[WIP] chore(packaging): use nix flakes for building graphql-engine reproducibly #9160
Conversation
|
Beep boop! 🤖 Hey @thenonameguy, thanks for your PR! One of my human friends will review this PR and get back to you as soon as possible. Stay awesome! 😎 |
|
|
| resource-pool = hself.hasura-resource-pool; | ||
| }))); | ||
|
|
||
| # FIXME: for remote repos we have to calculate their default.nix until they get upstreamed/maintained |
There was a problem hiding this comment.
These seem legit. I suggest moving the actual fetches into the inputs in flake.nix though, so they're pinned with flake.lock. (You can still specify the exact commit ref.)
There was a problem hiding this comment.
Yup, that's the plan. I need to do this anyway to not use IFDs.
| @@ -0,0 +1 @@ | |||
| 2.14.0-beta.2 | |||
There was a problem hiding this comment.
Please don't check this in. For some reason, this is missing from the .gitignore file; I am remedying this.
For local development, you can write "12345" to this file.
There was a problem hiding this comment.
- Flake builds can only use files that are tracked in version control (as the build depends on this not-deterministic file)
- I thought the version was used to fetch the CDN FE assets for the Console, is this not correct?
There was a problem hiding this comment.
Apologies, I thought I'd replied to your comments.
I suggest adding a preConfigure step that writes the file with the contents of the package version then.
| @@ -0,0 +1,112 @@ | |||
| { mkDerivation, aeson, aeson-casing, aeson-ordered, aeson-pretty | |||
There was a problem hiding this comment.
Any reason not to use callCabal2nix for these?
If it's just for the version, you can override that later. I think this will work:
(callCabal2nix "graphql-engine" ./server {}).overrideAttrs(oldAttrs: {
version = builtins.readFile ./server/CURRENT_VERSION;
})There was a problem hiding this comment.
callCabal2nix is an anti-pattern in the flake/nixpkgs world, as it creates evaluations at runtime.
The computation of these files, while being more convenient, are done at eval time.
https://github.com/input-output-hk/haskell.nix uses this approach extensively, I tried using that on a different branch in the past days and the IFD-less version of this branch is way more snappier to eval/build with.
IMO for now it's worth to do this outside of Nix evalution, maybe automate it with a Makefile/CI script.
There was a problem hiding this comment.
There was a problem hiding this comment.
Very helpful, thank you!
We'd need to add some CI to make sure this stays in sync with however it's generated, as well as include instructions on how to redo it.
There was a problem hiding this comment.
We'd need to add some CI to make sure this stays in sync with however it's generated, as well as include instructions on how to redo it.
You can include a pre-commit hook that runs cabal2nix.
Note that devs don't have to install the hooks themselves, but only have to run pre-commit run after staging the changes. Else, nix flake check should be expected to fail.
| @@ -158,7 +158,8 @@ flag ghci-load-test-with-lib | |||
| common common-all | |||
| ghc-options: | |||
| -foptimal-applicative-do | |||
| -Wall -Wcompat -Wincomplete-record-updates -Wincomplete-uni-patterns -Wredundant-constraints | |||
| -Wall -Wcompat -Wincomplete-record-updates -Wincomplete-uni-patterns | |||
| -- -Wredundant-constraints | |||
There was a problem hiding this comment.
Why did you have to remove this? Did you get extra warnings?
There was a problem hiding this comment.
Yes, got a lot of compilation errors for redundant-constrains and typed holes, which I found strange. Temporary fix to get a build.
| @@ -293,6 +294,7 @@ common lib-depends | |||
| , some | |||
| , split | |||
| , template-haskell | |||
| , ghc-heap-view | |||
There was a problem hiding this comment.
I assume this change is just for testing.
There was a problem hiding this comment.
your CPP module was essentially upstreamed into the latest ghc-heap-view version. The surrounding code failed to compile until these changes were made. Of course the runtime dependency for this should be made optional, but Nix did not seem to find it using the conditional profiling include.
There was a problem hiding this comment.
@jberryman: Do you think we can upgrade ghc-heap-view to take advantage of this?
Thanks! Currently:
For my personal purposes getting the |
|
We saw those same linking issues trying to build Ormolu with Nix, which was fixed by disabling the Template Haskell. My guess is that it's similar here; the Template Haskell is causing serious problems somewhere. I'm not sure what to do about it, unfortunately. It definitely feels like an upstream bug, but I don't even know where. Is it with the version of What do you propose we do about it? |
|
This would be so nice to have, I'd like to support Hasura in devenv.sh: cachix/devenv#308 |
|
@domenkozar, I take it your main motivation is Linux support, not macOS? If we were to reorient this PR to just care about Linux, it might be easier to get it in. |
|
Linux and macOS, I'm happy to help here if I can understand what are the blockers. |
|
The main macOS blocker is that We would also need to clean this PR up a bit, but it's mostly small things; @thenonameguy has done a wonderful job. |
|
Cheers, FYI at my company have been using this branch + Cachix binary cache for our local Hasura development ever since without hiccups. I propose you take over the necessary bits and pieces over to a new branch as I do not have the time for foreseeable future to improve this further. Super stoked to see this initiative going forward! |
|
Thanks @thenonameguy, glad it's working well at your end. We'll do our best to incorporate it. |
|
I picked up where @thenonameguy left off, transformed my fork into a monstrosity of patches that I don't really want anyone to see, and eventually managed to build on https://github.com/john-rodewald/graphql-engine/tree/master-nix |
| aeson base graphql-parser hashable hspec text unordered-containers | ||
| vector | ||
| ]; | ||
| homepage = "https://github.com/hasura/github-engine#readme"; |
There was a problem hiding this comment.
s/github-engine/graphql-engine/ ?
|
@john-rodewald FYI, |
It looks like that problem may have been fixed since then. |
@SamirTalwar I saw your work on adding the scaffolding for the development environment and decided to add Nix for building aarch64-darwin binaries out of graphql-engine. This project is a WIP branch that does everything without much regard to existing practices/best conventions to do a POC for Nix + Hasura => M1 native gql-engine.
Description
Changelog
Component : build
Type: enhancement
Product: community-edition
Short Changelog
Allow building reproducibly graphql-engine via Nix
Long Changelog
Related Issues
Solution and Design
Steps to test and verify
Limitations, known bugs & workarounds
Server checklist
Catalog upgrade
Does this PR change Hasura Catalog version?
Metadata
Does this PR add a new Metadata feature?
run_sqlauto manages the new metadata through schema diffing?run_sqlauto manages the definitions of metadata on renaming?export_metadata/replace_metadatasupports the new metadata added?GraphQL
Breaking changes
No Breaking changes
There are breaking changes:
Metadata API
Existing
querytypes:argspayload which is not backward compatibleJSONschemaGraphQL API
Schema Generation:
NamedTypeSchema Resolve:-
nullvalue for any input fieldsLogging
JSONschema has changedtypenames have changed