Consistent PATH between ctx.actions.run and ctx.actions.run_shell#146389
Merged
uri-canva merged 7 commits intoNixOS:masterfrom Dec 19, 2021
Merged
Consistent PATH between ctx.actions.run and ctx.actions.run_shell#146389uri-canva merged 7 commits intoNixOS:masterfrom
uri-canva merged 7 commits intoNixOS:masterfrom
Conversation
In order to remove duplicates in PATH when run_shell is called, the customBash script is removed. This is consistent with how other platform behave: only look in the local environment if PATH is not set, but it may break builds that explicitly expects a different local environment.
ylecornec
force-pushed
the
ylecornec/bazel_bash_fix
branch
from
d624ab2 to
be9385c
Compare
ofborg
Bot
added
10.rebuild-darwin: 1-10
Member
|
I’m sorry, I haven’t done anything with bazel in a while, should probably remove myself from the maintainers list. I can refer to other people who’ve been maintaining it: @kalbasit @uri-canva @ethercrow @timothyklim @avdv |
Member
|
fyi: I created the @NixOS/bazel maintenance group and invited all people mentioned above that are NixOS team members. |
uri-canva
approved these changes
Dec 14, 2021
Contributor
uri-canva
left a comment
uri-canva
left a comment
There was a problem hiding this comment.
Looks good, much better than the customBash wrapper!
Contributor
|
The error log is quite hard to read but here's the relevant part: |
Contributor
|
The darwin builds have a more straightforward failure: |
Contributor
|
It needs an equivalent patch for darwin, but I see you didn't test on darwin so I assume you don't have access to a darwin machine, I'll post the patch in a moment. |
Contributor
|
Here's the patch to fix the build on darwin (some changes are to help debugging), the tests don't all pass but they're marked as broken on darwin anyway so it's ok: diff --git a/pkgs/development/tools/build-managers/bazel/bazel_4/actions_path.patch b/pkgs/development/tools/build-managers/bazel/bazel_4/actions_path.patch
index bade7fdb716..1fa1e574833 100644
--- a/pkgs/development/tools/build-managers/bazel/bazel_4/actions_path.patch
+++ b/pkgs/development/tools/build-managers/bazel/bazel_4/actions_path.patch
@@ -1,5 +1,5 @@
diff --git a/src/main/java/com/google/devtools/build/lib/exec/local/PosixLocalEnvProvider.java b/src/main/java/com/google/devtools/build/lib/exec/local/PosixLocalEnvProvider.java
-index 6fff2af..7e2877e 100755
+index 6fff2af..7e2877e 100644
--- a/src/main/java/com/google/devtools/build/lib/exec/local/PosixLocalEnvProvider.java
+++ b/src/main/java/com/google/devtools/build/lib/exec/local/PosixLocalEnvProvider.java
@@ -47,6 +47,16 @@ public final class PosixLocalEnvProvider implements LocalEnvProvider {
@@ -19,3 +19,23 @@ index 6fff2af..7e2877e 100755
String p = clientEnv.get("TMPDIR");
if (Strings.isNullOrEmpty(p)) {
// Do not use `fallbackTmpDir`, use `/tmp` instead. This way if the user didn't export TMPDIR
+index 95642767c6..39d3c62461 100644
+--- a/src/main/java/com/google/devtools/build/lib/exec/local/XcodeLocalEnvProvider.java
++++ b/src/main/java/com/google/devtools/build/lib/exec/local/XcodeLocalEnvProvider.java
+@@ -74,6 +74,16 @@ public final class XcodeLocalEnvProvider implements LocalEnvProvider {
+
+ ImmutableMap.Builder<String, String> newEnvBuilder = ImmutableMap.builder();
+ newEnvBuilder.putAll(Maps.filterKeys(env, k -> !k.equals("TMPDIR")));
++
++ // In case we are running on NixOS.
++ // If bash is called with an unset PATH on this platform,
++ // it will set it to /no-such-path and default tools will be missings.
++ // See, https://github.com/NixOS/nixpkgs/issues/94222
++ // So we ensure that minimal dependencies are present.
++ if (!env.containsKey("PATH")){
++ newEnvBuilder.put("PATH", "@actionsPathPatch@");
++ }
++
+ String p = clientEnv.get("TMPDIR");
+ if (Strings.isNullOrEmpty(p)) {
+ // Do not use `fallbackTmpDir`, use `/tmp` instead. This way if the user didn't export TMPDIR
diff --git a/pkgs/development/tools/build-managers/bazel/bazel_4/default.nix b/pkgs/development/tools/build-managers/bazel/bazel_4/default.nix
index 64200c58fd8..448464b108b 100644
--- a/pkgs/development/tools/build-managers/bazel/bazel_4/default.nix
+++ b/pkgs/development/tools/build-managers/bazel/bazel_4/default.nix
@@ -103,7 +103,22 @@ let
# ],
# )
#
- [ bash coreutils findutils gawk gnugrep gnutar gnused gzip which unzip file zip python27 python3 ];
+ [
+ bash
+ coreutils
+ file
+ findutils
+ gawk
+ gnugrep
+ gnused
+ gnutar
+ gzip
+ python27
+ python3
+ unzip
+ which
+ zip
+ ];
# Java toolchain used for the build and tests
javaToolchain = "@bazel_tools//tools/jdk:toolchain_${buildJdkName}";
@@ -475,6 +490,8 @@ stdenv.mkDerivation rec {
build --host_javabase='@local_jdk//:jdk'
build --host_java_toolchain='${javaToolchain}'
build --verbose_failures
+ build --curses=no
+ build --sandbox_debug
EOF
# add the same environment vars to compile.sh
@@ -487,6 +504,8 @@ stdenv.mkDerivation rec {
-e "/\$command \\\\$/a --host_javabase='@local_jdk//:jdk' \\\\" \
-e "/\$command \\\\$/a --host_java_toolchain='${javaToolchain}' \\\\" \
-e "/\$command \\\\$/a --verbose_failures \\\\" \
+ -e "/\$command \\\\$/a --curses=no \\\\" \
+ -e "/\$command \\\\$/a --sandbox_debug \\\\" \
-i scripts/bootstrap/compile.sh
# This is necessary to avoid:
@@ -516,12 +535,13 @@ stdenv.mkDerivation rec {
# when a command can’t be found in a bazel build, you might also
# need to add it to `defaultShellPath`.
nativeBuildInputs = [
+ coreutils
installShellFiles
- zip
+ makeWrapper
python3
unzip
- makeWrapper
which
+ zip
] ++ lib.optionals (stdenv.isDarwin) [ cctools libcxx CoreFoundation CoreServices Foundation ];
# Bazel makes extensive use of symlinks in the WORKSPACE.
diff --git a/pkgs/development/tools/build-managers/bazel/cpp-test.nix b/pkgs/development/tools/build-managers/bazel/cpp-test.nix
index f4e03abdbc9..3f3faae25e2 100644
--- a/pkgs/development/tools/build-managers/bazel/cpp-test.nix
+++ b/pkgs/development/tools/build-managers/bazel/cpp-test.nix
@@ -44,6 +44,8 @@ let
${bazel}/bin/bazel \
build --verbose_failures \
--distdir=${distDir} \
+ --curses=no \
+ --sandbox_debug \
//...
'';
};
diff --git a/pkgs/development/tools/build-managers/bazel/java-test.nix b/pkgs/development/tools/build-managers/bazel/java-test.nix
index 11931a197c0..9641a95c33b 100644
--- a/pkgs/development/tools/build-managers/bazel/java-test.nix
+++ b/pkgs/development/tools/build-managers/bazel/java-test.nix
@@ -50,6 +50,8 @@ let
--java_toolchain='@bazel_tools//tools/jdk:toolchain_hostjdk8' \
--javabase='@local_jdk//:jdk' \
--verbose_failures \
+ --curses=no \
+ --sandbox_debug \
//:ProjectRunner
'';
};
diff --git a/pkgs/development/tools/build-managers/bazel/protobuf-test.nix b/pkgs/development/tools/build-managers/bazel/protobuf-test.nix
index 3858a681659..d01e1888724 100644
--- a/pkgs/development/tools/build-managers/bazel/protobuf-test.nix
+++ b/pkgs/development/tools/build-managers/bazel/protobuf-test.nix
@@ -169,6 +169,8 @@ let
--java_toolchain='@bazel_tools//tools/jdk:toolchain_hostjdk8' \
--javabase='@local_jdk//:jdk' \
--verbose_failures \
+ --curses=no \
+ --sandbox_debug \
//...
'';
}; |
Contributor
|
I'll let you apply the patch to your branch. |
The which binary is used by the tests to find python location from the PATH.
Co-Authored-By: Uri Baghin <[email protected]>
Co-Authored-By: Uri Baghin <[email protected]>
ylecornec
force-pushed
the
ylecornec/bazel_bash_fix
branch
from
4df477f to
932cfca
Compare
…sitory rules) Previously the customBash wrapper added the default tools to the PATH of commands from repository rules (which are run in the same environment as Bazel).
ylecornec
force-pushed
the
ylecornec/bazel_bash_fix
branch
from
932cfca to
ee62812
Compare
Contributor
Author
|
Thanks a lot for your help, indeed I do not have access to a darwin machine. The tests seem to pass now (apart from the Without it, the python test failed because it was now missing the I also added the rest of the default tools to the |
uri-canva
approved these changes
Dec 17, 2021
| mkdir -p $out/nix-support | ||
| echo "${customBash} ${defaultShellPath}" >> $out/nix-support/depends | ||
| echo "${defaultShellPath}" >> $out/nix-support/depends | ||
| # The templates get tar’d up into a .jar, |
Contributor
There was a problem hiding this comment.
Specifying python27 and python3 isn't necessary anymore since they're part of defaultShellPath.
Contributor
|
Will leave it a bit so others have a chance to review, and merge it tomorrow or in the next days if no further issues are raised. |
bazel_4: remove duplicated python paths from the nix-support/depends file.
ofborg
Bot
added
the
11.by: package-maintainer
uri-canva
approved these changes
Dec 17, 2021
13 tasks
Janik-Haag
added
the
12.first-time contribution
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Motivation for this change
This PR addresses issue #94222.
It adds a Bazel patch that sets the
PATHvariable todefaultShellPathfor local actions, whenPATHis not set.The second commit removes the
customBashscript in order to remove duplicates inPATHwhenrun_shellis used.(Since the
customBashscript always appends thedefaultShellPathtoPATH).We do not append things to
PATHif it is already set anymore.This is consistent with how other platforms behave (only use the default system environment if PATH is not set).
So it may break builds that explicitly expect a different local environment (by setting
PATHto/usr/binfor instance), but is more hermetic as we are less likely to accidentally use thedefaultShellPathwhen developing on nix.Things done
sandbox = trueset innix.conf? (See Nix manual)nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage./result/bin/)