Signed-off-by: William Hubbs <willi...@gentoo.org>
---
eclass/go-module.eclass | 117 ++++++++++++++++++++++++++++++++++++++++
1 file changed, 117 insertions(+)
create mode 100644 eclass/go-module.eclass
diff --git a/eclass/go-module.eclass b/eclass/go-module.eclass
new file mode 100644
index 00000000000..7e16ec4e95c
--- /dev/null
+++ b/eclass/go-module.eclass
@@ -0,0 +1,117 @@
+# Copyright 2019 gentoo authors
+# Distributed under the terms of the GNU General Public License v2
+
+# @ECLASS: go-module.eclass
+# @MAINTAINER:
+# William Hubbs <willi...@gentoo.org>
+# @SUPPORTED_EAPIS: 7
+# @BLURB: basic eclass for building software written in the go
+# programming language that uses go modules.
+# @DESCRIPTION:
+# This eclass provides some basic things needed by all software
+# written in the go programming language that uses go modules.
+#
+# You will know the software you are packaging uses modules because
+# it will have files named go.sum and go.mod in its top-level source
+# directory. If it does not have these files, use the golang-* eclasses.
+#
+# If the software you are packaging uses modules, the next question is
+# whether it has a directory named "vendor" at the top-level of the source
tree.
+#
+# If it doesn't, you need to create a tarball of what would be in the
+# vendor directory and mirror it locally.
+# If foo-1.0 is the name of your project and you have the tarball for it
+# in your current directory, this is done with the following commands:
+#
+# @CODE:
+#
+# tar -xf foo-1.0.tar.gz
+# cd foo-1.0
+# go mod vendor
+# cd ..
+# tar -acf foo-1.0-vendor.tar.gz foo-1.0/vendor
+#
+# @CODE:
+
+# If we uncomment src_prepare below, the last two lines in the above
+# code block are reduced to one:
+#
+# @CODE:
+#
+# tar -acf foo-1.0-vendor.tar.gz vendor
+#
+# @CODE:
+
+case ${EAPI:-0} in
+ 7) ;;
+ *) die "${ECLASS} API in EAPI ${EAPI} not yet established."
+esac
+
+if [[ -z ${_GO_MODULE} ]]; then
+
+_GO_MODULE=1
+
+BDEPEND=">=dev-lang/go-1.12"
+
+# The following go flags should be used for all go builds.
+# -mod=vendor stopps downloading of dependencies from the internet.
+# -v prints the names of packages as they are compiled
+# -x prints commands as they are executed
+export GOFLAGS="-mod=vendor -v -x"
+
+# Do not complain about CFLAGS etc since go projects do not use them.
+QA_FLAGS_IGNORED='.*'
+
+# Go packages should not be stripped with strip(1).
+RESTRICT="strip"
+
+# EXPORT_FUNCTIONS src_prepare pkg_postinst
+ EXPORT_FUNCTIONS pkg_postinst
+
+# @FUNCTION: go-module_src_prepare
+# @DESCRIPTION:
+# Run a default src_prepare then move our provided vendor directory to
+# the appropriate spot if upstream doesn't provide a vendor directory.
+#
+# This is commented out because I want to see where the discussion on
+# the ml leads.
+# Commenting it out and following the above instructions means that you
+# are forced to manually re-tar the vendored dependencies for every
+# version bump.
+# Using the previous method, it would be possible to decide if you need
+# to do this by comparing the contents of go.mod in the previous and new
+# version.
+# Also, note that we can generate a qa warning if a maintainer forgets
+# to drop the vendor tarball and upstream starts vendoring.
+# go-module_src_prepare() {
+# default
+# # If upstream vendors the dependencies and we provide a vendor
+# # tarball, generate a qa warning.
+# if [[ -d vendor ]] && [[ -d ../vendor ]] ; then
+# eqawarn "This package's upstream source includes a vendor
+# eqawarn "directory and the maintainer provides a vendor
tarball."
+# eqawarn "Please report this on https://bugs.gentoo.org";
+# fi
+# # Use the upstream provided vendor directory if it exists.
+# [[ -d vendor ]] && return
+# # If we are not providing a mirror of a vendor directory we created
+# # manually, return since there may be nothing to vendor.
+# [[ ! -d ../vendor ]] && return
+# # At this point, we know we are providing a vendor mirror.
+# mv ../vendor . || die "Unable to move ../vendor directory"
+# }
+
+# @FUNCTION: go-module_pkg_postinst
+# @DESCRIPTION:
+# Display a warning about security updates for Go programs.
+go-module_pkg_postinst() {
+ ewarn "${PN} is written in the Go programming language."
+ ewarn "Since this language is statically linked, security"
+ ewarn "updates will be handled in individual packages and will be"
+ ewarn "difficult for us to track as a distribution."
+ ewarn "For this reason, please update any go packages asap when new"
+ ewarn "versions enter the tree or go stable if you are running the"
+ ewarn "stable tree."
+}
+
+fi
--
2.21.0
