Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

build(deps): Bump github.com/cometbft/cometbft-db from 0.7.0 to 0.8.0 #777

Closed
wants to merge 2 commits into from
Closed

build(deps): Bump github.com/cometbft/cometbft-db from 0.7.0 to 0.8.0 #777

wants to merge 2 commits into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github May 1, 2023
edited
Loading

Bumps github.com/cometbft/cometbft-db from 0.7.0 to 0.8.0.

Release notes

Sourced from github.com/cometbft/cometbft-db's releases.

v0.8.0

📖 CHANGELOG

Changelog

Sourced from github.com/cometbft/cometbft-db's changelog.

v0.8.0

Apr 26, 2023

This release bumps the supported version of RocksDB, which requires cometbft-db RocksDB users to update their builds (and hence requires a "major" release, but does not introduce any other breaking changes). Special thanks to @​yihuang for this update!

While the minimum supported version of the Go compiler was bumped to 1.19, no 1.19-specific code changes were introduced and this should, therefore, still be able to be compiled with earlier versions of Go. It is, however, recommended to upgrade to the latest version(s) of Go ASAP.

COMPILER

  • Bump minimum Go version to 1.19 (#40)

DEPENDENCIES

  • Update to the latest version of golang.org/x/net (#40)
  • Switch rocksdb binding from gorocksdb to grocksdb, bump librocksdb dependency to v7.10.2 (#42)
Commits
  • 1b1d8ed Release v0.8.0 (#55)
  • cea6dcf build(deps): bump actions/stale from 7 to 8 (#52)
  • 3a99e92 use grocksdb to support latest version of rocksdb (#42)
  • 317cc9f Create SECURITY.md (#53)
  • 7de880c build(deps): bump docker/setup-buildx-action from 2.4.1 to 2.5.0 (#47)
  • 056a2af ci: Build Docker image during test (#50)
  • a9928b2 build(deps): bump actions/setup-go from 3 to 4 (#48)
  • 816127f Set up CodeQL
  • 0584510 lint tests (#39)
  • caecaa2 build(deps): bump github.com/stretchr/testify from 1.8.1 to 1.8.2 (#41)
  • Additional commits viewable in compare view

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
> **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot bot requested a review from a team as a code owner May 1, 2023 05:11
@dependabot dependabot bot added automerge dependencies Dependency updates labels May 1, 2023
@dependabot dependabot bot force-pushed the dependabot/go_modules/main/github.com/cometbft/cometbft-db-0.8.0 branch 3 times, most recently from 5aef462 to 7f7e385 Compare May 1, 2023 13:40
@thanethomson
Copy link
Contributor

thanethomson commented May 1, 2023
edited
Loading

The reason for this failure, afaict, is that the golang:1.20 Docker base image (see https://hub.docker.com/_/golang) used for our E2E tests is based on Debian Bullseye, and the version of librocksdb-dev that comes with Bullseye is currently only v6 (see https://packages.debian.org/bullseye/librocksdb-dev), whereas now cometbft-db v0.8.0 requires v7 (only available in the "testing" version of Debian, not yet in stable).

This isn't an urgent update, and users can choose to override the dependency, so we can always punt this update to a later stage when Debian Bookworm's released. Alternatively, in the meantime we could either:

  1. Manually build the rocksdb libraries in the E2E image from source, but this will slow down those E2E node image builds substantially for every new pull request to main.
  2. Create and upload a new base image for our E2E app based on golang:1.20 where we manually build the rocksdb libraries from source as in (1), and then use this base image for our E2E node instead of using golang:1.20 directly. This image would need to be tied to the branch on which it's used, e.g. cometbft/e2e-base:main for the main branch, or cometbft/e2e-base:v0.39.x once we cut a v0.39.x backport branch.

Punting is, of course, the easiest short-term option. Option (2) is the best, most sustainable option (especially since it allows us more control over our E2E node's dependencies), but it's also the most expensive in terms of time/effort.

@thanethomson thanethomson added the wip Work in progress label May 1, 2023
@lasarojc
Copy link
Contributor

lasarojc commented May 1, 2023

What about using the bookworm version in the meantime?
It may not be ready for production, but should be fine for our e2e tests.

@thanethomson
Copy link
Contributor

What about using the bookworm version in the meantime?

If you look at the list of official Go images here, you'll see there are none that're based on Bookworm yet. So we'd have to build our own custom base image anyways.

@lasarojc
Copy link
Contributor

lasarojc commented May 2, 2023

Thanks, @thanethomson
Agree with you that 2 is better but will cost us more time. Maybe we can amortize its cost by also using it for protobuf generation.

@andynog
Copy link
Contributor

andynog commented May 3, 2023

Look like Bookworm will be released in first quarter of June , There's a Docker image already for Bookworm , even if it's not official, could we use it for E2E tests ? Or for option #2, are we able to come up with a solution in less than a month ? If so, may be a good route, otherwise just wait it to be released (but a month might be too long)

@dependabot dependabot bot force-pushed the dependabot/go_modules/main/github.com/cometbft/cometbft-db-0.8.0 branch 8 times, most recently from e56ffde to ca5680d Compare May 12, 2023 11:36
@dependabot dependabot bot force-pushed the dependabot/go_modules/main/github.com/cometbft/cometbft-db-0.8.0 branch 4 times, most recently from 5818929 to 3f7c609 Compare May 15, 2023 14:22
@dependabot dependabot bot force-pushed the dependabot/go_modules/main/github.com/cometbft/cometbft-db-0.8.0 branch 3 times, most recently from 9856ee8 to 9c8dbcf Compare May 29, 2023 12:34
lasarojc
lasarojc previously approved these changes May 29, 2023
View reviewed changes
@lasarojc lasarojc dismissed their stale review May 29, 2023 13:00

we need to wait for the new docker image.

@dependabot dependabot bot force-pushed the dependabot/go_modules/main/github.com/cometbft/cometbft-db-0.8.0 branch from 9c8dbcf to 098796c Compare May 29, 2023 18:49
@dependabot dependabot bot force-pushed the dependabot/go_modules/main/github.com/cometbft/cometbft-db-0.8.0 branch from 098796c to 5801fc0 Compare May 30, 2023 12:49
@thanethomson
Copy link
Contributor

@dependabot rebase

@dependabot dependabot bot force-pushed the dependabot/go_modules/main/github.com/cometbft/cometbft-db-0.8.0 branch from 5801fc0 to fa20c46 Compare June 13, 2023 14:43
@lasarojc
Copy link
Contributor

@dependabot rebase

@dependabot dependabot bot force-pushed the dependabot/go_modules/main/github.com/cometbft/cometbft-db-0.8.0 branch from fa20c46 to 7bce1b3 Compare June 15, 2023 10:45
@thanethomson
Copy link
Contributor

thanethomson commented Jun 15, 2023
edited
Loading

Attempting to build this with the golang:1.20-bookworm image still results in build failure. The only way I can get the build to work is if I add instructions to the E2E Dockerfile to build RocksDB from scratch, explicitly building support for RocksDB v7.10.2, as per https://github.com/cometbft/cometbft-db/blob/6473b40574da7d6273c6e916926e2a2bff1808a7/tools/Dockerfile#L35-L44

My only intuition here is that, looking at the grocksdb releases, you have to use the libraries for RocksDB v7.10.2, which aren't actually included in Debian Bookworm (Bookworm only offers v7.8.3).

One option here is to base our E2E image on main on the cometbft-db-testing image, which has cleveldb and RocksDB manually pre-built. We would, however, probably need to bump the base Go version of the cometbft-db-testing image to 1.20.

Manually building RocksDB into our E2E image isn't an option here because it takes a very long time to build.

@thanethomson thanethomson mentioned this pull request Jun 15, 2023
Merged
@lasarojc
Copy link
Contributor

@dependabot rebase

@dependabot
build(deps): Bump github.com/cometbft/cometbft-db from 0.7.0 to 0.8.0
16f2500 
Bumps [github.com/cometbft/cometbft-db](https://github.com/cometbft/cometbft-db) from 0.7.0 to 0.8.0.
- [Release notes](https://github.com/cometbft/cometbft-db/releases)
- [Changelog](https://github.com/cometbft/cometbft-db/blob/main/CHANGELOG.md)
- [Commits](cometbft/cometbft-db@v0.7.0...v0.8.0)

---
updated-dependencies:
- dependency-name: github.com/cometbft/cometbft-db
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/go_modules/main/github.com/cometbft/cometbft-db-0.8.0 branch from 7bce1b3 to 16f2500 Compare June 16, 2023 10:39
@lasarojc lasarojc requested a review from a team as a code owner October 31, 2023 13:03
@thanethomson thanethomson marked this pull request as draft November 28, 2023 14:38
This was referenced Dec 1, 2023
Merged
Merged
@thanethomson
Copy link
Contributor

Superseded by #1725.

@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Dec 1, 2023

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@dependabot dependabot bot deleted the dependabot/go_modules/main/github.com/cometbft/cometbft-db-0.8.0 branch December 1, 2023 18:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lasarojc lasarojc lasarojc left review comments

Assignees
No one assigned
Labels
automerge dependencies Dependency updates wip Work in progress
Projects
No open projects
CometBFT 2023
Status: Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@thanethomson @lasarojc @andynog