From: Maxim Cournoyer <maxim.cournoyer@gmail.com>
To: Simon Tournier <zimon.toutoune@gmail.com>
Cc: 64746-done@debbugs.gnu.org, "Josselin Poiret" <dev@jpoiret.xyz>,
"Mathieu Othacehe" <othacehe@gnu.org>,
"Ludovic Courtès" <ludo@gnu.org>,
"Tobias Geerinckx-Rice" <me@tobias.gr>,
"Ricardo Wurmus" <rekado@elephly.net>,
"Christopher Baines" <guix@cbaines.net>
Subject: bug#64746: [PATCH v2 3/3] scripts: time-machine: Error when attempting to visit too old commits.
Date: Wed, 16 Aug 2023 21:41:31 -0400 [thread overview]
Message-ID: <87y1iah2d0.fsf@gmail.com> (raw)
In-Reply-To: <87jztvf13c.fsf@gmail.com> (Simon Tournier's message of "Wed, 16 Aug 2023 17:39:35 +0200")
Hi Simon,
Simon Tournier <zimon.toutoune@gmail.com> writes:
> Hi Maxim,
>
> For the record, I have documented [1] the various roadblocks when using
> “guix time-machine” rebuilding all from source. Time-bomb is one among
> other annoyances – I have in mind the complete bootstrap.
>
> Well, as Ludo pointed, the CI is currently building all the past
> releases. Waiting the fixes for all the bugs, I suggest that we retain
> the substitutes for the release. I mean that,
>
> guix time-machine --commit=v1.X.0 -- help
>
> just works when substitutes are available. If the project is lacking
> disk space, the University of Montpellier (France) is proposing to store
> some binary artifact outputs. At least, they were proposing back on
> past September in 10 Years of Guix event. :-) There is discussion on
> guix-sysadmin, I guess. Maybe we could resume this discussion and
> complete the last steps. WDYT?
That make sense. The current means this can be achieved is by having a
jobset for each release in Cuirass, as hinted in doc/release.org from
the guix-maintenance repo:
--8<---------------cut here---------------start------------->8---
** Adding a Cuirass jobset for branch =version-X.Y.Z=
This jobset will have to be kept until the next release, so that
substitutes remain available. The easiest way to add a new jobset is
directly via the web interface of Cuirass. To be allowed to do so,
you must authenticate with the Cuirass instance via a private TLS
certificate imported into your browser.
--8<---------------cut here---------------end--------------->8---
They should be added declaratively in the guix-maintenance repo to avoid
loosing them. Would you like to give it a try?
[...]
>> diff --git a/doc/guix.texi b/doc/guix.texi
>> index b50feed4c4..a3754b7019 100644
>> --- a/doc/guix.texi
>> +++ b/doc/guix.texi
>> @@ -5060,6 +5060,20 @@ Invoking guix time-machine
>> large number of packages; the result is cached though and subsequent
>> commands targeting the same commit are almost instantaneous.
>>
>> +Due to @command{guix time-machine} relying on the ``inferiors''
>> +mechanism (@pxref{Inferiors}), the oldest commit it can travel to is
>> +commit @samp{6298c3ff} (``v1.0.0''), dated May 1@sup{st}, 2019, which is
>> +the first release that included the inferiors mechanism. An error is
>> +returned when attempting to navigate to older commits.
>
> There is also some issue with bootstrapping depending on your hardware.
>
> About time-bomb, there are also gnutls and openssl or libgit2. It was
> probably transparent for you because there are substitutable, I guess.
> While Python 2 had probably been removed for some reasons.
>
> Well, I would move the workaround to some dedicated block and move this
> comment after the note about security
>
> @quotation Note
> The history of Guix is immutable and @command{guix time-machine}
> provides the exact same software as they are in a specific Guix
> revision. Naturally, no security fixes are provided for old versions
> of Guix or its channels. A careless use of @command{guix time-machine}
> opens the door to security vulnerabilities. @xref{Invoking guix pull,
> @option{--allow-downgrades}}.
> @end quotation
>
> +Due to @command{guix time-machine} relying on the ``inferiors''
> +mechanism (@pxref{Inferiors}), the oldest commit it can travel to is
> +commit @samp{6298c3ff} (``v1.0.0''), dated May 1@sup{st}, 2019, which is
> +the first release that included the inferiors mechanism. An error is
> +returned when attempting to navigate to older commits.
> +
> +@quotation Note
> +Although it should technically be possible to travel to such an old
> +revision, the ease to do so will largely depend on the availability of
> +binary substitutes. When traveling to a distant past, some packages may
> +not easily build from source anymore. One such example are old versions
> +of Python 2 which had time bombs in its test suite, in the form of
> +expiring SSL certificates. This particular problem can be worked around
> +by setting the hardware clock to a value in the past before attempting
> +the build.
> +@end quotation
Good suggestion, done!
> The general syntax is:
>
> @example
>
>
>
>> new file mode 100644
>> index 0000000000..8b62ef75ea
>> --- /dev/null
>> +++ b/tests/guix-time-machine.sh
>
> [...]
>
>> +# Visiting a commit older than v1.0.0 fails.
>> +! guix time-machine --commit=v0.15.0
>
> Cool to add test. But this test needs a network access:
>
> $ ./pre-inst-env guix time-machine --commit=v0.15.0 -- describe
> guix time-machine: error: Git error: failed to resolve address for git.savannah.gnu.org: Name or service not known
>
> It’s as I said elsewhere. :-) Well, I have not investigated more but I
> guess a bug in some Git manipulation.
From my testing, the test doesn't require networking, perhaps because it
doesn't use the --commit or --branch arguments. I've tested that with
this in /etc/hosts, with the first IP being bogus:
--8<---------------cut here---------------start------------->8---
192.168.254.254 git.savannah.gnu.org savannah
--8<---------------cut here---------------end--------------->8---
I've investigated a bit, and it seems that reaching to the network is
only done when using tags or branch names, not exact commits. That is
expected I think, since tags or branch names are not immutable in Git,
while a commit ID is.
I've now installed this change; thanks for the review and suggestions!
--
Thanks,
Maxim
prev parent reply other threads:[~2023-08-17 1:42 UTC|newest]
Thread overview: 67+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <cover.1689823648.git.maxim.cournoyer@gmail.com>
2023-07-20 16:34 ` [bug#64746] [PATCH 2/2] scripts: time-machine: Error when attempting to visit too old commits Maxim Cournoyer
2023-07-22 2:00 ` Maxim Cournoyer
2023-08-08 15:58 ` Ludovic Courtès
2023-08-10 14:47 ` Maxim Cournoyer
2023-08-10 16:56 ` Ludovic Courtès
2023-08-11 7:19 ` Josselin Poiret via Guix-patches via
2023-08-12 20:32 ` Ludovic Courtès
2023-08-15 18:57 ` Maxim Cournoyer
2023-08-15 16:14 ` Ludovic Courtès
2023-08-16 14:46 ` Simon Tournier
2023-08-16 18:41 ` Maxim Cournoyer
2023-08-17 14:06 ` [bug#65352] Fix time-machine and network Simon Tournier
2023-08-17 14:09 ` [bug#65352] [PATCH 1/2] guix: git: Fix the procedure reference-available? Simon Tournier
2023-08-17 14:09 ` [bug#65352] [PATCH 2/2] scripts: pull: Remove unused reference pair Simon Tournier
2023-08-17 15:41 ` [bug#65352] Fix time-machine and network Maxim Cournoyer
2023-08-17 16:08 ` Simon Tournier
2023-08-23 2:56 ` Maxim Cournoyer
2023-08-23 8:32 ` Simon Tournier
2023-08-23 20:25 ` Maxim Cournoyer
2023-08-21 14:00 ` Ludovic Courtès
2023-08-21 15:58 ` Maxim Cournoyer
2023-08-22 16:27 ` Ludovic Courtès
2023-08-23 2:14 ` Maxim Cournoyer
2023-08-21 13:57 ` Ludovic Courtès
2023-09-04 8:49 ` Ludovic Courtès
2023-09-04 11:34 ` Simon Tournier
2023-09-05 20:33 ` Maxim Cournoyer
2023-09-05 20:48 ` Simon Tournier
2023-09-04 9:32 ` Ludovic Courtès
2023-09-04 17:37 ` Simon Tournier
2023-09-06 0:22 ` Maxim Cournoyer
2023-09-05 20:39 ` Maxim Cournoyer
2023-09-05 20:56 ` Simon Tournier
2023-09-06 2:39 ` Maxim Cournoyer
2023-09-05 13:24 ` bug#65352: " Maxim Cournoyer
2023-09-05 13:43 ` [bug#65352] " Simon Tournier
2023-09-06 0:04 ` bug#65352: " Maxim Cournoyer
2023-09-06 0:58 ` [bug#65352] " Simon Tournier
2023-09-06 2:00 ` Maxim Cournoyer
2023-09-07 11:15 ` Simon Tournier
2023-09-06 10:32 ` [bug#65352] time-machine, unavailable network or Savannah down Simon Tournier
2023-09-06 14:17 ` [bug#65352] [PATCH v2] DRAFT git: Avoid touching the network unless needed in 'reference-available?' Simon Tournier
2023-09-13 20:16 ` [bug#65352] Fix time-machine and network Ludovic Courtès
2023-09-13 0:32 ` Simon Tournier
2023-09-14 8:50 ` Ludovic Courtès
2023-09-14 9:04 ` Ludovic Courtès
2023-09-14 9:42 ` Simon Tournier
2023-09-22 13:54 ` bug#65352: " Simon Tournier
2023-09-25 9:32 ` [bug#65352] " Ludovic Courtès
2023-09-25 9:57 ` Simon Tournier
2023-09-25 11:21 ` Simon Tournier
2023-09-25 15:01 ` Ludovic Courtès
2023-09-25 15:58 ` Simon Tournier
2023-09-06 17:41 ` [bug#65352] time-machine, unavailable network or Savannah down Maxim Cournoyer
2023-09-06 23:21 ` Simon Tournier
2023-08-15 19:44 ` [bug#64746] [PATCH v2 1/3] git: Clarify commit relation reference in doc Maxim Cournoyer
2023-08-15 19:44 ` [bug#64746] [PATCH v2 2/3] pull: Tag commit argument with 'tag-or-commit Maxim Cournoyer
2023-08-16 15:02 ` Simon Tournier
2023-08-16 18:47 ` Maxim Cournoyer
2023-08-17 14:45 ` Simon Tournier
2023-08-17 18:16 ` Maxim Cournoyer
2023-08-17 18:47 ` Simon Tournier
2023-08-23 2:54 ` [bug#64746] [PATCH 2/2] scripts: time-machine: Error when attempting to visit too old commits Maxim Cournoyer
2023-08-23 8:27 ` Simon Tournier
2023-08-15 19:44 ` [bug#64746] [PATCH v2 3/3] " Maxim Cournoyer
2023-08-16 15:39 ` Simon Tournier
2023-08-17 1:41 ` Maxim Cournoyer [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87y1iah2d0.fsf@gmail.com \
--to=maxim.cournoyer@gmail.com \
--cc=64746-done@debbugs.gnu.org \
--cc=dev@jpoiret.xyz \
--cc=guix@cbaines.net \
--cc=ludo@gnu.org \
--cc=me@tobias.gr \
--cc=othacehe@gnu.org \
--cc=rekado@elephly.net \
--cc=zimon.toutoune@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).