-
Notifications
You must be signed in to change notification settings - Fork 146
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Upgrade tonic and prost #593
Conversation
bbd8791
to
cd0a7a8
Compare
Needed by project-akri#593 Signed-off-by: Nicolas Belouin <[email protected]>
Needed by project-akri#593 for prost upgrade Signed-off-by: Nicolas Belouin <[email protected]>
cd0a7a8
to
3910d51
Compare
This PR depends on #594 as a change in intermediate containers is needed |
3910d51
to
1ec427b
Compare
Needed by project-akri#593 for prost upgrade Signed-off-by: Nicolas Belouin <[email protected]>
@@ -677,7 +677,7 @@ mod tests { | |||
} | |||
|
|||
#[test] | |||
fn test_deserialized_has_extra_array_element() { | |||
async fn test_deserialized_has_extra_array_element() { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why are all of these changed to async
? They all look synchronous and are using the #[test]
macro still.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
actix_web
now defines a test
macro that got pulled here, went to fast during upgrade and thought it was already the case, fixed it now.
@diconico07 not sure why the cross production code workflow is failing. Doesn't seem to be an issue with rust version compat https://crates.io/crates/cross |
@kate-goldenring it is failing because it tries to use the intermediate container from #594 |
48edb24
to
9491774
Compare
Okay, seems like we're going to need a way more recent protobuf-compiler package in the cross image than the one package in ubuntu 14.04, and upgrading to latest cross image will only takes us to 18.04 that don't have recent enough protobuf-compiler either, their next release should go to 20.04 that will have a recent enough version |
I see the intermediate image is using a old cross image (not even from the officials) :
maybe you should rebuild them to target https://github.com/cross-rs/cross which seems to use ubuntu 20.04 and then in ubuntu 20, protobuf is from version 3.6 |
In fact the rustembedded one was the official one back then, but they moved to ghcr since. |
Indeed, I wasn't aware of this renaming 😅. I saw that too. Not sure when 0.3.0 will come out, soon I guess as they are already 2 months past due date, just 9 issues to close. |
They (cross) moved their estimated due date, and still late on it, I'm more and more enticed to drop cross entirely, I'll raise the topic on the slack to gather some thoughts on this. |
9491774
to
323da68
Compare
Rebased on #670 to make it build correctly, and upgraded all dependencies (with a focus on tonic and prost). With that upgrade, the h2 patch is still needed (using the one from hyperium/h2#612, but as agreed with @kate-goldenring, we are going to maintain our own fork to use in Cargo.toml to ensure a better supply chain while we try to get this upstream). Another patch is needed for OPCUA crate, this patch is only the main upstream branch, as we need an upstream not yet released fix to work with latest rust version (some checks are now stricter) |
ef000ab
to
1bfc410
Compare
@diconico07 which change/ pr in the |
This is the merged PR we are waiting: locka99/opcua#260 |
1bfc410
to
9483824
Compare
@diconico07 maybe we take this as a sign to move the opcua DH out too? |
Go back to upstream h2 version as the go-grpc bug is long solved Signed-off-by: Nicolas Belouin <[email protected]>
Upgrade actix, actix-web and actix-rt to latest, This solves the following audit issues: - RUSTSEC-2020-0016 - RUSTSEC-2020-0056 - RUSTSEC-2021-0124 - RUSTSEC-2023-0034 Signed-off-by: Nicolas Belouin <[email protected]>
Opcua crate patch update required because of [opcua#294](locka99/opcua#294) h2 patch needed because of the bad/missing Authority header, using upstream PR branch for this [h2#612](hyperium/h2#612) Signed-off-by: Nicolas Belouin <[email protected]>
This is needed to be able to upgrade prost dependency Signed-off-by: Nicolas Belouin <[email protected]>
Signed-off-by: Nicolas Belouin <[email protected]>
Signed-off-by: Nicolas Belouin <[email protected]>
Signed-off-by: Nicolas Belouin <[email protected]>
Signed-off-by: Nicolas Belouin <[email protected]>
9483824
to
ec426f8
Compare
@kate-goldenring probably, but I'd wait for udev one to be moved before doing this. It hopefully means this override is going to be short-lived in this repository. |
/version patch |
Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Looks like |
Signed-off-by: Nicolas Belouin <[email protected]>
Signed-off-by: Nicolas Belouin <[email protected]>
What this PR does / why we need it:
This PR initial goal is to upgrade tonic and prost so we can drop the build dependency to rustfmt, thus making it easier to re-build akri in an air-gaped system.
However, to attain this goal it was necessary to do two other unrelated changes (more details about each one after):
Upgrade h2
The only really needed part for tonic and prost is removing the pin to a patched h2
0.3.3
, however for consistency I also upgraded actix (used in webhook part).This solves several RUSTSEC issues (some of them already marked as resolved for akri, but a cargo audit still complained):
net2
crate has been deprecated; usesocket2
instead #274oneshot
channel #423tokio::io::ReadHalf<T>::unsplit
is Unsound #587Upgrade to edition 2021 of rust
Prost now generates code using 2021 edition of rust, so we need to upgrade this in order to upgrade prost.
Special notes for your reviewer:
This might be a hard to read PR, I split it in several commits that should be a bit easier to parse (at least they only upgrade one thing)
If applicable:
cargo fmt
)cargo build
)cargo clippy
)cargo test
)cargo doc
)