-
Notifications
You must be signed in to change notification settings - Fork 690
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Build puller/loader from source for repository rules #1918
base: master
Are you sure you want to change the base?
Conversation
8f01414
to
b8cd944
Compare
b8cd944
to
c617a02
Compare
c617a02
to
d332683
Compare
Just a bit curious: whats the motivation for this PR? Also what is the current status? Do you need any help or having any blocker? |
@pcj, so I've done another pass and it looks like the |
Sorry about the delayed reply @sluongng. My main blocker was balancing this with other work. Right now rules_docker downloads a copy of the The main motivations are as follows:
This is obviously not ideal and was causing the following platforms to not be supported:
By merging this we will remove the need to download an external binary to use |
d332683
to
42157c2
Compare
Hi, just wanted to leave some findings here after we've tried testing this PR out on windows. Unfortunately, we're still unable to get the rule to work on windows:
|
@iffyio I definitely need to do more testing on windows. This is only a first step towards adding support for other platforms. As a test, could you let me know if you're able to execute the puller that is being built by the repository rules? If we can then that's a big step in the right direction. |
@gravypod Hey. Yeah these motivations are clear to me now. But I have words of caution: Many folks in different Open Source projects using Bazel prefer to have a binary dependency instead of having to build the binary to avoid expensive dependencies download. One biggest example would be depending on the So it might be worth clarifying (perhaps in the Change Log once this is merged) whether switching from Binary dependencies to 'compile from scratch' dependencies would add X amount of downloaded data from Y combination of additional Go libs needed to be downloaded and compile. It would be even better if we can just have a knob somewhere that let people override these binary dependencies with their own 🤔 . So that they can replace it with a binary dependencies if needed, or specify an existing build target in their workspace to have it compiled from scratch. But that does not need to be in the same scope as this PR. Thanks. |
@sluongng, that was exactly my approach as well. I made an initial prototype of what it might look like if we did something like that in my personal binaries-in-repo branch. In this branch I set it up so that we could just refer to the precompiled puller binaries as files and choose the correct binary at runtime during the rule's execution. I also made a The other maintainers on
That's why we're trending this way. If there are easy solutions to these that you can point to I'd much rather adopt them. This approach is pretty hacky.
Since we are using golang's vendoring feature there would be no other downloads besides the source in our repository. However, it is important to point out that all of this source code has had a material size increase on our repo:
That's a 1.7x increase in repo size. This is, however, much smaller than the binaries we were downloading before:
So, if we are looking at this from an "absolute change in download size" we are saving ~7 MB and removing network access assuming you use
Agreed, this is a good idea. This is also a binary that, technically, not everyone actually needs. I'd like it if |
I think it's quite reasonable for us to publish releases to github which consist of the existing .tgz as well as a distribution of the puller binary for each platform. Then we'd include a bazel repository rule and toolchain in rules_docker that provides the puller for your platform. We have some of these in rules_nodejs that I can describe if that's helpful, for fetching node and now esbuild and cypress binaries. Reducing the dependencies here isn't just about network size. It's also sometimes a spaghetti project of making all your WORKSPACE deps happy with the rules_go we'd require (and maybe bazel_gazelle to get the |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
is there a reason to vendor the dependencies? I'd much rather use go_repository
to fetch them.
I just recently added some Go code in rules_python (bazelbuild/rules_python#514) so the pattern for getting the dependency resolution setup is quite fresh.
The deps need to be vendored for the trick to work. This is the same
reason for the vendor directory in bazel-gazelle:
https://github.com/bazelbuild/bazel-gazelle/tree/master/vendor.
…On Sun, Aug 22, 2021 at 6:38 PM Alex Eagle ***@***.***> wrote:
***@***.**** commented on this pull request.
is there a reason to vendor the dependencies? I'd much rather use
go_repository to fetch them.
I just recently added some Go code in rules_python (
bazelbuild/rules_python#514
<bazelbuild/rules_python#514>) so the pattern for
getting the dependency resolution setup is quite fresh.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#1918 (review)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAAMLFA6TT2JSLQIC5RQA6TT6GKAXANCNFSM5A4UUN6A>
.
Triage notifications on the go with GitHub Mobile for iOS
<https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675>
or Android
<https://play.google.com/store/apps/details?id=com.github.android&utm_campaign=notification-email>
.
|
@pcj, do you think it would make sense to use gazelle to generate BUILD files for our |
FYI, I tested this on Linux ppc64le to pull an image, it worked fine. Thanks 👍 |
Hi @gravypod sorry about the slow response, I can confirm that the puller does in fact work on our repo on windows yes! |
Friendly ping to @alexeagle and @pcj. If we can get some reviews let me know. |
@gravypod I think the code looks good (I didn't see any changes since we paired on it, is there a particular spot I should look at?). I think it is mostly missing documentation. As for windows, yes that should be tested more thoroughly. I'm not sure if windows is considered a supported platform or not for rules_docker. @philwo is windows a possibility on bazel buildkite? If not it might be worth setting up a github action to test this part of the rules. |
@ianoc A few comments:
|
|
To restate the problem:
Gazelle has the same issue as rules_docker in that it both houses the source code, yet references it in a repository rule. For that reason, @jayconrod came up with this solution, which I think is positively brilliant. You just use the So, this PR makes is possible to support all architectures, without any extra work from maintainers, and have zero dependencies on external artifacts. I think that's a huge win. |
I think it is a real bummer to say that making a set of rules closer to hermetic is out of scope. You may think it is fine to require |
@johnynek nice to hear from you, it's been a while since I sat next to you at bazelcon like 4 or 5 years ago! It is a misunderstanding that this PR compromises hermiticity. The compiler tool will have the same hash as the user requested |
It's might be interesting to point out how
For these to happen at Bazel loading phase, So for a very long time, these 2 binaries have been prepared like this https://github.com/bazelbuild/bazel-gazelle/blob/1f6da0ab55f094c2a33e21292f5e2db460b5d857/internal/go_repository_tools.bzl#L87-L101 where we invoked This PR essentially use that very same approach to prepare the go binaries that rules_docker needed. The problems that we are trying to solve with this PR are:
With that said, I think there are sufficient community concerns regarding this PR that I would suggest we slow down how this is adopted:
|
To clarify a bit more on my suggestion: I think this PR is changing a behavior that many users have been relying on. It's doing a bit too many things at once: introducing new code, new feature, new dependencies and removing old feature. While that might be totally fine in an organization which is used to moving fast and ok with disruptive changes, in the opensource world there are less appetite for such move. So I have a feeling where if we can deliver this feature slower, in smaller incremental steps, with enough support for backward compatible during the transition period, it would be a much easier pill to swallow. |
@sluongng Thats great context thank you, I hadn't realized the go rules do this inside themselves. I would still have reservations that they are the location controlling the rules(+ go version itself) and thus generally some more leeway should be given for horrible hacks for self-bootstrapping. However in general i think your general compromise sounds pretty good. Another aspect, I did open a PR which I believe would solve this issue without having this approach with building go. Its a much smaller diff to add the capabilities to GH Actions to build these binaries. And the template would let us move the other direction and eliminate the go dependency of the rules if we wished in future. Both have a synchronization challenge, this with vendoring of dependencies (and thus if i'm not mistaken meaning we have 2 sets of dependencies these tools can be built with, what bazel would do it, and what the vendored copies are?), and the other that we have to trigger a separate release to have github build all the binaries and then update the repositories file. Both approaches avoid the historic issues with the current binaries i believe around updating + forking. |
@sluongng Yes thanks for making it more clear how I'd say if we really want to feature-flag it, let's just add the flag now so it can be tested by the community. I'm not sure this is a "feature" though, all we are doing is changing the binary used by We can also add a gazelle update-repos rule and make the |
Indeed! I remember you as well. I hope you have been well since. I apologize for my misunderstanding. My (clearly poor) understanding was that we were expecting |
off-topic, but that toolchain exists too: https://docs.aspect.build/aspect-build/bazel-lib/v0.9.6/docs/jq-docgen.html#jq |
I have some concerns with building anything during the analysis phase. The rust ruleset has this exact same issue. The crate_universe rule uses a rust binary which may either be a prebuilt asset, or built during the analysis phase similar to this. Go compiles much faster, but the problems are still the same. Repository rules are not cacheable, not guaranteed to be hermetic and may make analysis much slower. This is mostly Bazel's fault, I think. Most rulesets encounter this chicken-egg problem for repository_rules and there should be native support for it. |
@uhthomas would you mind starting an issue in https://github.com/bazelbuild/bazel for this? Might be an interesting topic to have interleaving build-load-analysis in bazel (fairly complex problem as well). |
I think there has already been some prior discussion. |
This Pull Request has been automatically marked as stale because it has not had any activity for 180 days. It will be closed if no further activity occurs in 30 days. |
I'm actually very much in favor of either this, or moving these extra binaries into GitHub releases. Where I'm using rules_docker, I don't have Internet access except GitHub access via local Artifactory, so I'm looking at either smuggling storage.googleapis.com artifacts into a manually managed Artifactory repo, or persuading our security team into opening a mirror to storage.googleapis.com. |
PR Checklist
Please check if your PR fulfills the following requirements:
PR Type
What kind of change does this PR introduce?
What is the current behavior?
Issue Number: N/A
What is the new behavior?
Does this PR introduce a breaking change?
Other information