-
Notifications
You must be signed in to change notification settings - Fork 83
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
public: only embed a git revision in install.sh on release #383
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM. I've seen it labeled as <dirty>
in other projects, when the project is built out of source.
I like that as well. In that case I think it also makes sense to set |
In Java projects it's common to name everything that is not a release a What is |
I don't have a strong opinion on this so
It's the value for
The logic is the following:
So when However, when
On a release |
Ah, there was a misunderstanding. I meant using |
60fff81
to
f44d41a
Compare
I've changed
|
f44d41a
to
ea5641b
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In previous projects, dirty
means there are local changes. Here it means the same. The version contains dirty
in the case where there are local uncommitted changes. snapshot
is probably more acceptable.
LGTM here.
I have been thinking about the problem “how to let nix-built projects self-identify”, aiming for the following goals:
Sounds tricky, but the following might do the job: At build time, the build script calculates the hash of the source directory (source of the derivation, i.e. a filtered subdirectory), maybe using This way, no To identify the revision that corresponds to such a source identification, we’d need a small tool that takes a git repo and a derivation therein, goes through the commits, instantiating (but not building!) the derivation at the various commits, and calculates the source hashes there. It could keep a cache to be not too slow. Downsides:
Does this sound feasible? |
@nomeata I think your goals are desirable. As a self-identification I would suggest simply using the hash part of This is better than only using the hash of the source directory since it covers all changes to the derivation (source code, configuration flags, patches, environment variables, build- and run-time dependencies, build script, etc.). Additionally
And we likely don't even have to write this tool since Hydra already has a DB mapping Or in a SQL query:
Let's start embedding |
Right … I was thinking about the What is the tradeoff out |
I was thinking that the former is possible but the latter isn't because of a circular dependency. However now I'm not so sure if it is impossible. Will think about it some more after I get some sleep... I would actually prefer using the drv path instead of |
I think |
I was hoping for this to but it appears there's no environment variable pointing to the derivation:
|
nix/default.nix
Outdated
@@ -4,7 +4,7 @@ | |||
, crossSystem ? null | |||
, config ? {} | |||
, overlays ? [] | |||
, releaseVersion ? "latest" | |||
, releaseVersion ? "snapshot" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't understand the meaning of snapshot
here. "That's how they do it in Java" is not a good enough argument.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What about "unreleased"?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
what about "nightly"?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Mmm "nightly" is usually used for periodic (every night) builds which doesn't apply to these builds which happen on every PR / every commit to master.
In most contexts "nightly" builds are actually released (See Firefox Nightly for example) which we don't want to do for our PRs.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
true. unreleased
, tree
, trunk
, whatever you like! I'd even be happy with snapshot
if I understood what it meant.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@knl do you have a definition for snapshot
? Or maybe another nice color to paint this shed?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I've changed it to unreleased
.
public/default.nix
Outdated
# to a default of `omitted when not a release`. We do this so that | ||
# we don't build the `install-sh-release` derivation for every commit. | ||
revision = | ||
if version != "snapshot" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
there's an assumption that if version != "snapshot" then src != null
. It'd be more robust to embed the revision iff revision is not null, and (independently) insert the version iff version is not null.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Fair enough. Will change.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I've changed the condition to src != null && version != "unreleased"
which ensures that both src
and version
need to be set correctly to produce the "${builtins.substring 0 7 src.rev} (${version})"
string.
e667fb1
to
38a7aac
Compare
# `master`, `version` will be set to `unreleased` and `revision` will be set | ||
# to a default of `omitted when not a release`. We do this so that | ||
# we don't build the `install-sh-release` derivation for every commit. | ||
revision = |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
why not
revision = optionalString (!isNull src) (substring 0 7 src.rev) + optionalString (!isNull version) "(${version})"
?
even if no version is given, the commit is still very useful
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Because that will rebuild this thing on every commit which would involve unnecessary churn and wasn't what the original behavior.
To goal of this commit is to get rid of deep cloning the `sdk` repo on CI which has the advantage that it should be more efficient to evaluate and more reproducible to build. Note that all other repos already don't deep clone themselves. Not deep cloning the repo means that on CI there's no `.git` directory. The only derivation in `sdk` that used `.git` is `install-sh-release`. We change its logic as follows: ``` pkgs.runCommandNoCC "install-sh-release" { ... revision = if src != null && version != "unreleased" then "${src.rev} (${version})" else "omitted when not a release"; ... } ``` On release `version` will be based on the git tag and will be a version number like `0.5.0`. In that case the revision that gets embedded in `install.sh` is: `140bc06 (0.5.0)`. Note that this is the revision corresponding to the `0.5.0` tag and not the revision of the last commit to `public/install` like it was before! When not doing a release, like when building locally, on PRs or for `master`, `version` will be set to `unreleased` and `revision` will be set to a default of `omitted when not a release`. We do this so that we don't build the `install-sh-release` derivation for every commit.
38a7aac
to
7181461
Compare
I have been preaching this for so long to other teams, I really better clean up my own backyard: Make sure that you can run moc --version and get a somewhat useful indication what version that is. This is important for when random people use `moc` from random versions of SDK or – later – build it themselves and then provide bug reports. When building locally, with `.git` around, this now injects the git revision: $ ./moc --version Motoko compiler (revision 9abae15e-dirty) (the `-dirty` indicates that my work-tee is not clean). When `.git` is _not_ available, as typially (and rightfully) when building with nix, it looks if Nix’s `$out` variable is set, and includes that: ~/dfinity/motoko $ $(nix-build -A moc)/bin/moc --version Motoko compiler (revision xx6fmamdh5bjph9law6x02d7f4hw8f84-moc-bin) This is less useful for end-users, but it still allows us to (hopefully) identify the version, in the worst case by running this command on all revisions to find the right one: $ nix-store --query --outputs $(nix-instantiate -A moc-bin) /nix/store/xx6fmamdh5bjph9law6x02d7f4hw8f84-moc-bin Or by querying hydra (as @basvandijk suggests in dfinity/sdk#383 (comment)) Once we do versioned releases, we can of course extend this to inject the version number there, and use `git describe --tag` to have `v1.0-200-9abae15e` like derscriptions. I _hope_ this will not cause extra recompilations with `dune`, and will work out-of-the box for everyone, but we’ll see.
I have been preaching this for so long to other teams, I really better clean up my own backyard: Make sure that you can run moc --version and get a somewhat useful indication what version that is. This is important for when random people use `moc` from random versions of SDK or – later – build it themselves and then provide bug reports. When building locally, with `.git` around, this now injects the git revision: $ ./moc --version Motoko compiler (revision 9abae15e-dirty) (the `-dirty` indicates that my work-tree is not clean). When `.git` is _not_ available, as typically (and rightfully) when building with nix, it looks if Nix’s `$out` variable is set, and includes that: $ $(nix-build -A moc)/bin/moc --version Motoko compiler (revision 3yrjbw6g-aqppc05d-596yiq8k-bsznw5jw) This is less useful for end-users, but it still allows us to (hopefully) identify the version, in the worst case by running this command on all revisions to find the right one: $ nix-store --query --outputs $(nix-instantiate -A moc-bin) /nix/store/3yrjbw6gaqppc05d596yiq8kbsznw5jw-moc-bin Note that I injected dashes into the id so that it does not trip up `common.lib.standaloneRust` which otherwise would take it for an unwanted dependency. @basvandijk suggests in dfinity/sdk#383 (comment) that one may query Hydra’s database to map from id to revision. Once we do versioned releases, we can of course extend this to inject the version number there, and use `git describe --tag` to have `v1.0-200-9abae15e` like descriptions. I _hope_ this will not cause extra recompilations with `dune`, and will work out-of-the box for everyone, but we’ll see.
## Changelog for common: Branch: master Commits: [dfinity-lab/common@5e3148eb...6611a85c](https://github.com/dfinity-lab/common/compare/5e3148ebaa87192e8fd4efb69f8d5f03e81812ae...6611a85c1941cb1bf25cb76cda5b122df045537d) * [`6611a85c`](https://github.com/dfinity-lab/common/commit/6611a85c1941cb1bf25cb76cda5b122df045537d) Adds key for testnet backup repository ([dfinity-lab/common#383](http://r.duckduckgo.com/l/?uddg=https://github.com/dfinity-lab/common/issues/383))
## Changelog for common: Branch: master Commits: [dfinity-lab/common@5e3148eb...6611a85c](https://github.com/dfinity-lab/common/compare/5e3148ebaa87192e8fd4efb69f8d5f03e81812ae...6611a85c1941cb1bf25cb76cda5b122df045537d) * [`6611a85c`](https://github.com/dfinity-lab/common/commit/6611a85c1941cb1bf25cb76cda5b122df045537d) Adds key for testnet backup repository ([dfinity-lab/common#383](http://r.duckduckgo.com/l/?uddg=https://github.com/dfinity-lab/common/issues/383))
This is more of a RFC rather than a PR but I would like to present something concrete so we can talk about it.To goal is to get rid of deep cloning the
sdk
repo on CI which has the advantage that it should be more efficient to evaluate and more reproducible to build. Note that all other repos already don't deep clone themselves.Not deep cloning the repo means that on CI there's no
.git
directory. The only derivation insdk
that used.git
isinstall-sh-release
.We change its logic as follows:
On release
version
will be based on the git tag and will be a version number like0.5.0
. In that case the revision that gets embedded ininstall.sh
is:140bc06 (0.5.0)
.Note that this is the revision corresponding to the
0.5.0
tag and not the revision of the last commit topublic/install
like it was before!When not doing a release, like when building locally, on PRs or for
master
,version
will be set tosnapshot
andrevision
will be set to a default ofomitted when not a release
. We do this so that we don't build theinstall-sh-release
derivation for every commit.