Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Cargo.lock for deterministic builds #795

Merged
merged 3 commits into from
Jan 18, 2023
Merged

Add Cargo.lock for deterministic builds #795

merged 3 commits into from
Jan 18, 2023

Conversation

lexnv
Copy link
Collaborator

@lexnv lexnv commented Jan 18, 2023

This PR adds a Cargo.lock file to the repository to ensure we have a deterministic build.

While at it, add an extra step in our releasing process to ensure we are always releasing with an up-to-date lock file.

The lock file has been generated with cagro clean && cargo build --release and double checked with cargo generate-lockfile

@lexnv
Remove Cargo.lock from gitignore
55a1c3e 
Signed-off-by: Alexandru Vasile <alexandru.vasile@parity.io>
@lexnv
cargo: Add Cargo.lock
6247093 
Signed-off-by: Alexandru Vasile <alexandru.vasile@parity.io>
@lexnv
Update the releasing process
70f00c1 
Signed-off-by: Alexandru Vasile <alexandru.vasile@parity.io>
jsdw
jsdw approved these changes Jan 18, 2023
View reviewed changes
Copy link
Collaborator

@jsdw jsdw left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice!

@jsdw jsdw mentioned this pull request Jan 18, 2023
Closed
niklasad1
niklasad1 reviewed Jan 18, 2023
View reviewed changes
RELEASING.md
5. Ensure the `Cargo.lock` file is up to date.

```
cargo generate-lockfile
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This command will create the Cargo.lock lockfile for the current package or workspace. If the lockfile already exists, it will be rebuilt with the latest available version of every package.

should we really bump all dependencies to the latest on each release?
I guess our tests are sufficient but I'm a little bit scared bumping all.

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

bump to latest compatible with substrate.

Copy link
Collaborator

@jsdw jsdw Jan 18, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

should we really bump all dependencies to the latest on each release?
I guess our tests are sufficient but I'm a little bit scared bumping all.

Ah I didn't realise that also bumped dependencies. I guess I'm not too worried overall since it'll just be thel ate3st that our toml files are asking for anyway, which is what a fresh install of everything would bring in?

bump to latest compatible with substrate.

Pardon? The substrate deps won't be bumepd by this thing

@jsdw jsdw merged commit c0198ac into master Jan 18, 2023
@jsdw jsdw deleted the lexnv/cargo_lock branch January 18, 2023 16:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dzmitry-lahoda dzmitry-lahoda dzmitry-lahoda left review comments

@jsdw jsdw jsdw approved these changes

@niklasad1 niklasad1 niklasad1 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@lexnv @dzmitry-lahoda @jsdw @niklasad1