[scripts-audit] vcpkg_from_* #18272
[scripts-audit] vcpkg_from_* #18272
Conversation
strega-nil-ms
force-pushed
the
vcpkg_from_
branch
6 times, most recently
from
de7e8be to
332c4fc
Compare
strega-nil-ms
force-pushed
the
vcpkg_from_
branch
2 times, most recently
from
00085e4 to
7033a2f
Compare
|
/azp run |
|
Commenter does not have sufficient privileges for PR 18272 in repo microsoft/vcpkg |
|
/azp run |
|
Azure Pipelines successfully started running 1 pipeline(s). |
| URLS "${github_host}/${org_name}/${repo_name}/archive/${ref_to_use}.tar.gz" | ||
| FILENAME "${downloaded_file_name}" | ||
| ${headers} | ||
| ${sha512} | ||
| ${redownload} |
There was a problem hiding this comment.
Can we use the fully resolved VCPKG_HEAD_VERSION to avoid redownloading every time?
There was a problem hiding this comment.
I don't know, given that we aren't checking the SHA512 that makes me uncomfortable. thoughts?
There was a problem hiding this comment.
We also don't check the SHA512 of our tools (cmake, etc) every time we use them, so I don't think this is fundamentally different as long as we're using the full SHA1 commit id.
|
/azp run |
|
Azure Pipelines successfully started running 1 pipeline(s). |
|
/azp run |
|
Azure Pipelines successfully started running 1 pipeline(s). |
|
/azp run |
|
Azure Pipelines successfully started running 1 pipeline(s). |
this option is useful when doing HEAD installs
Cleans up vcpkg_from_bitbucket quite a lot. This should provide a basis for other vcpkg_from_* functions
This also adds support for --head, and replaces the old "X_OUT_REF" with `VCPKG_HEAD_VERSION`
this additionally deprecates the `SOURCEFORGE_MIRRORS` extension point, and adds a replacement in the form of `VCPKG_SOURCEFORGE_EXTRA_MIRRORS`
strega-nil-ms
force-pushed
the
vcpkg_from_
branch
from
56492b8 to
0dfdb30
Compare
|
/azp run |
|
Azure Pipelines successfully started running 1 pipeline(s). |
strega-nil-ms
force-pushed
the
vcpkg_from_
branch
from
3f3bc56 to
4d9b941
Compare
| if(VCPKG_USE_HEAD_VERSION) | ||
| set(VCPKG_HEAD_VERSION "${rev_parse_head}" PARENT_SCOPE) | ||
| elseif(NOT rev_parse_head STREQUAL arg_REF) | ||
| message(FATAL_ERROR "REF (${arg_REF}) does not match FETCH_HEAD (${rev_parse_head}) |
There was a problem hiding this comment.
I think the expected/actual output being damaged here is a regression. Moreover, I'm not convinced that the 'this means' statement is an accurate summation of the issue?
This means that we asked git to fetch a ref, and the FETCH_HEAD is at a different SHA than we asked for, which should be a 'can't happen' thing, not a 'please use a full sha' thing.
There was a problem hiding this comment.
This is not necessarily accurate:
> git fetch https://github.com/microsoft/vcpkg master
> git rev-parse FETCH_HEAD
<ref-of-master-right-now>master != <rev-of-master-right-now>, which is what we want to avoid here.
Additionally, this is an existing behavior:
if(NOT REV_PARSE_HEAD STREQUAL _vdud_REF AND NOT DEFINED _vdud_X_OUT_REF)
message(STATUS "[Expected : ( ${_vdud_REF} )]")
message(STATUS "[ Actual : ( ${REV_PARSE_HEAD} )]")
message(FATAL_ERROR "REF (${_vdud_REF}) does not match FETCH_HEAD (${REV_PARSE_HEAD})")so I'm just changing the message.
There was a problem hiding this comment.
master != , which is what we want to avoid here.
That can't be what this is actually looking for, because if it were, all named refs in the tree would be broken right now.
(Since their SHA is never going to be their name)
Additionally, this is an existing behavior:
Right, I'm saying I think the expected/actual part of the message was a good thing to have, and I don't think the part you added about REF not being a SHA is necessarily the cause of the problem. (Since REF not being a SHA is a very common / normal condition)
There was a problem hiding this comment.
hmm, okay, I'll switch it back then.
There was a problem hiding this comment.
For vcpkg_from_git(), we explicitly want to require REF to be a SHA1 to ensure we are not getting dynamic behavior outside of --head.
This check is a roundabout way to implement that and could probably use wording improvement.
There was a problem hiding this comment.
Approving despite outstanding comments because:
(1) first comment is about artifact caching, and I think Robert understands those things better than I anyway. Robert, please double check that you're happy with the implications there.
(2) the damaged 'no longer printing expected SHAs' output I think is from a 'can't happen' case
| if(VCPKG_USE_HEAD_VERSION) | ||
| set(VCPKG_HEAD_VERSION "${rev_parse_head}" PARENT_SCOPE) | ||
| elseif(NOT rev_parse_head STREQUAL arg_REF) | ||
| message(FATAL_ERROR "REF (${arg_REF}) does not match FETCH_HEAD (${rev_parse_head}) |
There was a problem hiding this comment.
For vcpkg_from_git(), we explicitly want to require REF to be a SHA1 to ensure we are not getting dynamic behavior outside of --head.
This check is a roundabout way to implement that and could probably use wording improvement.
|
Closed for rollup PR #18838 |
[scripts-audit] vcpkg_from_*
* [rollup:2021-07-06 1/8] PR #18272 (@strega-nil) [scripts-audit] vcpkg_from_* * [rollup:2021-07-06 2/8] PR #18319 (@strega-nil) [scripts-audit] add guidelines for cmake * [rollup 2021-07-06 3/8] PR #18410 (@mheyman) [vcpkg-cmake-config] documentation fix * [rollup:2021-07-06 4/8] PR #18488 (@strega-nil) [scripts-audit] vcpkg_execute_* * [rollup:2021-07-06 5/8] PR #18517 (@strega-nil) [scripts-audit] vcpkg_extract_source_archive * [rollup:2021-07-06 6/8] PR #18674 (@NancyLi1013) [vcpkg doc] Update examples * [rollup:2021-07-06 7/8] PR #18695 (@JackBoosY) [vcpkg] Update the minimum version of vcpkg * [rollup:2021-07-06 8/8] PR #18758 (@ras0219-msft) [vcpkg_from_git] Fix error if downloads folder does not exist * build docs! * fix bond:*-windows * fix nmap Co-authored-by: nicole mazzuca <[email protected]> Co-authored-by: Michael Heyman <[email protected]> Co-authored-by: NancyLi1013 <[email protected]> Co-authored-by: JackBoosY <[email protected]> Co-authored-by: Robert Schumacher <[email protected]>
This PR goes through the
vcpkg_from_*functions and brings them in line with the script audit (while also making them far easier to read and much DRY-er, imo)See issue #17691
This PR should likely be reviewed a commit at a time; or at least the first commit alone, the next three commits together, and then the latter two separately.
Still to do:
vcpkg_from_sourceforgevcpkg_from_git