Use a scala compiler plugin to throw errors on missing direct-deps

[natansil]

This PR is the first phase in implementing #235.

Description

It keeps the current end-user behavior of failing a build due to missing direct-deps.
This behavior is achieved in a different way. Instead of providing the Scala compiler only direct deps, it also provides it indirect-deps.
But an additional step is run by a scala compiler plugin called dependency-analyzer which is provided with build target information (direct jars, indirect jars and indirect target ).
The plugin throws an error if it concludes that certain used jars are not directly dependent upon by the bazel target

A new feature is to provide the user with the information of which target label is missing in the build file.
For example:

ERROR: /Users/natans/Work/rules_scala/test_expect_failure/missing_direct_deps/BUILD:4:1: scala //test_expect_failure/missing_direct_deps:transitive_dependency_user failed: Process exited with status 1 [sandboxed].
error: Target '//test_expect_failure/missing_direct_deps:direct_dependency' is used but isn't explicitly declared, please add it to the deps

Known limitations with the current PR:

1. the Scala compiler plugin is built using an older version of rules Scala (bootstrapping build) in order to avoid cyclic dependency
2. the plugin tests are not hermetic as they use Coursier to fetch artifacts from the internet.

Next planned work

1. switch the plugin tests to be E2E tests in order to avoid the current pitfalls (coursier, jar paths concatenation)
2. add support for scala_binary (currently only works on scala_library)
3. enable toggling between warn/error/off modes
4. change the plugin such that it "knows" when the compilation unit actually used the jar, and not just when the compiler transitively needs it
5. in addition to throwing errors, the plugin should output buildoser commands to fix the BUILD files

Thanks to @nadavwe who contributed a lot to this feature

[bazel-io]

Can one of the admins verify this patch?

[natansil]

Hi @kchodorow , we want to add a scala compiler plugin to the rules-scala repo, but we cannot build it directly with scala_library as the latter uses the plugin, and so causes a cyclic dependency.
To bypass the problem we 'bootstrap' plugin build using an previous commit of rules-scala we fetch using http_archive, but we get the following warning:

WARNING: /private/var/tmp/_bazel_natans/76d980e70234552ca74184efcaae9f88/external/io_bazel_rules_scala_for_plugin_bootstrapping/WORKSPACE:1: Workspace name in /private/var/tmp/_bazel_natans/76d980e70234552ca74184efcaae9f88/external/io_bazel_rules_scala_for_plugin_bootstrapping/WORKSPACE (@io_bazel_rules_scala) does not match the name given in the repository's definition (@io_bazel_rules_scala_for_plugin_bootstrapping); this will cause a build error in future versions.

Is there some other way you can think of that resolves the cyclic dependency here?

[ittaiz]

@johnynek I'll do a detailed code review but I'd appreciate your general feedback about this direction.

[johnynek]

In general, this is very exciting. I'd have two main requests:

1. can we keep the bootstrap compiler local to this repo (by parameterizing the skylark rules and then making a scala_library_bootstrap rule or something which can produce jars that scala_library can depend on).

2. can we remove all the whitespace changes from this diff to make reviewing less error prone/burdensome.

[johnynek]

I don't like this approach here. It makes it more difficult to have your own branch of rules.

Could we instead have a bootstrap compiler mode that is very simple, but possibly slow that does not depend on fancy features? Or maybe just an option we can pass into the skylark which can use the direct/indirect approach at all?

[natansil]

removed http_archive of old rules_scala version.
added bootstrapping version of scala_library rule

[johnynek]

what is this used for?

[natansil]

It's a scala compiler plugin descriptor that contains the entry point for the plugin.
See http://www.scala-lang.org/old/node/140

[johnynek]

should we use a different package name when we are doing this? It seems weird to have a copy of the code without putting it in a new package.

[natansil]

renamed

[johnynek]

is this exactly the same code with no changes? If so, can we add a comment to that effect and if not explain where it is different?

[natansil]

We have referred this question to Google open source office

[johnynek]

this test is doing network ops, no? That seems suboptimal to me if so.

[natansil]

@johnynek That is correct, we noted this issue in the description...
This coming week, a couple of Wix developers are working on this feature.
Their first task is to move the tests in this unit test class to the the E2E test run by the test_run script. this way using Coursier will not be neccessary

As this is is the only issue waiting to be resolved in the coming week, we would appreciate it if you can give your OK to merge this PR, in order for the new developers to work on a new branch out of master

[johnynek]

lables is misspelled.

[natansil]

fixed spelling

[johnynek]

I think you may need a full @io_bazelbuild_rules_scala//plugin/... name here since it may not be expanded correctly in remote repos.

[natansil]

added repo prefix

[johnynek]

can we move 197 here to make it easier to verify that when we don't use the dependency analyzer we won't use the options.

[natansil]

done

[johnynek]

side note; all the cosmetic changes are making this hard to review. I have to carefully read each line to make sure it does not contain a semantic change. Could we possibly have a minimal change with no cosmetic changes and send a second PR that has the formatting changes? This kind of separation significantly reduces the review difficulty.

[natansil]

Totally agree. removed formatting changes

[johnynek]

pretty wild scala style here. :)

[natansil]

:) Anything you want me to change?

[johnynek]

cc @retronym who may be interested to see his code show up here.

[ittaiz]

test this please (dear ci bot)

[ittaiz]

this is no longer the description right?

[natansil]

renamed

[ittaiz]

is this idiomatic? shouldn't the guard be in the previous line? maybe @dkomanov knows

[natansil]

moved up to the previous line

[ittaiz]

why do we need this third check? Is there a situation where enable_dependency_analyzer exists but dependency_analyzer_plugin doesn't?

[natansil]

It is not needed. removed it.

[ittaiz]

what does this mean? when is a jar path invalid?

[natansil]

This was added in order to pass non-related failing tests.

On retrospect, this was incorrect and there was a missing test on 'file' deps, e.g. @com_google_guava_guava_21_0//jar:file.
added a test, and deleted these lines

[ittaiz]

should this be a private attribute? are actual users supposed to be able to configure this? I think not so it should probably be internal (_dependency_analyzer_plugin)

[natansil]

changed to internal

[ittaiz]

as much as I hate comments maybe one is needed here since the attribute trick might be hard to grasp at first and second look

[natansil]

comment added

[ittaiz]

extract method?

[natansil]

extracted

[ittaiz]

i think this (the ability to turn off dependency analyzer) doesn't have a test, right?
even if this is covered by existing tests (which I'm not sure) there's definitely no test which encodes the feature, right? WDYT about having the next pair also add that test?

[natansil]

The feature to turn off dependency analyzer has not been added yet. This if statement is used because compile method is used by scala_binary which does not support the plugin yet, and also the bootstrapping version of scala_library. What test do you suggest can be added here?

[ittaiz]

the test will be to use the command line flags and see that we don't have the dependency analyzer.
But we'll need to wait for 0.5.3 or 0.6.0 for that change.
If you can add an internal issue about it and we'll add it later on

[natansil]

added issue to rules_scala #248

[ittaiz]

Is this echo (the first one) helpful for debugging? not against it just trying to understand

[natansil]

yes. If there is an error, the output of the build will be shown

[ittaiz]

@natansil the build fails after you rebased from master. Did it pass locally?

[natansil]

@ittaiz, no I merged from github directly. Not doing that again... :)
Anyway, that is fixed now...

[googlebot]

We found a Contributor License Agreement for you (the sender of this pull request), but were unable to find agreements for the commit author(s). If you authored these, maybe you used a different email address in the git commits than was used to sign the CLA (login here to double check)? If these were authored by someone else, then they will need to sign a CLA as well, and confirm that they're okay with these being contributed to Google.
In order to pass this check, please resolve this problem and have the pull request author add another comment and the bot will run again.

[googlebot]

So there's good news and bad news.

👍 The good news is that everyone that needs to sign a CLA (the pull request submitter and all commit authors) have done so. Everything is all good there.

😕 The bad news is that it appears that one or more commits were authored by someone other than the pull request submitter. We need to confirm that they're okay with their commits being contributed to this project. Please have them confirm that here in the pull request.

Note to project maintainer: This is a terminal state, meaning the cla/google commit status will not change from this state. It's up to you to confirm consent of the commit author(s) and merge this pull request when appropriate.

[nadavwe]

as the other commiter, I'm OK with the commits that were done.

[natansil]

@ittaiz, finished with the CR changes. please review them as well

[ittaiz]

i guess this is to eliminate d showing up in both c and d right? if so maybe a named inner method, a comment or both would help clarify this

[natansil]

correct, added several inner methods that hopefully convey the intent

[ittaiz]

can you explain why this fixes the bug?

[natansil]

The bug was that an incorrect target was given in the error message to the user. If we have A, B, and C, (A has B in deps, B has C in deps) than by the time A was built, the dependency information it receives was already aggregated and attached to the target B.

In order to retrieve information attached to target C, another provider (jars_to_labels) was needed to be returned by scala_library in order for targets such as C be exposed when building A

[ittaiz]

@natansil added two (hopefully last) comments

[johnynek]

This is coming along great. One thing I am not seeing is how we ensure we use ijars for the indirect dependencies. If we use the runtime jars, we are going to cause a recompilation any time any aspect of any runtime dep changes. I don't think we want that as it will mean that we recompile everything downstream of all changes all the time. I think we need to be careful here.

[johnynek]

isn't this always true here? Can we just write enable_dependency_analyzer = True here?

[natansil]

Changed

[johnynek]

this is only all_jars if dependency analysis is on, isn't it?

Also, in that case, if any of the runtime jars change at all, you will have to recompile. Won't this result in a lot of rebuilding? It seems like we want the ijars for the transitive dependencies, but not the runtime jars for the transitive dependencies. Is this actually what is happening, if so can we comment here to remind the reader?

[natansil]

fixed. passing only transitive compile_time ijars.
passing only direct deps if dependency analysis is off.

[johnynek]

if this is here, it means we can't use it with scala_binary, scala_test or scala_macro_library right. Any reason for the split?

[natansil]

We decided to start first with scala_library, the pair continuing work this week will add this also to scala_binary, scala_test and scala_macro_library, etc...

[ittaiz]

test this please (ci bot)

[natansil]

@johnynek , please review after change of passing ijars instead of jars

[ittaiz]

test this please (Ci bot)

[johnynek]

can we not access the transitive ijars with the java provider?

[natansil]

Java provider only exposes compile_jars and transitive_runtime_jars.
I've opened an issue for transitive_compile_time_jars to be exposed

[johnynek]

for consistency with transitive_runtime_jars should we call this transitive_compile_jars?

[ittaiz]

@johnynek WDYT about having transitive_cjars be named compile_jars because intent wise that's what they are. The jars which we're going to compile with. Implementation wise they are transitive but I'm not sure that's the focus.
And I'd rename the existing compile_jars to be direct_jars since that's the only reason they're still needed. For the plugin to know if the used jar is direct or indirect.
WDYT?

[johnynek]

The java provider means compile_jars to be direct though, no? I'd prefer to keep terminology with them, even if it is not ideal.

transitive_compile_jars to me seems most consistent with bazel's naming. Do you disagree?

[johnynek]

have you tested this internally on a real repo yet?

[jvican]

Note: to get the biggest benefit of the compiler plugin that has been ported from the Classpath Shrinker, I recommend using Scala 2.11.11 that has improvements to the stub error messages that allows build tool authors to write bots to remove classpath entries automatically. This is what they are doing in Pants (EDITED).

[natansil]

@johnynek

have you tested this internally on a real repo yet?

We have started the process today, I will update when we have results

[ittaiz]

test this please

[ittaiz]

Thank you so much @natansil! Appreciate the work along the long journey.

[cushon]

We haven't seen appreciable overhead with the Strict Java Deps plugin. Would it be possible to put together a benchmark that demonstrates the slowdown you're seeing? Also, is it possible that the different with scala is caused by a longer classpath using strict deps than with manually curated deps?