Use lockfile when installing outpack_server in CI. #134
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Somewhere, something in the dependency tree of outpack_server something changes and caused the build to fail, which broke the orderly2 CI. This is the kind of thing lock files are supposed to prevent, by pinning to the same package versions used in outpack_server's own CI, which should make the build reproducible. However, quite surprisingly, `cargo install` ignores the lock file by default and pulls the latest compatible version of dependencies. Passing the `--locked` argument should prevent this from happening. I haven't investigated the underlying build failure much yet, but seems like an issue with a missing cargo feature flag.
|
Previous CI failure: https://github.com/mrc-ide/orderly2/actions/runs/8421643492/job/23059035785?pr=132 In the logs it says |
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #134 +/- ##
=========================================
Coverage 100.00% 100.00%
=========================================
Files 40 40
Lines 3671 3671
=========================================
Hits 3671 3671 ☔ View full report in Codecov by Sentry. |
richfitz
approved these changes
Mar 26, 2024
plietar
added a commit
to mrc-ide/outpack_server
that referenced
this pull request
Apr 3, 2024
Same problem we had in [the orderly2 CI][mrc-ide/orderly2#134]. By default `cargo install` ignores the lockfile and uses the latest compatible version of dependencies available on `crates.io`. Something changed in our dependency tree, and the build fails if the `Cargo.lock` isn't used, breaking our Docker image build. Regardless of this particular failure, I think we should always be using the lockfile when assembling the Docker image. The lockfile represents the set of versions that were used when running the test suite, therefore this should be the versions we run in production. In a way we got lucky that this change broke the build, rather than cause a change in behaviour that might make the server misbehave in a way that the test suite would have caught. [mrc-ide/orderly2#134]: mrc-ide/orderly2#134
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Somewhere, something in the dependency tree of outpack_server something changes and caused the build to fail, which broke the orderly2 CI.
This is the kind of thing lock files are supposed to prevent, by pinning to the same package versions used in outpack_server's own CI, which should make the build reproducible. However, quite surprisingly,
cargo installignores the lock file by default and pulls the latest compatible version of dependencies. Passing the--lockedargument should prevent this from happening.I haven't investigated the underlying build failure much yet, but seems like an issue with a missing cargo feature flag.