continuous-deploy-fingerprint produce different runtime version for updates and builds

[vargajacint]

Description of the bug

Using the continuous-deploy-fingerprint GitHub Action produces different hash for builds and updates.
Moreover, introducing js only changes in the code creates a new EAS build every time, and I think the issue is related.

To Reproduce

1. Implemented the continuous-deploy-fingerprint GH Action using the example
2. Pushed some JS-only changes (like increasing the loader size)
3. Action started to run: Calculated the fingerprint which was exactly the same as the previous one (I compared them using diff).
4. New EAS build(sadly) and Update generated
5. Checking the EAS Build runtime-version does not match with the EAS update runtime-version
6. The weird part is that I did this several times, and the EAS build runtime-version was always the same, but somehow it always generated a new build

Expected behavior

Do not generate a new EAS build if it's not needed. Generate EAS update only for JS-only change.
Match the EAS build runtime-version with the EAS update runtime-version.

Actual behavior

The EAS build is always triggered, even if it's completely unnecessary. The EAS build runtime version is completely different than the EAS update runtime version

As you can see, the update runtime-version is completely different from the build-runtime version (red and blue arrows), even though they were triggered by the same action.
As you can see the build runtime-version was always the same per platform. So I don't get why new build was triggered then.

[vargajacint]

Investigation vol 1

Here are some logs from the GitHub Action

... fingerprint generation
{"hash":"4961a8e1e410721c5dca3b1ded6a0e8c49fc9462"}}],"hash":"b1f4f9c5fcf7730b0c212f190c84efacf92bca6f"}
Android fingerprint: 2cffbffcbf2a653286afec2f359d4db392173849 # ✅ -> It's okay, as we see before I already had some builds that fingerprint was this
iOS fingerprint: b1f4f9c5fcf7730b0c212f190c84efacf92bca6f # ✅ -> It's okay, as we see before I already had some builds that fingerprint was this
Looking for builds with matching runtime version (fingerprint)...
/opt/hostedtoolcache/eas-cli/9.1.0/x64/node_modules/.bin/eas build:list --platform android --status finished --buildProfile preview --runtimeVersion 2cffbffcbf2a653286afec2f359d4db392173849 --limit 1 --json --non-interactive
[] # -> 🔴 The problem is that this script looking for **build** with this fingerprint, but somehow the build fingerprint is not same as it was calculated
No existing Android build found for fingerprint, starting a new build...
/opt/hostedtoolcache/eas-cli/9.1.0/x64/node_modules/.bin/eas build --profile preview --platform android --non-interactive --json --no-wait --build-logger-level debug

[
  {
    ...
    "id": "cb3bf3c9-ad88-407b-88a5-88d60e8ce116",
    "channel": "testpreview",
    "distribution": "INTERNAL",
    "buildProfile": "preview",
    "sdkVersion": "51.0.0",
    "appVersion": "0.1.9",
    "appBuildVersion": "1",
    "runtimeVersion": "4db5b01cb43bc22b8b1ed847d4019db600c5537d", # -> 🔴 WHY? 
    "gitCommitHash": "f181a8507f134ec947fcbdb9649b1307955ddf48",
    "gitCommitMessage": "test: js only change"
  }
]

[daniel-xyz]

I just experienced the same. The issue (at least in my case) was that the environment variables set in the eas.json were not identical to those set in the update. Before, my GitHub Action contained this command:

EXPO_APP_ENV="preview" eas update --branch preview --auto --non-interactive

Unfortunately, I currently have no idea how to set my environment variable for updates within continuous-deploy-fingerprint. I'll have to look into this deeper or maybe someone can help.

If your issue is different, ignore my solution. Maybe it helps someone else then. :)

[vargajacint]

Hi @daniel-xyz

I had the exactly same problem (env mismatch). Here is some tips from @Kudo

published @expo/[email protected] that support fingerprint.config.js
to ignore app.json version from fingerprint, you could try adding fingerprint.config.js with the following content

const { SourceSkips } = require('@expo/fingerprint');
/** @type {import('@expo/fingerprint').Config} */
const config = {
  sourceSkips: SourceSkips.ExpoConfigRuntimeVersionIfString | SourceSkips.ExpoConfigVersions,
};
module.exports = config;

i didn't update the dependency inside expo-updates, so please try that first by using yarn resolutions or something.

[daniel-xyz]

Oh, sorry that I couldn't help, then. 😅 I meant I still have to set the environment variable somehow, anyway. It's not just about fingerprinting. But maybe it's more of a GitHub Actions problem I can figure out (edit: I did, lol).

At least I can confirm that I get the same fingerprints now (if the variables are the same), so I can't reproduce your error.

[giorgiofellipe]

I can confirm it is still an issue, even forcing to the latest version of the related packages.

    "@expo/config-plugins": "^8.0.5",
    "@expo/fingerprint": "^0.10.0",
    "expo-updates": "~0.25.17",

Reproducible by simply re-running the workflow without any changes, always generate new builds.

I'm also seeing Runtime Version as "file:fingerprint" on dev client, have you experienced it @vargajacint?

[giorgiofellipe]

Ok, looks like the fingerprint check has been fixed on "@expo/fingerprint": "^0.10.0"!

Still seeing file:fingerprint on dev client btw.

[brentvatne]

hey folks, we recommend referring to this guide for debugging discrepancies between fingerprints generated in different environments: https://docs.expo.dev/eas-update/continuous-deployment/#debugging-fingerprint-inconsistencies

[kevinschaffter]

Oh, sorry that I couldn't help, then. 😅 I meant I still have to set the environment variable somehow, anyway. It's not just about fingerprinting. But maybe it's more of a GitHub Actions problem I can figure out (edit: I did, lol).

At least I can confirm that I get the same fingerprints now (if the variables are the same), so I can't reproduce your error.

@daniel-xyz How did you end up making sure the envars were the same within the GH action?

[daniel-xyz]

@kevinschaffter that was an easy one, I just set them below env:

      - name: 🚀 Publish update and create a new build if fingerprint has changed
        uses: expo/expo-github-action/continuous-deploy-fingerprint@main
        env:
          EXPO_APP_ENV: 'preview'
        with:
          working-directory: ./apps/expo
          profile: 'preview'
          branch: 'preview'

[vanstinator]

I've added a fingerprint.config.js with the following contents:

const { SourceSkips } = require('@expo/fingerprint')

/** @type {import('@expo/fingerprint').Config} */
const config = {
  sourceSkips:
    // eslint-disable-next-line no-bitwise
    SourceSkips.ExpoConfigRuntimeVersionIfString |
    SourceSkips.ExpoConfigVersions,
}

module.exports = config

The android build fingerprint on EAS now matches the output of this github action, so subsequent Expo Updates are pulled down successfully.

ios builds on EAS contain a mismatched fingerprint yet. The only difference is in the hashed expoConfig, and when I ran a diff the EAS version contains my version property in my expoConfig. Is it possible the mac runners in EAS aren't honoring the fingerprint.config.js file yet?

[Kudo]

@vanstinator interesting! eas should use the same fingerprint from your project. could you share your eas build id that we could further investigate? e.g. https://expo.dev/accounts/XXX/projects/XXX/builds/ee1bad22-a2c6-4c10-8ef2-281ea15980ee, the ee1bad22-a2c6-4c10-8ef2-281ea15980ee is the build id.

[vanstinator]

@Kudo Sure! ca4cabef-dfa6-4eae-bcc1-db14c21ca3b8

[Kudo]

@vanstinator we published new [email protected] with @expo/[email protected] and it should solve the issue for you. thanks for sharing the issue insight for us.

[vanstinator]

Thank you!

[Wolfleader101]

@vanstinator we published new [email protected] with @expo/[email protected] and it should solve the issue for you. thanks for sharing the issue insight for us.

This is still an issue wit the github actions, do you know if/when there will be a fix for these?

[Kudo]

@Wolfleader101 could you share your build id?

[Wolfleader101]

@Wolfleader101 could you share your build id?

Hi @Kudo

Here js the iOS build id for example.

ee1bcee0-4c75-437c-b6ad-6570c1391e5f

It seems that it is pushing an update while it's still building, and it will create a build even if the runtime version already exists

[Kudo]

@Wolfleader101 thanks for sharing the info. it appears that your build doesn't have inconsistent fingerprint as the screenshot

could you elaborate more toward your problem with inconsistent fingerprints?

[Wolfleader101]

@Wolfleader101 thanks for sharing the info. it appears that your build doesn't have inconsistent fingerprint as the screenshot

could you elaborate more toward your problem with inconsistent fingerprints?

Hi @Kudo,

When the continuous delivery action runs it always generates a new build, even when a build with the runtime version already exists.

On top of that the run time version generated in the expo updates doesn't match

As you can see below there is a mismatch between the update runtime version and app runtime version.

[Kudo]

@Wolfleader101 interesting! i may need your debug log from github action to further investigate. are you in expo discord server or twitter? maybe we could have a better way to send DM for faster communication.

[Wolfleader101]

Hi @Kudo

sure I’ll send it through on discord for you, feel free to add me :)
My discord username is wolfleader

[hirbod]

I know I am very late to this, but this is the same problem I think I reported to you @Kudo at Appjs conf

[Kudo]

@hirbod thank to all the feedback from the community, we've fixed many issues since then. on eas build page, we also added logging if we find inconsistent fingerprint as shown at #286 (comment).
would be good for you to try again. if there's any issues, i would love to pair with you

[giorgiofellipe]

@Kudo what @Wolfleader101 reported seems to be related to expo/eas-cli#2448 (comment). Is there any updates on the subject? Thank you!

[danoc]

Ok, looks like the fingerprint check has been fixed on "@expo/fingerprint": "^0.10.0"!

Still seeing file:fingerprint on dev client btw.

I am also seeing this. Did you find a fix? Thanks!

[mikehuebner]

Am also seeing this on the latest version, not sure why though. Here is my app.config.ts setting for runtimeVersion

runtimeVersion: {
  policy: 'fingerprint',
}

[kasvith]

im also seeing this on latest version as well

im using dynamic configuration with app.config.js and in my eas.json i ve defined env vars
i've calculated the fingerprint locally and the version in expo build doesnt match the version im having locally

so it keep triggering new builds again and again with zero native deps changes

[giorgiofellipe]

Hi @Kudo!
This is definitely still happening.
My build id: c5f4b89e-a05d-468d-ac30-11a32813c2d8

[Kudo]

sorry for late response.

@kasvith could you share your build id?

@giorgiofellipe your problem could be pnpm installation. i am asking the team if we could improve pnpm support and will get back to you.

[Kudo]

@giorgiofellipe we noticed a pnpm warning in your build log which may lead to inconsistent installation. could you double check whether your pnpm lock file is updated and consistent before/after pnpm install?

Lockfile is up to date, resolution step is skipped
WARN  Broken lockfile: no entry for '@types/[email protected]' in pnpm-lock.yaml
ERR_PNPM_LOCKFILE_MISSING_DEPENDENCY  The lockfile is broken! Resolution step will be performed to fix it.