Skip to content

Support fully deterministic toolchain#36

Merged
srikrsna-buf merged 1 commit intobufbuild:mainfrom
sushain97:patch-1
Oct 12, 2023
Merged

Support fully deterministic toolchain#36
srikrsna-buf merged 1 commit intobufbuild:mainfrom
sushain97:patch-1

Conversation

@sushain97
Copy link
Copy Markdown
Contributor

@sushain97 sushain97 commented Mar 31, 2023

We add a sha256 argument to rules_buf_toolchains which allows for setting a sha256 value for the released sha256.txt file. This is necessary in environments like Stripe where we do not allow any external dependencies that don't specify a SHA-256 in order to have fully deterministic external inputs. I've tested each combination of the inputs below.

With neither version nor sha256:

$ bazel build //...
DEBUG: Rule 'rules_buf_toolchains' indicated that a canonical reproducible form can be obtained by modifying arguments version = "v1.16.0", sha256 = "d1324e435706422aaf639815fd82724599cc03a432d6cf9865c6fe47e2c94fe9"
DEBUG: Repository rules_buf_toolchains instantiated at:
  /Users/sushain/stripe/rules_buf/examples/workspace/WORKSPACE:10:21: in <toplevel>
  /private/var/tmp/_bazel/f4af68f813edc0cb16230cfe2253e9d7/external/rules_buf/buf/internal/toolchain.bzl:225:27: in rules_buf_toolchains
Repository rule _buf_download_releases defined at:
  /private/var/tmp/_bazel/f4af68f813edc0cb16230cfe2253e9d7/external/rules_buf/buf/internal/toolchain.bzl:204:41: in <toplevel>
INFO: Analyzed 7 targets (1 packages loaded, 17 targets configured).
INFO: Found 7 targets...
INFO: Elapsed time: 5.871s, Critical Path: 0.00s
INFO: 1 process: 1 internal.
INFO: Build completed successfully, 1 total action

With just version:

$ bazel build //...
DEBUG: Rule 'rules_buf_toolchains' indicated that a canonical reproducible form can be obtained by modifying arguments sha256 = "2e53b6cbff35121058ecd447b37d484f1ca4da88a3e8a771c1e868be3bb8fdca"
DEBUG: Repository rules_buf_toolchains instantiated at:
  /Users/sushain/stripe/rules_buf/examples/workspace/WORKSPACE:10:21: in <toplevel>
  /private/var/tmp/_bazel/f4af68f813edc0cb16230cfe2253e9d7/external/rules_buf/buf/internal/toolchain.bzl:225:27: in rules_buf_toolchains
Repository rule _buf_download_releases defined at:
  /private/var/tmp/_bazel/f4af68f813edc0cb16230cfe2253e9d7/external/rules_buf/buf/internal/toolchain.bzl:204:41: in <toplevel>
INFO: Analyzed 7 targets (24 packages loaded, 171 targets configured).
INFO: Found 7 targets...
INFO: Elapsed time: 1.484s, Critical Path: 0.00s
INFO: 1 process: 1 internal.
INFO: Build completed successfully, 1 total action

With both version and sha256:

$ bazel build //...
INFO: Analyzed 7 targets (1 packages loaded, 17 targets configured).
INFO: Found 7 targets...
INFO: Elapsed time: 0.801s, Critical Path: 0.02s
INFO: 1 process: 1 internal.
INFO: Build completed successfully, 1 total action

If this change is acceptable, I'd like to request that it be released as v0.1.2.

@CLAassistant
Copy link
Copy Markdown

CLAassistant commented Mar 31, 2023
edited
Loading

CLA assistant check
All committers have signed the CLA.

@sushain97
Copy link
Copy Markdown
Contributor Author

sushain97 commented Jun 12, 2023

@rubensf any chance this can get a review?

@sushain97
Copy link
Copy Markdown
Contributor Author

sushain97 commented Jun 14, 2023

@srikrsna-buf thanks! Can we merge and cut a new release?

@alexeagle
Copy link
Copy Markdown

alexeagle commented Oct 11, 2023

ping @srikrsna-buf

I'd like to contribute a Bzlmod setup to this repo, but I'm concerned if there's no maintenance going on that I'll waste my time.

@srikrsna-buf srikrsna-buf merged commit a61c186 into bufbuild:main Oct 12, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@srikrsna-buf srikrsna-buf srikrsna-buf approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@sushain97 @CLAassistant @alexeagle @srikrsna-buf