add workspace environment support #20900
Conversation
| # TODO: This is necessary for tests of `adhoc_tool` and `shell_command` with | ||
| # workspace execution to pass repeatedly in local Pants development. | ||
| # We need a viable solution instead of this hack. | ||
| cache_scope=ProcessCacheScope.PER_SESSION, |
There was a problem hiding this comment.
@benjyw: Any ideas on how to fix the test caching issue in the Pants repository and avoid this hack?
|
|
tdyas
force-pushed
the
shell_workspace_support_2
branch
2 times, most recently
from
40dd9d4
to
2808018
Compare
tdyas
force-pushed
the
shell_workspace_support_2
branch
3 times, most recently
from
66e9416
to
3387cae
Compare
| @@ -253,6 +254,33 @@ class AdhocToolOutputRootDirField(StringField): | |||
| ) | |||
|
|
|||
|
|
|||
| class AdhocToolCacheScopeField(StringField): | |||
There was a problem hiding this comment.
Introduction of cache scope to adhoc_tool and shell_command target types should be moved to a separate PR if we decide to keep it. It was necessary to provide a way for tests to set cache_scope to ProcessCacheScope.PER_SESSION in order to avoid cached results from prior tests runs from being used for a current test run.
This points to a more fundamental problem: Will workspace executions which modify the workspace be inherently a problem if the user is looking for them to always execute?
There was a problem hiding this comment.
Maybe dumb question, but why isn't the caching strategy determined by the environment? I.e., local is cacheable and workspace is not? Do we need this extra degree of freedom?
There was a problem hiding this comment.
If a user does have a reproducible process invoked in the workspace environment (e.g., Bazel), shouldn't Pants cache the output then?
There was a problem hiding this comment.
There is two sort of issues here:
- Should processes invoked in workspace environments be cacheable? My thought is yes they should (for example, Bazel invocations). (Invalidations may occur as a result of the metadata-based invalidation to come from PoC for metadata-based invalidation #20914.)
- The tests of the workspace environment fail when they invoke a non-idempotent process which writes a file into the workspace and which the test checks for to ensure execution actually happened in the workspace). Running that non-idempotent test multipe times fails unless the cache scope is "per session." Maybe this is a code smell in the test? Is there another way that the tests can set cache scope without exposing that ability in public API?
There was a problem hiding this comment.
What key would we cache against though?
I can see not rerunning the process if the invalidation globs haven't changed from the last time we ran the process, but that is not the same as caching. In other words, of we run the process in state A, then as long as we remain in state A we don't rerun it. Then we switch to state B, so obviously we must rerun the process (and we do because the file mtimes have changed). Then we switch back to state A. Normally we'd retrieve the result from cache, but for workspace environments I think we have to rerun the process, no? All we know is that mtimes have changed, we don't fingerprint anything, so there's nothing to compute a cache key out of.
Or am I fundamentally misunderstanding the proposition here?
There was a problem hiding this comment.
This PR does not introduce the metadata-based cache key. Thus, you may want to review #20914 which does introduce the cache key: namely a hash of the "full stats" of the files on which the targets are depending via a invalidation_globs field. This is injected into the applicable Process as an environment variable.
tdyas
force-pushed
the
shell_workspace_support_2
branch
2 times, most recently
from
d5286e8
to
350d7cf
Compare
| @@ -253,6 +254,33 @@ class AdhocToolOutputRootDirField(StringField): | |||
| ) | |||
|
|
|||
|
|
|||
| class AdhocToolCacheScopeField(StringField): | |||
There was a problem hiding this comment.
Maybe dumb question, but why isn't the caching strategy determined by the environment? I.e., local is cacheable and workspace is not? Do we need this extra degree of freedom?
tdyas
force-pushed
the
shell_workspace_support_2
branch
4 times, most recently
from
1dfd950
to
ef67eea
Compare
| def default_cache_scope(self) -> ProcessCacheScope: | ||
| if self.val and self.val.has_field(LocalWorkspaceCompatiblePlatformsField): | ||
| return ProcessCacheScope.PER_SESSION | ||
| else: | ||
| return ProcessCacheScope.SUCCESSFUL |
There was a problem hiding this comment.
Added this method as a way for an environment to specify what the default cache scope is.
@benjyw: Is this what you were thinking with your suggestion?
If so, this maybe should be pulled out and all applicable use sites updated.
tdyas
force-pushed
the
shell_workspace_support_2
branch
from
ef67eea
to
5e66cd1
Compare
|
|
||
| The primary motivation for this feature is to better support integration with third-party build orchestration tools (for example, Bazel) which may not operate properly when not invoked in the repository (including in some cases incurring signifcant performance penalties). | ||
|
|
||
| There is a significant trade-off though which makes this feature inherently **UNSAFE**: Pants cannot reasonbly guarantee that build processes are reproducible if they run in the workspace environment. Thus, Pants puts that burden on you, the Pants user, to guarantee that any process executed in the workspace environment is reproducible based solely on inputs in the repository. If a process is not reproducible, then unknown side effects may occur. |
There was a problem hiding this comment.
Some questions about side-effects/process executions and "UNSAFE" call out:
- Before this PR, one can run non-reproducible code within a sandbox (like
shell_command(command="date", ...)that depends on the time, or something that reads mutable data from the internet) and this might not behave like someone expects. From a Pants perspective, are the side-effects from this approach similar or worse than that? (Obviously the process itself could do things arbitrarily bad too, but that's not the focus.) - Is there risk of problems due to processes being killed or cancelled in unexpected ways? If so, is it worth calling that out?
Add support for a "workspace environment" which is similar to a local environment except that execution happens in the repository itself (i.e., the "workspace") and not in an execution sandbox. This implements the user-visible experience of Design B from the "In-Workspace Process Execution" design document.
This PR builds on top of the Rust support for in-workspace execution contained in #20772.
Users will use the new
workspace_environmenttarget type to configure workspace execution support.The pants-workspace-exec-testing repository contains an example of how to use this support to allow Pants to invoke Bazel in the workspace.