From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp0 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms11 with LMTPS id UC+BO/zPhV8DTgAA0tVLHw (envelope-from ) for ; Tue, 13 Oct 2020 16:04:12 +0000 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp0 with LMTPS id 8BFiN/zPhV81aAAA1q6Kng (envelope-from ) for ; Tue, 13 Oct 2020 16:04:12 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id D1E3A940414 for ; Tue, 13 Oct 2020 16:04:11 +0000 (UTC) Received: from localhost ([::1]:45830 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kSMmX-0000oY-6D for larch@yhetil.org; Tue, 13 Oct 2020 12:04:09 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:42418) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kSMkU-00078z-Gv for bug-guix@gnu.org; Tue, 13 Oct 2020 12:02:02 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:36945) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1kSMkU-0007QC-4S for bug-guix@gnu.org; Tue, 13 Oct 2020 12:02:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1kSMkU-0001w6-16 for bug-guix@gnu.org; Tue, 13 Oct 2020 12:02:02 -0400 X-Loop: help-debbugs@gnu.org Subject: bug#43893: [PATCH v2] maint: update-guix-package: Prevent accidentally breaking guix pull. Resent-From: Marius Bakke Original-Sender: "Debbugs-submit" Resent-CC: bug-guix@gnu.org Resent-Date: Tue, 13 Oct 2020 16:02:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 43893 X-GNU-PR-Package: guix X-GNU-PR-Keywords: patch To: Maxim Cournoyer , 43893@debbugs.gnu.org Received: via spool by 43893-submit@debbugs.gnu.org id=B43893.16026048847397 (code B ref 43893); Tue, 13 Oct 2020 16:02:01 +0000 Received: (at 43893) by debbugs.gnu.org; 13 Oct 2020 16:01:24 +0000 Received: from localhost ([127.0.0.1]:48491 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1kSMjr-0001vE-UH for submit@debbugs.gnu.org; Tue, 13 Oct 2020 12:01:24 -0400 Received: from eggs.gnu.org ([209.51.188.92]:35416) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1kSMjq-0001v1-1j for 43893@debbugs.gnu.org; Tue, 13 Oct 2020 12:01:22 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]:37901) by eggs.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kSMjk-0007Ml-Ls; Tue, 13 Oct 2020 12:01:16 -0400 Received: from ti0006q161-1594.bb.online.no ([46.9.75.77]:35668 helo=localhost) by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256) (Exim 4.82) (envelope-from ) id 1kSMjh-0003ao-CT; Tue, 13 Oct 2020 12:01:15 -0400 From: Marius Bakke In-Reply-To: <20201011195740.1993-1-maxim.cournoyer@gmail.com> References: <87eem7qcxc.fsf@gmail.com> <20201011195740.1993-1-maxim.cournoyer@gmail.com> Date: Tue, 13 Oct 2020 18:00:23 +0200 Message-ID: <87imbedsko.fsf@gnu.org> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" X-Spam-Score: -2.3 (--) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-Spam-Score: -3.3 (---) X-BeenThere: bug-guix@gnu.org List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Maxim Cournoyer Errors-To: bug-guix-bounces+larch=yhetil.org@gnu.org Sender: "bug-Guix" X-Scanner: scn0 Authentication-Results: aspmx1.migadu.com; dkim=none; dmarc=pass (policy=none) header.from=gnu.org; spf=pass (aspmx1.migadu.com: domain of bug-guix-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=bug-guix-bounces@gnu.org X-Spam-Score: -1.11 X-TUID: wKXEWuQkdBx5 --=-=-= Content-Type: text/plain Content-Transfer-Encoding: quoted-printable Maxim Cournoyer writes: > Fixes . > > This changes the 'update-guix-package' tool so that it: > > 1. Always uses a clean checkout to compute the hash of the updated 'guix' > package. > 2. Ensures the commit used in the updated 'guix' package definition has a= lready > been pushed upstream. > > * build-aux/update-guix-package.scm (%savannah-guix-git-repo-push-url): N= ew > variable. > (with-input-pipe-to-string): New syntax. > (find-origin-remote, git-add-worktree): New procedures. > (commit-already-pushed?): New predicate. > (main): Check the commit used has already been pushed upstream and comput= e the > hash from a clean checkout. > * doc/contributing.texi (Updating the Guix Package): Document it. [...] =20=20 > (define %top-srcdir > (string-append (current-source-directory) "/..")) > @@ -101,44 +109,69 @@ COMMIT." > (exp > (error "'guix' package definition is not as expected" exp))))) >=20=20 > - > -(define (main . args) > - (match args > - ((commit version) > - (with-store store > - (let* ((source (add-to-store store > - "guix-checkout" ;dummy name > - #t "sha256" %top-srcdir > - #:select? version-controlled?)) > - (hash (query-path-hash store source)) > - (location (package-definition-location)) > - (old-hash (content-hash-value > - (origin-hash (package-source guix))))) > - (edit-expression location > - (update-definition commit hash > - #:old-hash old-hash > - #:version version)) > +(define (git-add-worktree directory commit-ish) > + "Create a new git worktree at DIRECTORY, detached on commit COMMIT-ISH= ." > + (invoke "git" "worktree" "add" "--detach" directory commit-ish)) Is it feasible to use Guile-Git here (given appropriate bindings)? > +(define %savannah-guix-git-repo-push-url > + "git.savannah.gnu.org/srv/git/guix.git") >=20=20 > - ;; Re-add SOURCE to the store, but this time under the real nam= e used > - ;; in the 'origin'. This allows us to build the package without > - ;; having to make a real checkout; thus, it also works when wor= king > - ;; on a private branch. > - (reload-module > - (resolve-module '(gnu packages package-management))) > +(define-syntax-rule (with-input-pipe-to-string prog arg ...) > + (let* ((input-pipe (open-pipe* OPEN_READ prog arg ...)) > + (output (get-string-all input-pipe)) > + (exit-val (status:exit-val (close-pipe input-pipe)))) > + (unless (zero? exit-val) > + (error (format #f "Command ~s exited with non-zero exit status: ~s" > + (string-join (list prog arg ...)) exit-val))) > + (string-trim-both output))) >=20=20 > - (let* ((source (add-to-store store > - (origin-file-name (package-source = guix)) > - #t "sha256" source)) > - (root (store-path-package-name source))) > +(define (find-origin-remote) > + "Find the name of the git remote with the Savannah Guix git repo URL." > + (and-let* ((remotes (string-split (with-input-pipe-to-string > + "git" "remote" "-v") > + #\newline)) > + (origin-entry (find (cut string-contains <> > + (string-append > + %savannah-guix-git-repo-push-url > + " (push)")) > + remotes))) > + (first (string-split origin-entry #\tab)))) >=20=20 > - ;; Add an indirect GC root for SOURCE in the current director= y. > - (false-if-exception (delete-file root)) > - (symlink source root) > - (add-indirect-root store > - (string-append (getcwd) "/" root)) > +(define (commit-already-pushed? remote commit) > + "True if COMMIT is found in the REMOTE repository." > + (not (string-null? (with-input-pipe-to-string > + "git" "branch" "-r" "--contains" commit > + (string-append remote "/master"))))) ...because parsing git CLI output is error-prone and "ugly" (IMO). But not a strong opinion. > - (format #t "source code for commit ~a: ~a (GC root: ~a)~%" > - commit source root))))) > + > +(define (main . args) > + (match args > + ((commit version) > + (with-directory-excursion %top-srcdir > + (or (getenv "GUIX_ALLOW_ME_TO_USE_PRIVATE_COMMIT") > + (commit-already-pushed? (find-origin-remote) commit) > + (leave (G_ "Commit ~a is not pushed upstream. Aborting.~%") = commit)) > + (dynamic-wind > + (lambda () > + #t) > + (lambda () > + (call-with-temporary-directory > + (lambda (tmp-directory) > + (let* ((dummy (git-add-worktree tmp-directory commit)) > + (hash (nix-base32-string->bytevector > + (string-trim-both > + (with-output-to-string > + (lambda () > + (guix-hash "-rx" tmp-directory)))))) > + (location (package-definition-location)) > + (old-hash (content-hash-value > + (origin-hash (package-source guix))))) > + (edit-expression location > + (update-definition commit hash > + #:old-hash old-hash > + #:version version)))= ))) > + (lambda () > + (invoke "git" "worktree" "prune"))))) This is not great, because users (well, developers who run this script) may have worktrees that are temporarily inaccessible (e.g. on a USB drive or whatever). Better to just leave the stale reference instead of potentially destroying users worktrees. Perhaps the script could 'git clone --maxdepth=3D1' instead of creating a worktree? --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEzBAEBCgAdFiEEu7At3yzq9qgNHeZDoqBt8qM6VPoFAl+FzxcACgkQoqBt8qM6 VPr3UAf6Aq3Pf6Va1zEAP3DCV5RUFoYQSH2mnns+qI0cULZK1iShIvcwdC6X7u1J 1LMaerMRmzSTtjtO3csi62AMvXAr6rI5Ld4aON9NwJkmbnR0dKAvLfC/34Igcm9h cJO2vp5L6tQag0xcKmQYdI6FcI+xKdh+uBPczVTofyyAl225CENMsyqdAUEmnVHR KHo8v1Uyy+r4bvnQZnf+sJMGtv/RgbEmPMCk36tCrQYMvQ+2atdx/A5lQ5LpfDPv OJLL9F06930dyJBxMEC2JKNbplKgVujue7Vyy9n9Mog80jM2Ok2nb69IcYqlm1J+ Gpw9LOmiueEiqldEJ5FeuR2cmu8Q8g== =rNVH -----END PGP SIGNATURE----- --=-=-=--