Description
Hello,
I'm having a bit of trouble getting reproducible builds with CoreDNS, which makes tracking down issues much harder.
I have a build that I made 5 days ago and worked just fine, but the build I'm making today have broken the config we used.
Most of the pain comes from the custom build process that CoreDNS uses with its makefile, which does go get + git checkout to lock down dependencies, where this could be better served by leveraging the vendor folder.
There are already a bunch of dependencies checked in into the vendor folder, my question is why not vendor all dependencies? That way building coredns would basically just be
go generate
go build
We can't just use one of the tagged releases because we add external plugins so we need to rebuild CoreDNS, and the go get steps fail if the coredns repo is checked out in a non-master branch or a branch that does not exist on the remote repo (due to interdependencies between coredns and plugins).
I'd love to hear about how people have addressed those kinds of problems as well, maybe I'm not approaching this the right way.