-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Autopublishing to crates.io is broken #15038
Comments
Cargo ignores dev dependencies from the workspace because generally, they don't have a version and only have a path. This is how they used to look. But with moving to workspace dependencies, the dev dependencies started to get versions too, and Cargo errors on them. One way we can fix this is to make sure we also account for dev dependencies when building the DAG, but:
Or delete the dev dependencies as you mentioned. Honestly, Cargo should be ignoring them during publishing, but until then I don't mind adding a workaround. |
cargo allows having circular dev dependencies unfortunately (you can even just point a dev dependency on the package itself ...) |
We're making it slightly further now.
It looks like @matklad is the only owner of |
List of packages that probably need ownership fixes:
|
right, |
Fixed owners for intern and macro-cli. Agree that others shouldn’t exist |
For the three other crates (
My concern with option 3 would be that automatic publishes may break frequently when APIs are added/changed in these library crates if they don't get published before the autopublish workflow runs. It would also mean that the rust-analyzer release binaries would frequently be using different versions of these crates than what's available on crates.io. |
I think 4 is the right approach of managing dependencies.
We don't really need to do that though. |
We should not do timed releases for those I think, they shouldn't change too often. I think we should go for an automated publish if the version in the cargo toml has been adjusted. (Effectively allowing PRs to publish the crate which means its still manual but with less churn). The main question is how we can make sure that the r-a crates don't depend on local only changes as those might slip through reviews unnoticed which will result in publish failure as you've mentioned. So in a sense I'd like a mix between 3 and 4 |
Yup, "publish upon merge into master if version in Cargo.toml is different" is the way to go.
We should only depend on crates.io versions of the crates anywhere. That means that changing these crates requires a chain of two PRs, but that's Ok; that's exactly the workflow one would use if these crates were in a separate repo. To make this easier, we should pull all crates to top-level Cargo.toml, and use only |
I'd also prefer the publishing for https://github.com/matklad/once_cell/blob/master/xtask/src/main.rs#L80-L100 Not sure if we should keep "does the tag exist" logic, or forgo tags and just check if the crate exists on crates.io, either works fine for me. |
But isn't that guarantee defined by the version bump in PRs? Then cargo-workspaces can do just publishing with |
To provide guarantees that the stuff works we need:
CI and builds are notoriously fiddly, anything we want to guarantee to work shouldn’t use any external dependencies. |
Looks like I missed a couple of crates when I was checking crates.io ownership. Besides |
Hm, I think I’ve send an invite for that as well, and I also don’t see a new owner for the intern crate, although invite for that went out a week ago: https://crates.io/crates/ra_ap_intern perhaps rust-lang-owner doesn’t pick invites? |
Failed because of a hyphens/underscores mismatch in https://github.com/rust-lang/rust-analyzer/actions/runs/5432810012/jobs/9880094469. |
As far as I can tell, the |
It looks like it's due to this commit to cargo-workspaces. It now won't remove dev dependencies when publishing unless at least one of the dev-dependencies is a package that we're going to publish - at least that's my understanding. In this case |
The correct way to fix this would be to remove |
Finally worked in https://github.com/rust-lang/rust-analyzer/actions/runs/5437937695. |
Woohoo! Thanks for your patience and help everyone :) |
As a dependent of |
Looks like the relevant line is:
It then subsequently failed while trying to publish The timeout warnings looks to have come from cargo, which has a 60 second timeout. What I don't understand, is why |
Your evaulation is correct. Could this be an issue with sparse registry or other index changes with cargo? |
Worked after a small fix and a retry: https://github.com/rust-lang/rust-analyzer/actions/runs/5507544712. |
Autopublishing has been broken since January. There were a few causes for this that have been fixed and at least one more to go. I probably should have raised an issue for this when I started looking into it, but better late than never. Some previous discussions on #14827 and pksunkara/cargo-workspaces#92
The remaining (known) issue causes publishing to fail with:
i.e. it's trying to publish
ra_ap_cfg
, but can't becausera_ap_mbe
hasn't been published yet.ra_ap_cfg
has only a dev-dependency onra_ap_mbe
. We probably should just have the autopublish workflow remove all dev dependencies before it publishes. I'm currently looking for an existing tool to do that. If there isn't one, then perhaps we can add something tocargo-workspaces
. @pksunkara, do you have any thoughts as to whether something like that might belong in cargo-workspaces?The text was updated successfully, but these errors were encountered: