-
Notifications
You must be signed in to change notification settings - Fork 53
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ci: Further configuration for FedoraProject #241
Conversation
Codecov Report
@@ Coverage Diff @@
## main #241 +/- ##
==========================================
- Coverage 89.04% 88.15% -0.89%
==========================================
Files 50 51 +1
Lines 2164 2238 +74
==========================================
+ Hits 1927 1973 +46
- Misses 237 265 +28
Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here. |
Ok, I've tested the |
Personally, I don't have any experience with
In my team, we try to check the impact of new releases on the Fedora ecosystem. We want to avoid a situation when the update of package
I've also enable the tracking of |
I understand the general flow of building all dependents, but I don't quite understand the workflow that we need to adjust here. I am considering initially 2 workflows to consider:
I do not know if either |
I wanted to point out that building the dependents should happen before As far as I know, currently, there is no automated tooling for building dependents. We would love to have it, but currently, we are using a set of commands as described in the guide as a part of the PR review. |
Of course. I think what we want is the 3rd workflow centered on
I will look into that later, but tldr, on this package side, we just need to push a release copr so others can pull from right? Also over on matrix there is the suggestion of Edit: I have enable |
@hrnciar Can I confirm about the guide you mentioned:
I think that would be a bit though to maintain. Maybe we can temporarily maintain it for rawhide, but isn't |
Yes.
If you have a list of packages depending on
The tricky part comes later when you need to investigate the failures. You need to differentiate between the failures related to changes in the latest release and unrelated failures due to some other changes in the distro. What we usually do is that we rebuild all depending packages in the so-called "control" copr without the change that we are testing. When you compare these two coprs, you will have:
I understand it is complicated, but we want to avoid making people unhappy by breaking stuff. When you mentioned You are right that Koschei helps you detect the problem, but when the package is "red" in Koschei it's already after it was shipped to the users and we would like to avoid that. As I said before, I am offering my help. Feel free to ping me and I'll do the testing for you. It won't be my top priority unless I won't need the update for some other package I maintain, but if you ping me, I'll try to make time and help with the impact check. It might sound complicated, but in reality, for easy updates, it takes a couple of minutes to run the scripts and then some time to check the results. When we discover a higher number of broken packages, we usually write a Change Proposal so maintainers are informed about what's happening. |
I understand your concern, but we also should not abuse the copr resources unnecessarily. IMO, we should be fine for Also note that I wrote the automation to update only I would suggest to provide a copr project, e.g. As for Change Proposal, that sounds like a good idea, but that would mean that we have to only release large changes so we don't pollute it with each package update? Maybe we are jumping a head too quickly on this since we have very few packages that depend on this. For |
This is exactly what is copr intended for. We communicate with copr folks daily and they are happy when people use it. I am regularly submitting thousands of builds when rebuilding all Fedora packages with development versions of Python 3.12. Just use
Everything I've written above was written with
Sorry, I don't understand this part. Downstream usually follows official releases on Pypi. That's why I enabled tracking.
I wouldn't worry about a Change Proposal for now. I wanted to give you some perspective on what we do when there is a big impact on the distro. Upstream developers usually don't talk to us about their plans. So when the new version is released we evaluate the impact and then we decide if it's okay to just ship it or if it needs a more careful coordinated approach and then we create a Change Proposal so other maintainers are aware. |
Thanks for the pointers I'll keep them in mind when reviewing PRs.
So let's look at what I am implementing with this PR using packit:
|
7eb60ec
to
f5d4e42
Compare
Ok this PR is ready for review. Note that it depends on packit/packit#247. I should also point out that Also @henryiii @hrnciar should I add any of you or anyone else to the I will also add an equivalent workflow to |
a849d7c
to
a94d6e2
Compare
Played around with |
I'm happy to add packit for the repo (done). Something just to make sure the recipe is mostly correct is fine. |
I've set up a Fedora account, I think that might allow it to work now. |
Closer to current proposal, closes scikit-build#236. New features: * Uses `provider =` * New `provider-path =` for local plugins * Custom or local plugins require `tool.scikit-build.experimental=true` to use, since API is not stable yet. * `Dict[str, Any]` support for TOML reader. Signed-off-by: Henry Schreiner <[email protected]>
Another rebase should trigger a rebuild so we can see if the build is now allowed. I just merged #251. |
You mean like making sure the dependencies are correct and all that, or that the package tests pass? The latter should already be handled by |
Tests passing would be nice, but not required, depends on how much trouble it is & if it slows things down much. I'm more worried about dependencies and such being forgotten. Tests passing is (very nice) icing on the cake. :) |
Thanks for setting it up. Can you comment |
/packit build |
Based on your Packit configuration the settings of the @scikit-build/scikit-build-core Copr project would need to be updated as follows:
Diff of chroots: +fedora-38-x86_64 Packit was unable to update the settings above as it is missing To fix this you can do one of the following:
Please retrigger the build, once the issue above is fixed. |
/packit build |
Ok, everything should be set up now. The tests have been passing last time I tried, and the dependencies should be picked up automatically from |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If we do add a small test script, or run the package tests, that can be a followup.
Testing to see if I can fix the `address space needed by '_common.cpython-311-x86_64-msys.dll' (0x620000) is already occupied` failures. Switching to UCRT instead, currently disabling a few setuptools tests to get it to pass. Speeding up the tests, too. --------- Signed-off-by: Henry Schreiner <[email protected]>
<!--pre-commit.ci start--> updates: - [github.com/charliermarsh/ruff-pre-commit: v0.0.259 → v0.0.260](astral-sh/ruff-pre-commit@v0.0.259...v0.0.260) <!--pre-commit.ci end--> Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
…ikit-build#257) Bumps [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish) from 1.8.4 to 1.8.5. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/pypa/gh-action-pypi-publish/releases">pypa/gh-action-pypi-publish's releases</a>.</em></p> <blockquote> <h2>v1.8.5</h2> <h2>What's Improved</h2> <p><a href="https://github.com/woodruffw"><code>@woodruffw</code></a> improved the user-facing documentation and logging to make use of the Trusted Publishing flow terminology cohesive with PyPI in <a href="https://redirect.github.com/pypa/gh-action-pypi-publish/pull/143">pypa/gh-action-pypi-publish#143</a>. Trusted Publishing used to be referred to as OpenID Connect (OIDC) — the underlying technology that is being used to make it work. He also made the action display the cause of the Trusted Publishing flow being selected by the action via <a href="https://redirect.github.com/pypa/gh-action-pypi-publish/pull/142">pypa/gh-action-pypi-publish#142</a>.</p> <p><strong>Full Diff</strong>: <a href="https://github.com/pypa/gh-action-pypi-publish/compare/v1.8.4...v1.8.5">https://github.com/pypa/gh-action-pypi-publish/compare/v1.8.4...v1.8.5</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pypa/gh-action-pypi-publish/commit/0bf742be3ebe032c25dd15117957dc15d0cfc38d"><code>0bf742b</code></a> Merge pull request <a href="https://redirect.github.com/pypa/gh-action-pypi-publish/issues/143">#143</a> from trail-of-forks/tob-rewrite-oidc-refs</li> <li><a href="https://github.com/pypa/gh-action-pypi-publish/commit/30c382209e2edb18e26e0cd15ea4ddbb62e4d249"><code>30c3822</code></a> oidc-exchange: another link</li> <li><a href="https://github.com/pypa/gh-action-pypi-publish/commit/89ddbeae048cf21191cb26cde13abd949438b484"><code>89ddbea</code></a> README: retitle, add note</li> <li><a href="https://github.com/pypa/gh-action-pypi-publish/commit/a0f29a5690c3e59076bbc8d1349b7f872249ac83"><code>a0f29a5</code></a> Apply suggestions from code review</li> <li><a href="https://github.com/pypa/gh-action-pypi-publish/commit/0b567d5b015a5db43765f0ae2b3a215ea9d0150b"><code>0b567d5</code></a> oidc-exchange, twine-upload: remove more OIDC refs</li> <li><a href="https://github.com/pypa/gh-action-pypi-publish/commit/4372cb558524908cb34fcd57d7bc50d397daa875"><code>4372cb5</code></a> README: replace OIDC with "trusted publishing"</li> <li><a href="https://github.com/pypa/gh-action-pypi-publish/commit/69efb8cbfb5ff087b7145d695b90bba0c4a53029"><code>69efb8c</code></a> Merge pull request <a href="https://redirect.github.com/pypa/gh-action-pypi-publish/issues/142">#142</a> from trail-of-forks/tob-indicate-oidc</li> <li><a href="https://github.com/pypa/gh-action-pypi-publish/commit/dfde872acc38fce52eaf13748aaaa11845c89228"><code>dfde872</code></a> Apply suggestions from code review</li> <li><a href="https://github.com/pypa/gh-action-pypi-publish/commit/3d567f44ce3fb3bbcf9248d05726c6c9f811b67f"><code>3d567f4</code></a> twine-upload: expound</li> <li><a href="https://github.com/pypa/gh-action-pypi-publish/commit/67b747a9c83c5d2526d31259d1479f46210ffd0e"><code>67b747a</code></a> oidc-exchange: more explanation</li> <li>See full diff in <a href="https://github.com/pypa/gh-action-pypi-publish/compare/v1.8.4...v1.8.5">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pypa/gh-action-pypi-publish&package-manager=github_actions&previous-version=1.8.4&new-version=1.8.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
- Run `copr_build` jobs for: - Pull requests CI -> `scikit-build-core` - Commits on `main` branch -> `nightly` - Releases -> `release` - Run `propose_downstream` to create automatic PR at src.fedoraproject.org - `koji_build` and `bodhi_update` are only run on src.fedoraproject.org Signed-off-by: Cristian Le <[email protected]>
Signed-off-by: Cristian Le <[email protected]>
So this is already a continuation of packit/packit#201. Seems that implementing
packit
would resolve the issue of keeping the spec file up to date. E.g. I have pushed a tag ofv0.2.3-rc1
on my fork, and as you can see in the copr build it updates to that latest version: generated spec file for reference.The main thing that
packit
does here:copr_build
Submit builds tocopr
(using the latest version of the source)propose_downstream
, create a PR onsrc.fedoraproject.org
with the relevant changes (files defined infiles_to_sync
)koji_build
andbodhi_update
are only used downstreamThere are still a few things to address:
scikit-build
group. I've requested to have this group createdPackit
requires the installation of the packit app to the repo. Can check the branch for how it looks in actionmain
branch. But do we want it on every commit/PR or release?propose_downstream
Depends on: packit/packit#247