-
Notifications
You must be signed in to change notification settings - Fork 84
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Clarify in documentation which configurations of host, exec and target are supported. #398
Comments
Let me clarify that my personal opinion is that we should support
|
My ideal use of bazel + nix + rules_nixpkgs would be to rely on bazel's own mechanisms for reproducibility and hermeticism as much as possible, and only use nix for the parts that bazel relies on the environment for. For example I'd be happy to use |
Also maybe more controversial I'd like |
Thank you for raising this issue @uri-canva, it’s an important topic to clarify!
The linked comment considers two axes:
These do not mention “host”, “exec”, “target” platforms, and there are other supported cases than the two cases listed in your comment above. In particular, rules_nixpkgs already supports both, use-cases where “target = nix”, and where “target = non-nix". See for example this blog post on fully statically linked Haskell binaries or this WIP PR for Skyscope. See also #291 which aims to better document deployment models such as the one from Daml that you link. This is also reflected in the target constraints that rules_nixpkgs provided toolchains define. About the case where “exec = non-nix”. I think this reflects a very specific use-case that requires significant divergence from standard nixpkgs. Most Nix derivations will have run-time dependencies into the Nix store. This includes compiler toolchains. Runtime dependencies of compilers translate to “exec” platform constraints in Bazel. So, to support this use-case (as I understand it) you will require a lot of custom overrides and patches to avoid such Nix store path runtime dependencies. To be clear, I’m not saying you shouldn’t do this. But, I don’t think we can force all rules_nixpkgs users to carry that burden. Either way, I would like to better understand in which way rules_nixpkgs is currently preventing this use-case. One issue I see is that the “support_nix” exec constraint is currently hard-coded. I would not be opposed to making that configurable. However, we cannot remove it altogether, as explained here. The other issue I see is that rules_nixpkgs creates symlinks into the Nix store. Are there any other issues you’re facing with this approach?
Some comments to your points 1, 2, and 3:
In which way does this fail for you? I would expect an incompatibility between the Nix provided C toolchain and the downloaded Go toolchain. But, that falls outside of rules_nixpkgs. |
I know, but I still believe it maps to those:
Bazel from nixpkgs can only target nix systems, even when built with
I think the distinction is whether the toolchains/system libraries are provided by nix, regardless of rules_nixpkgs. For example using nix direnv to bring a c toolchain into the PATH and letting bazel autodetect it would be a way of having nix toolchains without rules_nixpkgs. The comment I linked to puts it like this:
This case to me implies exec has to be nix, as the nix binaries in the toolchains can only run on a nix system, and to a lesser extent target has to be nix, because the output of some of those binaries or outputs built using those dependencies can only run on a nix system, for example because binaries link against nix libraries. That's why I mapped the set of two supported use cases:
to the two combinations of:
That's true, while the two supported use cases in terms whether bazel is vanilla or nixpkgs, and whether toolchains and dependencies are vanilla or nixpkgs, imply that at least those two combinations are supported, it doesn't not necessarily imply that at most those two combinations are supported. However here a distinction must be drawn on what it means for something to be supported by rules_nixpkgs:
I'm much more interested in the second one: after all the purpose of a dependency is to provide a capability in a way that doesn't require the dependant to implement it, but to prevent misunderstandings we should be explicit about the distinction.
This is where I think the distinction comes into play: I find these examples of support to be of the kind where rules_nixpkgs does not impede the implementation, but does not provide it either, for a couple of reasons:
Absolutely agree.
I agree that we should not expect users of rules_nixpkgs to carry that burden. But this is the crux of my request for clarification: are the users not expected to carry that burden because:
Clarifying which of the three helps the users who are looking for that capability decide whether they should:
|
Note that host, exec, target is just how I think of the capability support matrix. The important thing is having such a support matrix defined, I'd be perfectly happy with having it defined in other terms. |
To give an example of a capability rules_nixpkgs provides, https://github.com/tweag/rules_nixpkgs/blob/420370f64f03ed9c1ff9b5e2994d06c0439cb1f2/toolchains/cc/cc.nix allows you to use |
Makes sense.
Makes sense, this is an example of supporting only in so far as not being an impediment. |
I'll create a separate issue to go into the details once we've clarified what kind of support rules_nixpkgs is expected to have for this use case, so that we both know what the desired outcome of the discussion on the specific issue is: PR to fix things in rules_nixpkgs / changes on my side on how I use it / mix of both or neither. |
This might play a big role in the support matrix, though I don't know how we could explain it / document it. From the perspective of a bazel user, one might expect rules_nixpkgs to abstract these nix idiosyncrasies away from them, so it's important to clarify rules_nixpkgs does not handle this. This is a problem in a lot of tooling that builds on top of nix: many of them highlight the advantages of using nix based tooling in your development workflow, very few explain the implications that has for which platforms you can target, and what other parts of the non-nix development ecosystem you can integrate with. |
I have more points about what I would like rules_nixpkgs to support / aim for / do from a user's perspective, but I'll refrain from that until we've clarified this further, so I don't explain something that is completely detached from the design of rules_nixpkgs. |
One last thing I want to highlight: the support matrix of rules_nixpkgs as it is now and the ideal support matrix rules_nixpkgs is striving towards could be very different. If they are I think it's important to have both, since a user would care mostly about the first one, but a contributors will care mostly about the latter one. |
@aherrmann in #209 (comment) you clarify that two major use cases are supported by
rules_nixpkgs
:Translating these into host, exec and target it implies that
rules_nixpkgs
supports:It does not support any other combinations. I think this limits the value of
rules_nixpkgs
a lot: if host, exec, and target are all nix, then one might want to usebuildBazelPackage
from nixpkgs. If host, exec, and target are all non-nix, then one does not need to userules_nixpkgs
at all. With this narrow focusrules_nixpkgs
seems to fit into a very niche usecase of a nix centric development model that needs to support windows, so thatbuildBazelPackage
becomes tricky to keep in sync with the windows specific bazel setup.In practice I don't know how many people are using
rules_nixpkgs
like that. Personally I can say the way we've been using it fits into:Given https://github.com/digital-asset/daml/blob/9cbe57b073444a0087e3bc8cc26c57cacd037257/bazel_tools/packaging/package-app.sh, I believe the use case for that repo is
3
as well, since if the target was a nix system, patching the binaries to remove references to the nix store would not be necessary.However this use case has been hitting a lot of challenges both in
rules_nixpkgs
and upstream nixpkgs. For example upstream bazel is built in a way that target must be a nix system, since it hardcodes some nix store paths in shebangs in parts of the target code (for example the python stub).Discussion in #180 highlights the challenges of not clarifying the "nixness" of a particular platform, specifically the
exec
one. The suggestions are wildly different depending on whether we wantexec
to be nix or not: when not using remote execution, then3
is a very common setup, since we have nix on the host anyway, and the exec is the host. However once you put remote execution in the mix, it's much more likely that you'll end up wanting4
instead.Note that I've been referring to
host
,exec
andtarget
since that's what bazel calls them. In nix they would map tobuild
,host
andtarget
respectively. See https://nixos.org/manual/nixpkgs/unstable/#chap-cross for more details. nixpkgs does not make which platforms are nix and which are non-nix very clear, but it does have at least some very clear non-nix platforms, like ios and android.The text was updated successfully, but these errors were encountered: