-
Notifications
You must be signed in to change notification settings - Fork 330
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Servicing exercise for .NET Core 3 #3868
Comments
This is waiting for an Arcade SDK version that includes the changes from #3792, which are currently blocked due official build breaks. I'll keep preparing the branches and subscriptions while the issues are resolved. |
Are these the repos (flow) that are going to participate in the exercise, right? Arcade -> CoreFX -> Core-Setup -> Core-SDK |
Is there a reason to include Arcade? |
If we trigger a subscription from Arcade to a new branch in CoreFX then the changes will be propagated automatically, right? We can start it on CoreFX too but we'll need to keep updating the branch in CoreFX anyway. Correct? |
That would involve setting up a branch in Arcade that publishes to the servicing channel. For this first exercise I want to keep it contained to product repos. |
Talked offline. We don't have CI for the internal branches. We'll need to trigger the builds manually.. so starting from CoreFX may be easier. |
Subscriptions and default channels targetting the internal servicing channel have been created for
Will start running the builds as soon as the Arcade SDK with the necessary changes is available in the "tools - latest" channel. |
To work around the arcade build break, I'm going to:
|
Builds failed with:
We are attempting to use
|
successful Core-setup build: https://dev.azure.com/dnceng/internal/_build/results?buildId=341374&view=results Going to see if any packages or blobs are outside the expected private locations, and will test if core-sdk is able to restore packages from the internal feed |
Core-Setup does not use job.yml at all for their building, so the nugetAuthenticate task is not being ran, causing failures to restore from the internal azure devops feed. https://dev.azure.com/dnceng/internal/_build/results?buildId=341905&view=results
|
Summary of latest attempts:
|
New build of core-setup with the NuGetAuthenticate task: https://dev.azure.com/dnceng/internal/_build/results?buildId=342082&view=results All the Linux and OSX legs, and some windows legs (?) failed to restore some of the packages from the feed. Smells like an auth issue. Investigating. EDIT: There are a few different failure modes in that build:
This seems to be a known issue: https://docs.microsoft.com/en-us/azure/devops/pipelines/tasks/package/nuget-authenticate?view=azure-devops#i-get-a-task-was-canceled-errors-during-a-package-restore-what-should-i-do Will take a look into the alternatives posted there. |
Update:
|
Update:
|
We should make sure to update arcade dependencies on these branches before running the builds. These all seem like flakiness and reliability bugs we fixed over the last week. |
After an arcade update, the wpf-int build seems to be working well: https://dev.azure.com/dnceng/internal/_build/results?buildId=357911&view=results CoreFX is still seeing issues during toolset restore. I'm examining if the workarounds we are using to make private feed restoring more sturdy are not being applied for this job (ie, it's not going through the Arcade codepath that sets the env variables and clears the cache) |
Contacted Azure Artifacts team about the failures in CoreFX. I updated Arcade again because the branch was missing some changes, and we got a couple new failure modes when restoring: https://dev.azure.com/dnceng/internal/_build/results?buildId=359307&view=results |
Update: AspNetCore: Most of the build legs failed. Some failures are probably just due to adjustments in the way the Docker container is started:
|
AspNetCore branch doesn't have current arcade updates, so it's missing most of the workarounds. Will update the branch and kick off another build. The arcade subscriptions for the release/3.0 branches have been disabled while we had a good GA build, so it's important to always update the arcade dependencies to get any fixes for the issues we've been seeing and spot fixing in the past weeks.
(I'm updating from the latest channel as oposed to the 3.0 channel to make sure we have every fix possible available, we'll eventually port any changes that are only in Arcade master to release/3.x) |
New build of aspnetCore still has issues, but they look more in line with what I expected could fail:
|
Update:
|
There are two remaining issues for AspNetCore builds: 1 - There is a 401 error happening in a leg that execute this file. I think the problem might be that this script spawn subprocesses and said subprocesses don't have a copy of needed authentication env. variables. |
About AspNetCoreThe base branch for 'internal/internal/cesar-servicing-exercise' appears to be 'release/3.1' but the last shared commit was pushed on the 12th. Likely missing a number of important fixes since then. Suggest rebasing on latest. Then we can discuss the possible issues in the build. FYI 'release/3.1' builds have been pretty solid recently. |
Thanks Doug. I'll try that. Update: Some build legs in core-setup are failing to authenticate. Looks like Docker related stuff. @dagood |
I suspect an Arcade fix didn't go in the way I expected it to (note: that step uses Interesting thing log:
|
The build I started (https://dev.azure.com/dnceng/internal/_build/results?buildId=361711) got past the build and failed on I kicked the upgrade PR dotnet/core-setup#8272 along to get the Arcade fixes into Core-Setup (You might also want to port over the |
We haven't finished setting up the subscriptions / publishing for arcade for the 3.x branches, and the builds in that channel don't have all the needed fixes yet. |
@dagood I already started my test build and it passed the point where it was failing before: https://dnceng.visualstudio.com/internal/_build/results?buildId=361843&view=results The error now seems to be the known private AzDO feeds issues. Your build failed because of the errors fixed by these PRs, BTW: #3962 #3994 |
Updating: Core-SetupAspNet-CoreToolset |
I used a private branch from AspNetCore to try and create a minimal case for some of the failure scenarios that we are facing. I got a pretty small sample case for the Both builds tries to restore the same .csproj file. The only difference is that in one the csproj has a /cc @markwilkie @riarenas |
This this repro on a dev box @JohnTortugo ? |
It's a Dockerfile + Hosted agents. I can migrate it to one of our build pools. |
Moving this to Tracking until we get a fix/workaround for the NuGet/CredProvider issues or another plan to perform the exercise. |
Update: Starting new tests, now using the PAT approach. |
@mmitche @riarenas - what do you think of this failure in CLI: https://dev.azure.com/dnceng/internal/_build/results?buildId=384877&view=logs&j=2102e824-8139-5a77-22fe-fae16e86028f&t=a527eb89-acf0-510e-eaae-b4ed90b17127&l=56 Looks like the build tried to download the files from DotnetCLI and failed. I don't know if core-setup published the files to DotnetCLI MSRC but AFAIU that should be the right location for these blobs, given that this is an internal build. Right? |
Status update, servicing builds using PAT: Failures reason and next steps:
|
I'm triggering a new build from AspNetCore-Tooling with the base branch I'm seeing some weirdness with subscription updates. For instance, templating builds aren't creating PRs in CLI. @riarenas is helping investigate that. |
Update:
Note: Yesterday afternoon I didn't succeed getting a green build from Core-FX because: 1) I started a clean branch and missed to include the PAT fix in one of the stages; 2) later in the afternoon builds were timing out and 3) the builds take hours to finish. After I get a green build from Core-FX I'll need to get one for Core-Setup. |
The grass is looking much greener now: Notes:
|
This is great news - thanks @JohnTortugo ! Who's on point for the mixed (public/private) feed work? cc/ @mmitche |
I re-re-named the SDK build definition while we get signing approval for the new name and queued https://dev.azure.com/dnceng/internal/_build/results?buildId=400666&view=results which was green.
If you're referring to the work in core-sdk to first check for public blobs before attempting private, Cesar has a PR out for it at dotnet/installer#5310 Or are you referring to something else? |
Is the plan to make the "check public first, then private" generic so it just works for all repos? |
Let me think about it a bit. The change we did in Arcade to do that for the runtime benefits everyone, but I believe the way that repos download random blobs is not standard. (Core-SDK uses their own Maybe we can provide a set of tasks in Arcade and make sure repos use those tasks instead of anything they were previously using. I don't know if I want to mix that with this issue though, and it might overlap with any future plans to use universal packages (if they are actually ever usable by us) |
I think we have concluded the exercise here, at least using PAT tokens:
|
Closing this as the open PRs have their related issues. |
In order to test the new publishing infrastructure that relies on stages, we're performing a servicing exercise to make sure that packages and blobs are published to the correct private feeds/storage, and there isn't a risk of publishing private bits to any of the public locations.
The process for this will be:
Status for PAT-based exercise:
The text was updated successfully, but these errors were encountered: