-
Notifications
You must be signed in to change notification settings - Fork 12
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Have CI run on bookworm & trigger on GitHub's merge queue #497
Conversation
This doesn't enable the merge queue, but is a prerequisite. See <https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/managing-a-merge-queue#triggering-merge-group-checks-with-github-actions> for details.
Looking at why it's failing... |
Here's the diff for sqlalchemy:
pyyaml has roughly the same diff:
This is the DWARF debugging information, so I suspect some Python (or other thing we compile against) moved some source around, causing it to change line numbers since it was last built. I'll push the rebuilt wheels. |
Something has likely changed in upstream CPython that changed the line some code is defined, causing the debugging information to change accordingly. Rebuild the wheels to update the debug information for the new source locations; this can be verified with diffoscope, e.g. <#497 (comment)>.
Hm, if the wheels have changed, should we not have to update the sha256sums? I get this for the new SQLA wheel:
|
I knew I missed a step :/ Updating that... (also concerned that CI did not fail, maybe I accidentally removed that check in some monorepo refactoring??) |
Something has likely changed in upstream CPython that changed the line some code is defined, causing the debugging information to change accordingly. Rebuild the wheels to update the debug information for the new source locations; this can be verified with diffoscope, e.g. <#497 (comment)>.
These wheels are being rebuilt in <freedomofpress/securedrop-builder#497> because of some changes in the underlying debug information.
Pushed updates to the shasums files and freedomofpress/securedrop-client#1974 for the build-requirements.txt changes. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM. Diffoscope results match yours: SQLAlchemy, PyYAML. Signatures verify. Hashes match local sha256sum
check. Diff looks good. CI is happy.
My read is that this would have failed previously because we we had build jobs in the same repo, and now we're just seeing the failure in the components. If that's correct, then I think we may want to implement some new basic sanity checks here to ensure no wheels are added/updated without corresponding checksums. |
These wheels are being rebuilt in <freedomofpress/securedrop-builder#497> because of some changes in the underlying debug information.
Makes sense. I have a patch locally that I can't push right now, once the GH outage is over I'll upload it. |
Avoids a situation like <#497 (comment)>, where wheels are updated, but the sha256sums and associated signatures are not.
Avoids a situation like <#497 (comment)>, where wheels are updated, but the sha256sums and associated signatures are not.
Avoids a situation like <#497 (comment)>, where wheels are updated, but the sha256sums and associated signatures are not.
Avoids a situation like <#497 (comment)>, where wheels are updated, but the sha256sums and associated signatures are not.
Avoids a situation like <#497 (comment)>, where wheels are updated, but the sha256sums and associated signatures are not.
Test plan