[Reproducible rosetta build] Adds support for building rosetta with local patches and an already generated patch dir #354
Conversation
Co-authored-by: Terry Kong <[email protected]>
|
Manual CI run:
|
|
Converting to draft in light of #371 . Will rebase this on top of that branch and add this feature |
generated patch dir
terrykong
force-pushed
the
rosetta-reproducible-patches
branch
from
8f380cd
to
4a3bd4a
Compare
|
Testing using the mealkit images from the CI to trigger rosetta CI:
|
| @@ -95,6 +95,15 @@ jobs: | |||
| build-args: | | |||
| BASE_IMAGE=${{ steps.defaults.outputs.BASE_IMAGE }} | |||
|
|
|||
| - name: Extract patches | |||
| run: rosetta/scripts/extract-patches.sh ${{ steps.meta.outputs.tags }} | |||
There was a problem hiding this comment.
Could we specify the name of the output patch file via an argument? Currently, we can only infer it from the artifact upload step below.
There was a problem hiding this comment.
This line pulls all of the patches, not just one. The dir copied out is pulled from a predetermined path /opt/rosetta/patches. I don't foresee any reason to configure this
| # TODO: ARM | ||
| publish-build-badge: | ||
| needs: [metadata, amd64, arm64] | ||
| uses: ./.github/workflows/_publish_badge.yaml |
There was a problem hiding this comment.
Note that _publish_badge.yaml will be deprecated soon in favor of the sitrep system.
| @@ -100,6 +95,29 @@ jobs: | |||
| BASE_IMAGE: ${{ needs.metadata.outputs.BASE_IMAGE_ARM64 }} | |||
| secrets: inherit | |||
|
|
|||
| publish-build-badge: | |||
| needs: [metadata, amd64, arm64] | |||
| uses: ./.github/workflows/_publish_badge.yaml | |||
There was a problem hiding this comment.
Note that _publish_badge.yaml will be deprecated soon.
| @@ -123,49 +150,45 @@ jobs: | |||
| ${{ needs.arm64.outputs.DOCKER_TAG_FINAL }} | |||
| TARGET_IMAGE: pax | |||
| TARGET_TAGS: | | |||
| type=raw,value=latest,priority=1000 | |||
| type=raw,value=nightly-${{ needs.metadata.outputs.BUILD_DATE }},priority=900 | |||
| ${{ needs.test-amd64.outputs.TEST_STATUS == 'success' && 'type=raw,value=latest,priority=1000' || '' }} | |||
There was a problem hiding this comment.
I'd recommend to put this logic in a 'metadata' job/jobstep, and then reference the job/jobstep output for better readability.
There was a problem hiding this comment.
This depends on test results. metadata is an ancestor of the test step.
| needs: [metadata, amd64, arm64, test-pax] | ||
| # TODO: ARM Tests | ||
| publish-test-badge: | ||
| needs: [metadata, publish-build-badge, test-amd64] | ||
| uses: ./.github/workflows/_publish_badge.yaml |
There was a problem hiding this comment.
Note that `_publish_badge.yaml`` will be deprecated soon.
There was a problem hiding this comment.
Would it be okay to tackle this in a subsequent PR? My thinking is we can get the reproducible build/ci changes out and then circle back to sitrep. I expect the reproducible PRs to all be flushed out within a week or two :)
| ${{ needs.arm64.outputs.DOCKER_TAG_FINAL }} | ||
| TARGET_IMAGE: t5x | ||
| TARGET_TAGS: | | ||
| ${{ ( needs.test-t5x-amd64.outputs.TEST_STATUS == 'success' && needs.test-vit-amd64.outputs.TEST_STATUS == 'success' && needs.test-unit-amd64.outputs.TEST_STATUS == 'success' ) && 'type=raw,value=latest,priority=1000' || '' }} |
There was a problem hiding this comment.
Same comment regarding the placement of the logic in a separate job/jobstep.
| #!/bin/bash | ||
|
|
||
| SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) | ||
| cd $SCRIPT_DIR |
There was a problem hiding this comment.
Maybe let's not jump into this folder, but use pushd-popd instead?
pushd $SCRIPT_DIR
<the rest code>
popd
There was a problem hiding this comment.
pushd/popd isn't needed here b/c I only enter one directory and this is in a subshell so the calling parent shell doesn't change dirs
|
@DwarKapex @yhtang |
flowchart TD B -->|./extract-patches.sh| PG1["./patches/patchlist.txt.gen"] & PG2["./patches/*.patches"] PO[patchlist.txt] -->|copy| PI subgraph main build direction LR PI[patchlist.txt]-->|--build-arg|B[docker buildx] PG1 PG2 end PG1 --> |copy|PG11["./patches/patchlist.txt.gen"] PG2 --> |copy|PG22["./patches/*.patches"] PG11 --> |copy| PG111 PG22 --> |copy| PG222 subgraph reproducible build direction LR PG111["./patches/patchlist.txt.gen"] --> |--build-arg| B2 PG222["./patches/*.patches"] --> |copy| B2 B2[docker buildx] endThis introduces these new mechanisms to the rosetta build:
The above is a high level flow of how the build can be reproduced after this PR. We can now build an image from an existing image or existing patchlists by doing:
and this should yield an identical distribution.
To create local patches, this change updates
git cherry-pickcalls togit format-patch+git amto preserve metadata in patch files.note: This will not guarantee that the pip packages will be reproducible as that will need to be handled by a different PR.