIR)/go:
+	mkdir -p $@ $@.tmp
+	wget https://go.dev/dl/$(GO_VERSION).src.tar.gz -O $@.tmp/$(GO_VERSION).src.tar.gz
+	echo "$(GO_HASH) $@.tmp/$(GO_VERSION).src.tar.gz" | sha256sum --strict --check -
+	# Verify tar file is still in same format from 1.20.x
+	tar -x go/VERSION -f $@.tmp/$(GO_VERSION).src.tar.gz -O > /dev/null
+	tar -xf $@.tmp/$(GO_VERSION).src.tar.gz -C $(FETCH_DIR)
+	rm -r $@.tmp
+
 $(FETCH_DIR)/terraform:
 	$(call git_clone,$@,$(TERRAFORM_REPO),$(TERRAFORM_REF))
 
@@ -120,46 +129,72 @@ $(FETCH_DIR)/sops:
 $(FETCH_DIR)/talosctl:
 	$(call git_clone,$@,$(TALOSCTL_REPO),$(TALOSCTL_REF))
 
-$(OUT_DIR)/terraform: $(FETCH_DIR)/terraform
+$(FETCH_DIR)/kubectl:
+	$(call git_clone,$@,$(KUBECTL_REPO),$(KUBECTL_REF))
+
+$(OUT_DIR)/go: $(FETCH_DIR)/go
+	$(call toolchain," \
+		cd $(FETCH_DIR)/go/src && \
+		mkdir -p /home/build/$@-root/pkg && \
+		GOROOT_FINAL=/home/build/$@-root/ \
+		./make.bash && \
+		cp /home/build/$(FETCH_DIR)/go/bin/go /home/build/$@ && \
+		cp -r /home/build/$(FETCH_DIR)/go/pkg/* /home/build/$@-root/pkg \
+	")
+
+$(OUT_DIR)/terraform: $(FETCH_DIR)/terraform $(OUT_DIR)/go
 	$(call toolchain," \
 		cd $(FETCH_DIR)/terraform && \
 		export SSL_CERT_DIR=/etc/ssl/certs && \
 		export CGO_ENABLED=0 && \
 		export GOCACHE=/home/build/$(CACHE_DIR) && \
 		export GOPATH=/home/build/$(CACHE_DIR) && \
-		go build \
+		/home/build/$(OUT_DIR)/go build \
 			-v \
 			-trimpath \
 			-ldflags='-w -extldflags=-static' \
 			-o /home/build/$@ \
 	")
 
-$(OUT_DIR)/sops: $(FETCH_DIR)/sops
+$(OUT_DIR)/sops: $(FETCH_DIR)/sops $(OUT_DIR)/go
 	$(call toolchain," \
 		cd $(FETCH_DIR)/sops && \
 		export CGO_ENABLED=0 && \
 		export GOCACHE=/home/build/$(CACHE_DIR) && \
 		export GOPATH=/home/build/$(CACHE_DIR) && \
-		go build \
+		/home/build/$(OUT_DIR)/go build \
 			-v \
 			-trimpath \
 			-ldflags='-w -extldflags=-static' \
 			-o /home/build/$@ $(SOPS_PKG) \
 	")
 
-$(OUT_DIR)/talosctl: $(FETCH_DIR)/talosctl
+$(OUT_DIR)/talosctl: $(FETCH_DIR)/talosctl $(OUT_DIR)/go
 	$(call toolchain," \
 		cd $(FETCH_DIR)/talosctl && \
 		export CGO_ENABLED=0 && \
 		export GOCACHE=/home/build/$(CACHE_DIR) && \
 		export GOPATH=/home/build/$(CACHE_DIR) && \
-		go build \
+		/home/build/$(OUT_DIR)/go build \
 			-v \
 			-trimpath \
 			-ldflags='-w -extldflags=-static' \
 			-o /home/build/$@ $(TALOSCTL_PKG) \
 	")
 
+$(OUT_DIR)/kubectl: $(FETCH_DIR)/kubectl $(OUT_DIR)/go
+	$(call toolchain," \
+		cd $(FETCH_DIR)/kubectl && \
+		export CGO_ENABLED=0 && \
+		export GOCACHE=/home/build/$(CACHE_DIR) && \
+		export GOPATH=/home/build/$(CACHE_DIR) && \
+		/home/build/$(OUT_DIR)/go build \
+			-v \
+			-trimpath \
+			-ldflags='-w -extldflags=-static' \
+			-o /home/build/$@ $(KUBECTL_PKG) \
+	")
+
 # Note: Decryption MUST reset the mod time to avoid encryption/decryption loops
 # Encrypt if:
 # - Both files exist, local is newer than remote
diff --git a/README.md b/README.md
index 2082866..ffb71c3 100644
--- a/README.md
+++ b/README.md
@@ -6,6 +6,7 @@ For the purpose of transparency, we include our infrastructure configuration rig
 
 * Docker
 * GNU Make
+* wget
 
 ## Usage
 
diff --git a/config/global.env b/config/global.env
index 5e45d82..5ec3054 100644
--- a/config/global.env
+++ b/config/global.env
@@ -1,4 +1,6 @@
 DEBIAN_HASH=f9e970d357981f7f5055f89365af980534ce742fc11480c51f929da83aa15980
+GO_VERSION=go1.20.4
+GO_HASH=9f34ace128764b7a3a4b238b805856cc1b2184304df9e5690825b0710f4202d6
 TERRAFORM_REF=6c2c6cfa1b55bd6ff4cf4e26ef86d8d7ab0465ec
 TERRAFORM_REPO=https://github.com/hashicorp/terraform
 SOPS_REF=86f500de6102f5219e3fd0a25c718db01a7d39ed
@@ -7,3 +9,13 @@ SOPS_PKG=go.mozilla.org/sops/v3/cmd/sops
 TALOSCTL_REF=a2cc92b8a54e42fc2554d49e4e2147a57fba69cb
 TALOSCTL_REPO=https://github.com/siderolabs/talos
 TALOSCTL_PKG=github.com/siderolabs/talos/cmd/talosctl
+KUBECTL_REF=4c9411232e10168d7b050c49a1b59f6df9d7ea4b
+KUBECTL_REPO=https://github.com/kubernetes/kubernetes
+KUBECTL_PKG=k8s.io/kubernetes/cmd/kubectl
+KSOPS_REF=b524c792a9ce0409dfec1aa9da42ea56ab85a16f
+KSOPS_REPO=https://github.com/viaduct-ai/kustomize-sops
+KUSTOMIZE_REF=3cac8448d3d604e1a38cd3c4bfe4585438f259ed
+KUSTOMIZE_REPO=https://github.com/kubernetes-sigs/kustomize
+HELM_REF=c9f554d75773799f72ceef38c51210f1842a1dea
+HELM_REPO=https://github.com/helm/helm
+HELM_PKG=./cmd/helm