-
Notifications
You must be signed in to change notification settings - Fork 23
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
GitHub action #42
Comments
Hi, @thomaseizinger. Admittedly, I don't know a lot about GitHub actions. Could you say a little bit more about what you are imagining? Does something analogous exist for Clippy? |
Sure! Sorry for being very brief in the initial issue!
Yes. It is pretty easy to run
I want to run - uses: trailofbits/dylint-action@v1
with:
args: -- -D warnings This would assume we would provide an action in a repository In an ideal world, https://github.com/actions-rs/install could be used to solve this in a more generic manner but development there has stalled unfortunately :( |
This sounds reasonable to me. I'll ask around to see if anyone here has the bandwidth and necessary skills to tackle this. I'll also attach As a note to myself:
I assume you are referring to this: https://github.com/actions/cache/blob/main/examples.md#rust---cargo I haven't tried it (though I probably will). Also, as an aside, we do run Dylint from within a GitHub action for a separate project: https://github.com/trailofbits/test-fuzz/blob/6a532b5f37c5b9a6737f99d437d4a183fa560f4d/.github/workflows/ci.yml#L29-L32 Personally, I find the time it requires to be tolerable. But I can see the points you've made. |
If we attach binaries to releases, we could also download them instead of building them from scratch every time, mitigating the need for caching. |
Hmm, I'm not sure that I want to take on that responsibility. Can I take it that this would solve a particular need of yours? What platform would you require a binary for? |
If we could download a binary, the GitHub action wouldn't need to cache it. I would likely run the workflows only on |
I could maybe be convinced to publish I experimented with using Here specifically is what I tried (https://github.com/trailofbits/test-fuzz/blob/2cac66d43ffe0889430927fb838c37f906fae3c4/.github/workflows/ci.yml#L12-L28): - name: Dylint versions
run: cargo search dylint | sort | tee dylint_versions
- uses: actions/cache@v2
with:
path: |
~/.cargo/bin/
~/.cargo/registry/index/
~/.cargo/registry/cache/
~/.cargo/git/db/
~/.dylint_drivers/
~/.rustup/toolchains/
target/dylint/
key: ${{ runner.os }}-dylint-${{ hashFiles('dylint_versions') }} This took a 21 minute job down to about six minutes! Note that the project where this was tested runs only one lint library, and it comes from the Dylint repository itself. If the project ran other lint libraries, their versions should be accounted for in the cache key. So, I agree with you, having a "Dylint action" would be most convenient. But, short of that, this seems to be a pretty good solution. What do you think, @thomaseizinger? |
For normal caching in Rust projects, I usually use https://github.com/Swatinem/rust-cache because it makes it effectively a one-liner which is pretty nice. I didn't actually realize that it might be worthwhile to cache the built libraries and drivers of dylint as well. Initially I was only thinking of the dylint binary itself. Do I understand correctly that dylint stores things outside of the In regards to versions, would it somehow be possible to add |
That is nice!
The drivers (essentially wrappers around the rust compiler) are stored in
This should be achievable by setting the mkdir $PWD/target/dylint_drivers
DYLINT_DRIVER_PATH=$PWD/target/dylint_drivers cargo dylint --all --workspace Admittedly, we might want a more ergonomic solution than having to set
I don't think so, or at least I can't immediately see how. The main problem is that all members of a workspace are expected to be compiled with the same compiler version. But a Dylint library is pinned to a specific compiler version, which isn't necessarily the same as that of the project its run against. I can see the benefits of what you're suggesting. Maybe there's some "trick" we could use to make it work, but I can't see it right now. |
As soon as you change your compiler version, I believe rustc compiles all of your dependencies again. From that perspective, isn't a dylint driver really just another dependency?
On my personal computer, I am setting
If
I am not sure I completely follow. When and where is this pinning happening? |
Let me answer your last question first:
Essentially, when you build the library. A library gets a name like:
The reason is that the compiler APIs that lints use are unstable and could change at any time. Dylint needs to know which version of the Rust compiler a lint library uses, as this determines the driver needed to run the library. Back to your first question:
The problem is the compiler version that a lint library uses isn't necessarily the same as what an author wants to use to build their package, e.g., for production. For example, an author might want to build their package using (stable) Occasionally, this causes problems. It can happen that an author's package can't be compiled with the compiler that a lint library uses. Fortunately, I've only bumped in to this a handful of times.
That's an interesting idea. If I'm understanding correctly, you're sharing a target directory across projects.
That might make sense for users who use a shared target directory, as you've suggested. But I don't know how common that is. Given that a workspaces's target directory appears in its root by default, I think Dylint's current behavior makes sense, as it allows drivers to be reused across different workspaces. |
Right, that makes a lot of sense. Thank you for explaining!
Yes, correct.
It does make sense. I would have probably just not gone through the effort of building that optimization into dylint itself. If people are willing to accept rebuild of the same dependencies (like Overall, this was very educational, thank you! |
No problem. It's helpful for me to talk through it now and then. :)
Is using a shared target directory common? Separately and for my own reference, I wondered whether Cargo offered a way to store the download cache in the target directory (because the download cache is shared across workspaces kind of like how Dylint drivers are). This was the only relevant piece of information I could find: https://stackoverflow.com/questions/45222791/is-it-possible-to-install-cargo-dependencies-in-the-same-directory-as-my-project And back to this topic:
I think I may have some ideas here. I am going to start playing with this once I am confident I have #54 fixed. |
I think the reason for why downloads are shared is that the source-code is always the same, regardless of the cargo/Rust version. I am not sure how common a shared target directory is but I prefer it simply for the ease of freeing up storage :) |
It would be nice to have a Github action that runs dylint without having to manually manage the installation and caching.
The text was updated successfully, but these errors were encountered: