-
Notifications
You must be signed in to change notification settings - Fork 4.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
TreeArtifacts output directories aren't created with remote execution enabled #6393
Comments
Wait, why? We've always had the opposite expectation, the action itself should create the output directory, just like it should create the output files. This is what the current tests test for, too. |
That isn't how the local, forge, or sandbox (post-9b8b79002dc9e62bc3fa56525dc4b01c3c2fe805) strategies handle this case. My model is that the outputs are the contents of the directory. What is the advantage of requiring the action to create the directory? The issue that prompted the original bug was that earlier versions of javac write output to a directory, but expect the directory to be pre-existing. We could work around that by creating a wrapper script for javac that creates the directory, but it seems strictly better to just guarantee the directory exists. |
also @lberki who said the behaviour [of not creating the directories] was 'surprising' in cl/214229700 |
If we want remote execution to create the output directories before running the action, this must be explicitly specified in the remote execution API -- which it isn't, and I don't think it would be a good idea. Not only no existing servers support it, but why would they? This means no distinction between an empty output directory and a non-existing output directory. Why would we want to add this limitation? I mean, you can open a PR on the remote-apis repository for the discussion, but it won't be a short process (I foresee a lot of people to convince). Currently, this sounds like a bug -- Bazel has an action that doesn't properly produce it's outputs when executed remotely. The wrapper idea sounds like the proper fix to me. |
The alternative is to "fix" all of the other spawn strategies to stop creating the output directories, is that the proposal? It feels like a regression to me, but it's probably better than the inconsistency.
In what sense is it a limitation? If an action declares an output directory and doesn't create it, currently it succeeds under remote execution and just doesn't produce output corresponding to that directory. If instead an empty directory was created and the action didn't write any output to that directory, wouldn't that have effectively the same result?
I mean, we could also have a wrapper that takes tarballs as input and unzips them, runs the tool, and then packages the outputs back up into another tarball. One of the benefits of |
Currently, those actions produce different ActionResults by the remote server. In the first case, the output directory would not be returned at all. In the second case, an empty output directory would be returned. These are different behaviors. You propose to eliminate the distinction forever, by spec. It would also be inconsistent with other outputs -- why should an action always be specified to create all its output directories, but not its output files? Just as there is a difference between an empty output file and a missing output file, there should be a difference between an empty output directory and a missing output directory, imo.
I see a few solutions:
I agree 2 is better than 1, although we could also start with 1 and move to 2. I'm not sure what would be required for 3 -- perhaps it's not feasible at all, because rule developers rely on the existing Bazel expectation? |
The language in
It'd be possible to rely on either behaviour, but naively it seems more likely for tools to assume the directory exists than to require that is doesn't exist. (Some tools might assert that it's non-empty, but that's not a problem.) |
We thought this is not ambiguous because what we actually return in the ActionResult is a digest of the Tree message, which encodes the entire directory structure -- there is no way to confuse it with just a list of files (and there's no way to not return the directory itself). But yes, you're right that we should phrase this better -- I think I'll just remove the word "contents" altogether for extra clarity. |
We had a similar discussion internally a few months ago, asking the question about intermediate directory nodes, and concluded that there wasn't a clear best path forward. :) I'll note two things:
I'm inclined to say that at the API layer, we should NOT create output directories. That leaves the semantics clear, unambiguous, and simple. Bazel can then either use a wrapper to create the directories, or precreate them and declare them as inputs. (Do we support empty directories as inputs yet?) |
Before we go down the road of requiring a wrapper for all actions (which seems ugly/clunky enough to force that an API change is potentially better): can bazel specify the desired directory in the input tree? I seem to recall that when we first discussed this we thought that bazel could/should specify the directories it wants pre-created as part of the inputs, in which case it can directly apply the "directories should be pre-created" logic itself fairly easily. Assuming that's correct, I still prefer not creating directories, but ensuring the caller has the necessary tools to request them be created as desired. |
Can someone clarify how Bazel handles this locally? Are the output directories created as part of the spawn, or before the spawn actually executes? |
We do support empty directories as inputs in the API (although not yet in
RBE, IIRC, but that's something we need to fix regardless).
That's a really good idea for a workaround! A patch in the remote runner
only that will add all output directories to the input list as empty
directories, ensuring they are created before action is executed. It is
simpler than (1) above (although still kinda hacky).
One problem is that I'm not sure the RBE side fix can be quick.
…On Wed, Oct 17, 2018 at 10:48 AM Eric Burnett ***@***.***> wrote:
Before we go down the road of requiring a wrapper for all actions (which
seems ugly/clunky enough to force that an API change is potentially
better): can bazel specify the desired directory in the *input* tree? I
seem to recall that when we first discussed this we thought that bazel
could/should specify the directories it wants pre-created as part of the
inputs, in which case it can directly apply the "directories should be
pre-created" logic itself fairly easily.
Assuming that's correct, I still prefer not creating directories, but
ensuring the caller has the necessary tools to *request* them be created
as desired.
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#6393 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AYoKuFoDNRKtMHE_xCqYhiRPMjer9MFYks5ul0NSgaJpZM4XdCX8>
.
|
Bazel's local sandbox strategies create all output directories before running the spawn inside the sandbox: https://source.bazel.build/bazel/+/master:src/main/java/com/google/devtools/build/lib/sandbox/AbstractContainerizingSandboxedSpawn.java;l=102 I can't find it for the local strategies (I think it's somewhere happening in Skyframe), but @cushon recently looked into this and might remember where that was. |
It's handled by |
This sample fails in the same way when I run it locally (with or without the linux-sandbox). Is it just me? If you change the command to "pwd && ls -R && cd %s && pwd" you can see that ./bazel-out/k8-fastbuild/bin is created automatically, but ./bazel-out/k8-fastbuild/bin/a_dir is not, regardless of spawn strategy. |
@cushon What is the priority of this issue? I believe it was originally filed as a result of a regression related to updates in javabase handling, and I don't want remote execution to be blindsided by future updates. |
Which version of Bazel are you using? It works for me with 0.18.0 and
I'm working around it by not using |
Adding the directories as inputs seems odd, too. I think Buildbarn - at least - wants to create the input tree as read-only. I'd be happy with a solution where the client sends a list of directories in the protocol, but I'm unsure about reusing the inputs for that. |
Buildbarn ensures that all directories in the input root are writable, regardless of whether they were there explicitly (in the Merkle tree) or implicitly (as parents of outputs). It’s just that input files are read only, to make it possible to have a file cache with hardlinking. |
I think the ship has already sailed on allowing new outputs under the input root somewhere? E.g. with use of working_directory, it's almost certain the outputs will be somewhere other than the root of the action. |
Exactly! |
…l#6393. This allows rules_swig to function under remote builds. Bug: 168150587 Change-Id: I79cc96a4a6119d1d8d286d83fd4807152e722403
* Extract common messages from ComputationControl service requests, replacing the "Handle" method prefix with "Process". Bug: 169974020 Change-Id: Iaf643d424009d0a979a45b82503b7db94f679557 * Update implementation of ComputationControl service to use definition from system API. This follows the newer package structure that is being migrated to. Bug: 169974020 Change-Id: I08e4cf7f5d142e4ddc023230569a9ace4ebc641b * Move common gcloud, GCS, and Spanner functionality to subpackages of gcloud package. Bug: 169968333 Change-Id: If7d8d2e79293d9bb2791c74a3eaa458f7d1ce931 * Move package db.kingdom.gcp to kingdom.deploy.gcloud.spanner. Bug: 169968333 Change-Id: I9ef49a79a08a849f8a61e988d252149a40f3cb20 * Reorganize integration tests; add gcloud subpackage. Bug: 169968333 Change-Id: I6e2bd3af16d6f3f63744a3f635080ce774b8b7fd * Restrict visibility of kingdom.deploy.gcloud.spanner subpackages. Bug: 169968333 Change-Id: I59e1737dd01f34eadf93c8c3eabcd8b1d8050aa4 * Consolidate common gRPC functionality to common.grpc package. Bug: 169968333 Change-Id: Ie3ce3a5ae8d8cbb33bdea0a688652b1d6856c024 * Move Requisition service implementation and server to appropriate subpackages of kingdom package. Bug: 169968333 Change-Id: Id48a9a2b4fb175d7f861359f1101f225cc702a59 * Move KingdomApiServer to kingdom.deploy.common.server package. Bug: 169968333 Change-Id: Ieb6a2cf6f679c465faac5e79de4ab28c0097824e * Remove ProtoConversions.kt, distributing the conversion extensions to the files where they are used. Bug: 169968333 Change-Id: I7e7cdaa8d0797fa0d7f0bdbd3ca0dab5c149e5e9 * Fix main_class for ForwardedStorageLiquidLegionsComputationControlServer targets. Bug: 169974020 Change-Id: I2113cede8aa4df101cb205b618895457666572a2 * Move GrpcTestServerRule to common.grpc.testing package. Bug: 169968333 Change-Id: I9bef4881055b6cc9f25e85517dcbbd0e08eb328a * Implement SpannerComputationStatDatabase class Bug: 171001876 Change-Id: Ic747d46e1b4c42cbd1ec5c6f40833f10162a3eba * Remove Java code: it is now in a separate repo. Bug: 171084474 Change-Id: I668a8fab90e8178f8ad54301c1872f6f96d7d8ef * Populate computation_stats database for Duchies Bug: 171240428 Change-Id: I01f705dac71b9d8276b95e430d897a89d620e2d1 * Initial commit. Bug: 171084474 Change-Id: I70fd33bbe07306900df37db1ec52a5c69c8501ed * Move AnySketch Java code to any-sketch-java repo Bug: 171084474 Change-Id: I513fd217ef1ca84c951a3ba7c28fac688686ea18 * Bugfix: fix GcsLiquidLegionsComputationControlServer path Bug: 171254150 Change-Id: Iaa133eafd51c567772223b66113c43354d3ffb32 * Fix a specific version for any-sketch dependency. Bug: 171084474 Change-Id: I02aa7bc028f258cdb08fb55c1a636e6ef3611316 * Rename FakeStorageService to FileSystemStorageService, moving it to storage.filesystem package. Bug: 169968333 Change-Id: Ie44df3b09e54cfc97490aa651ed85ceda77738b8 * Add --blob-storage-directory flag to FileSystemStorageServer. Change-Id: Iacd0e9f452cc49f38745a2d3b2ec40addab9938f * Moves the mill deamon into the new package structure bug: 171083941 Change-Id: Idc46c7a9656878d1ba50a7bff824bd0539aceda1 * Remove CLA clause from CONTRIBUTING.md Bug: 170886383 Change-Id: I9661993b7580aad8d6867a056c5ffb45a1c5cebe * Add missing license headers to SWIG files. Bug: 169349187 Change-Id: If1e214a3b6d4ad0187ce64729ec458ee854bb7eb * Add workspace roots of deps to include path instead of that of current target. Bug: 171084474 Change-Id: I1c24f3f99ec51d697fcf2d4ed93a05fcde45653f * Move herald daemon to new package structure bug: 171083941 Change-Id: Id67fe9d665be5a5995fcb83a67f3bbf8cb670b6c * Do not use external/ path for external SWIG includes. This fixes compilation of the generated cc_library target from java_wrap_cc when the java_wrap_cc target is used from another workspace. This change also returns the any_sketch workspace target to Bazel naming conventions, as the conventions apply regardless of any underlying Git repository name. Bug: 171084474 Change-Id: Ic2414ce1a211cb6bee3e30bcf8a544128cf3acb4 * Update WORKSPACE to use any-sketch-java Bug: 171084474 Change-Id: Ic2a3886d7cdb33e7bf0b829fabab3218846dfeb9 * Add AUTHORS file Change-Id: Ic73ae7bfe93692feefd9849ab261960d45028e7d * Remove unused com_github_tnarg_rules_cue workspace target. Bug: 167428995 Change-Id: I895b737730d515a6350df25080c53d61d74b9033 * Fix ErrImageNeverPull for kingdom_and_three_duchies_local. Bug: 169968333 Change-Id: I13262ca7b91938b93a92e85d8619366c4c76e528 * Extract k8s_import targets. Bug: 168034831 Change-Id: I9edb64cbab98cd1ae746de3baea39dfe7d8c4c61 * Use a wrapper script which calls mkdir to work around bazelbuild/bazel#6393. This allows rules_swig to function under remote builds. Bug: 168150587 Change-Id: I79cc96a4a6119d1d8d286d83fd4807152e722403 * Add targets for building a custom container for our Bazel build environment. Bug: 168619301 Change-Id: I7e0b116624378b100efcc531ccf9182d5e196328 * Track and log the total CPU time of processing a stage in kotlin. The CPU time measured in this way is much bigger than the wall time (6~7 times larger), need to double check if it is the desired value. It cannot use getCurrentThreadCpuTime, since the thread id changes in the block, possible due to how kotlin corountine works. Change-Id: Ib0f1d237eb6fa8fd6198192ea0a326c72045a1ab * Update directory structure section of README Bug: 169934646 Change-Id: Ia7581745b28cc15dfcaf9a88a56c4f6c422caacd * Extract macros for installing APT and Go packages as layers. Bug: 168619301 Change-Id: Ia01b490d1e6f4966331e7f8e495cb65c15aaf528 * Install CUE in custom RBE image. Bug: 168150587 Change-Id: I155114831bdb2a97747a95c9f9005d6fab267109 * Moves metricvalue db abstractions and service to new package structure bug: 171083941 Change-Id: I394211b0dc69668c10670e44915d9584a96b3e93 * Move computation storage service to new package structure bug: 171083941 Change-Id: If67d5bf87ee940a099df354a6adb425eaebab5d7 * Move computation db into new structure bug: 171083941 Change-Id: I7465c45e7cbb5ebf0c58a9bbf9a905e2c5ad7cd8 * Define ComputationStats service. Bug: 171576235 Change-Id: I14c4ccf4c2cd8812398ac3332435c2ca8d48a8f3 * Add cue_cmd rule, using it to implement the cue_dump macro. This will make it easier to use a toolchain configuration for CUE in the future. The `dump` CUE command had to be replaced with a `dumpFile` one due to bazelbuild/bazel#5511. Bug: 168620448 Bug: 171800001 Change-Id: I54dffdc414ba86592fe088570723e9bb3d455960 * Move computationstat db into new package structure Bug: 171083941 Change-Id: Iae00f5d473887892c943e4de405d55b9c42e2273 * Fix cue_dump resulting in invalid YAML and failing if cue binary not in static Bazel PATH. Bug: 171800001 Change-Id: Ib1a396828984e2ce3811ad2fc1735ffafb84925d * Add and use a cue_binaries repository rule for CUE targets rather than relying on having cue in PATH. Bug: 171800001 Change-Id: I2ac24be3c64ad822ec7b1024867020241e5580ae * Drop CUE from build environment images, as it is now included as a repository target. Bug: 171800001 Change-Id: Ie76bcb463e649ffae4e33f310f641bea87b8996a * Use `cue export` instead of `cue cmd` to generate YAML from CUE. This also allows the cue_binaries repo target to be downgraded from a pre-release version to the latest release. Bug: 171800001 Change-Id: I614f6b7df8da504619ed3ff3702c358e2cdfb04b * Log bytes transmitted between the duchies. These logs would be replaced by rpcs to the ComputationStatsService when it is ready. Change-Id: I1f79256a5e52ff64c20af216481171abab68268c * Move remaining Duchy code into proper duchy subpackages. Specifically: * PublisherData service/server * ComputationStorageServer * MetricValueStore/ComputationStore * LiquidLegionsMillDaemon * CommonDuchyFlags * ForwardedStorageLiquidLegionsMillDaemon Bug: 171083941 Change-Id: I9278457dc046a4c4c63d423f8c44d628c2c4b316 * Add tzdata package to Bazel image. Bug: 168619301 Change-Id: Idd7c3b6b203b5a29a1c98d1ca4f944f82fb0b33b * Rename ComputationStorageServiceImpl to ComputationsService. This does not yet change the name of the gRPC service, that will happen in a follow-up CL. Bug: 171972945 Change-Id: I5edb9ec3e62d2622125f837a77a6cb52cefab1c6 * Rename flags for Computations service. Bug: 171972945 Change-Id: I95779d982f176bfe5a15734b8e4c7f39a4eb9039 * Rename computation_storage_service.proto to computations_service.proto. This just renames files and BUILD targets. It does not rename the gRPC service itself. That will happen in a follow-up CL. Bug: 171972945 Change-Id: I69bc2c3065b6d6fd37c3b5098abd52625b345142 * Rename ComputationsStorageService to Computations. Bug: 171972945 Change-Id: Ib7b4804e3ab27fc1dab63a9325550e8e17110efc * Rename variables and classes for Computations service. Previous CLs renamed the service itself. This CL cleans up some variables and classes with names like "ComputationStorage" to make them consistent with the new service name. Bug: 171972945 Change-Id: Ib40e857130ca5b6d0860a218415eb90912ad5299 * Drop seldom-used package groups. Change-Id: I1f838023425e81daac744977a1479beaf7e15102 * Add a container_commit_add_apt_key macro, using it to add the Bazel apt key. Bug: 168619301 Change-Id: I51a4cf0d13bc793807c3abee7f8779d31863d6db * Move Spanner schemata to spanner subpackages of {kingdom, duchy}. This also stops embedding schema definition files as Java resources, wrapping access in a SpannerSchema data class. Bug: 169968333 Change-Id: Iebb5dca6b395aafc9b73aa00a769cd54d65776e4 * Implement an internal ComputationStats service. Bug: 171895841 Change-Id: Ia57ad3e80c1e9d586d625066a175810fa7d6f2b0 * Fix missing manual tags on targets for Bazel container image. Bug: 168619301 Change-Id: I337b9a1e31d9b8ccc82732b61b4f8f1c13a9a8d2 * Format all files. This adds a missing license header to ComputationStatDatabase.kt. Bug: 169349187 Change-Id: I98274dd7d2be0f44ab3adf743144b29d97634593 * Define a protocol_cryptor which deals with basic crypto operations. It would be used in various protocols such as two-round and three-round protocols. Next step: define the aggregator used inside the protoco_encryption_utility as standalone class. Change-Id: I9b9ee1e2b4881a0dd892b1714397deda1edfa98d * Use the protocolCryptor for SameKeyAggregation related operations. Change-Id: Ia246ff9436ba3f71b0496e6647575cad38209a70 * Split up SpannerFromFlags to decouple CLI flags Change-Id: I69c36d816cb11b5e272b58db96903387cf9c016d * Add ComputationStatsService to ComputationsServer Bug: 172104863 Change-Id: I4355215a19b7ed761f6b9e7aa9fa4064209445ac * Normalize the histogram in the anysketch estimator. Change-Id: Ica02aed7d532734afdba82844adca423b748cf49 * Create JUnit version of e2e correctness test Bug: 169349682 Change-Id: If046ceb764fc1e23a11dce28f305a9cb11331847 * RPC to createComputationStat for bytes of data transferred Bug: 172104863 Change-Id: I90e543c2c63e884905116d9228be2922cf916dca * Normalize the frequency hisogram in the MPC result. The CL also updates the data type from Long to Double everywhere for the value. Change-Id: I1c7769f3503f2d9d71213613fbf0a822c82ea2d4 * Add blob fingerprints into MetricValues Spanner. This also: - Verifies the fingerprints when reading blobs. - Adds some convenience functions for working with bytes and fingerprints. Bug: b/169062567 Change-Id: I77a223b733cd25c2e9a5f6784dea2fbfc15a8cee * Add build definition for prowjob_cluster image. Change-Id: I6792ec337268b6a3041f42fde24a8bdc727a7ec3 * Script to run linters under prow. Change-Id: I09da8f449644124de401bf27c27c7ea495df8a6f * Move ComputationStats table under Computations db. - ComputationStats table interleaves ComputationStageAttempts - All computation related transactions in same db - ComputationStatsService is still separate using ComputationDb - Verified the changes by deploying to GKE Bug: 172104863 Change-Id: I0ac0e44732e1e0b828a175a9714585844adfe250 * Use the computation stage type in computation stat service Before this change we were relying on the caller to map the stage enum to the right long value before sending the request. This change adds type safety for the stage all the way to the database write. Bug: 172104863 Change-Id: I929df0add967ffc24eb5300410463ee5be0c9c27 * Define the three-round liquidlegion MPC protocol. Change-Id: I2d5ad29fc6241464a213b72072f47176cb2a6c3f * BugFix: Divide Sketch into chunks to send PDS in CorrectnessTest Bug: 172676480 Change-Id: I712c9f30ced54af6acabe6b062d9bdcdf685fff0 * Handle Bazel startup options in bazel-docker script. This also updates the is_rootless check to handle Podman and for the Docker command to be overridden using the DOCKER environment variable. Bug: 168619301 Change-Id: I250ae22498d0e527aea3ec7e69addd00452306a7 * Drop concept of a separate "clean" Bazel image for lightweight upgrades. It was error-prone due to the inability to push an image with multiple tags, and gave little benefit in terms of rebuild efficiency. Bug: 168619301 Change-Id: Ib77d0579cd2822f44b5d79462681d52d06d8a498 * Use pushed Bazel build environment image as base for ProwJob image. This also includes the Google Cloud APT key in the final image to avoid errors from apt commands, which is useful for debugging and allows usage of the image as a base. Change-Id: I73f5733da36cb881b683bf4cea87c3370af95854 * Remove unnecessary move that prevents copy elision Change-Id: I43d49e90cdf56b65a245980db0a068a0e3f0f100 * Improve exception message for mismatching token editVersion Change-Id: I71839b4e754218e04b625918768e36deaaf5aa34 * Drop duplicate repo targets for binaries. Change-Id: I65001cf3ee7c345c9a9a0ea96ce73b2608e8c3c3 * Update io_bazel_rules_docker to 0.15.0 release rather than specific commit. Change-Id: I584b9b1913e2f88a0afaf559bb9c28444ede59b9 * Move protocolStage protos from /internal to /protocol/name There stage enums are conflicting with each other since they are in the same namespace. Change-Id: I9b1b57bf0cada21b33678fee680b034550669185 * Create a c++ library to generate polya random variable. This will be used for noise generation in various MPC protocols. Change-Id: I72bad867668d99082e58747cfaff2c9144c82fea * Log current memory usage before processing a new computation. Change-Id: I7dfed14d6516050eae2e6747feeba7c82c3470f4 * Set memory JVM flags for Mill. Change-Id: I7fd03f8edbefd5989019643f023b1351ab93224b * Insert computations in queue but without active attempt bug: 172861528 Change-Id: I5660e772410ab17c77fa81baf2200331d249c9fa * Set attempt ending reason based on computation ending reason When ending a computation the current attempt of the current stage was being set to CANCELED no matter the reason for ending the computation. This meant the last attempt of a successful computation was marked as canceld instead of succeeded. bug: 172861528 Change-Id: Ia36e8b59fde93f2b54cb9b30c33377606498b976 * Create the LiquidLegionsSketchAggregationV2Protocol.kt Renamed LiquidLegionsSketchAggregationProtocol to LiquidLegionsSketchAggregationV1Protocol Test for LiquidLegionsSketchAggregationV2Protocol would added in following CLs Change-Id: Ib72528152e3089b1da70dfcec2cc93f3cef39bcb * Add test for the LiquidLegionsV2ProtocolEnumStages Change-Id: Iaecc86bae0b940b64b1ee1a863641604c30b9bcd * Drop unused GlobalComputation service definition from public API. This has been moved to the system API. Bug: 169974020 Change-Id: I2d487ee4cd55323953858e2af13097c5bfaff5de * Format all files. This adds a missing license header to SpannerFlags.kt and fixes Bazel lint errors. Bug: 169349187 Change-Id: I94e5885380c5eb25feae40328bdebbc7226bb01c * Add column for protocol type to computations spanner table The original design was to have each protocol use the same schema but in different databases. This is in order to move all computations for all protocols into a single database which should make it easier to add new protocols to the system. Change-Id: Ibfc38a73d6a20167f812fb2c6befd3544f8e3238 * Add infrastructure to write protocol type to database This adds generic types and helper classes to convert from enums to longs, much like the stages. Later chnage(s) will actually write and read the computation type to the database. Change-Id: I9a2880a42a788fab9721b0be7261ec1efdf609aa * Update the Prow presubmit test script to build all targets before running tests. This can catch issues with build targets that aren't used by tests, e.g. binaries. Change-Id: I8dc46557925a4e3b95e726b7a9e3b70bc43e877a * Disable verbose grpc logging on GKE Change-Id: Ifdb0a5499bef7dd51329d40711c937857fa173a9 * Remove GlobalComputation from resource diagram. Bug: 169974020 Change-Id: Ie7b02952cc0271a43d217dc1181787cb3af51711 * Add script for generating PlantUML diagrams. Change-Id: Ia1dfc1b6945cc69d69e2c8dd3c2e3f130f474dfc * Move ListCampaigns method to CampaignSearch service. Bug: 173125480 Change-Id: Iac269e82895514c753dd987699fa305b32d0bc96 * Write Protocol column to computations db Change-Id: I19394c697f54287164efcca7774bc832418db9a5 * Make Protocol column not null and add to index Change-Id: I19deebcc6111a786092dfe64d50126f01d26c2dc * Add RefuseMetricRequisition method to PublisherData service definition. Bug: 173224789 Change-Id: I7ba2eff44d63a25189c23b2029fcb50baabb15fa * Add MetricRequisition.State.PERMANENTLY_UNFILLABLE. Bug: 173224789 Change-Id: Ib15a63f005da2c89260d8fbb6f4a8087cfddf0c6 * Define the proto datatypes used in the 3 round protocol crypto library. Change-Id: Ic0fbe92cecdedd6f2cb26fd58e4f58d1e46e4ed9 * Define the liquid_legions_v2_encryption_utility header Change-Id: Ib4a587afdb847838e71efe39534c4d8d5d53bf88 * Delegate DataProviderService.refuseRequisition to RequisitionService. Note that this method is not yet implemented in RequisitionService. Bug: 173224789 Change-Id: I3d353768b32a040a1bf3d37a48fab482fcafb59d * Use absl::Status and StatusOr in the anysketch lib. Change-Id: I6f20ea0b4e92056439903a270fe0cb4062db4156 * Upgrade various repository targets. Of particular note for Cloud Spanner Emulator: "Fixed bug where direct index reads of commit timestamp values returned the max timestamp value." Change-Id: I2945e71a3c02e2961604a0005ab86a22ed192a79 * Use absl::StatusOr in the anysketch-java lib. Change-Id: Ibd7ded9dde179096cdfcce2609568fce3e280221 * Add UpdateComputation method to the computationControlService definition. All other methods would be deprecated and deleted. Also defined the internal AsyncComputationControlService proto. Change-Id: I9d4f565323ebaffefcb02bf6812fab0d31d36616 * Use absl::Status and StatusOr in the measuremenet system repo. Change-Id: I08d78f77cfccdba4ae8983b7fb67e9a4aead4153 * Use clang for C++ compilation. This includes updating the build environment images for Bazel/Prow. Bug: 173530993 Change-Id: I77e0cd8aa1072b2f18767063d8acc49b072d687f * Specify canonical reproducible versions of repo targets. Change-Id: I78616c1e0a55a04c8f841583a3aa966c1d37287d * Add a system API version of Requisition service with FulfillMetricRequisition method. Bug: 173449532 Change-Id: I77efa7f5a395609b6627864e62868bcd244b6054 * Make e2e test wait for all pods and add sleep The readiness check in the e2e test has been allowing the test to run before all servers are ready. Wait until all pods are running or have succeeded. Then wait 30 seconds in case servers are running but not yet ready to accept connections. Eventually we should replace this with real readiness checks in the servers. Bug: 169349682 Change-Id: Ie3de44da7cb294e1e84daeb3b480e42ef5700c79 * Call FulfillMetricRequisition on system Requisition service from PublisherData service impl. Bug: 173449532 Change-Id: Iaa16b1633b4922d1048904bc74282fc4cf64c507 * Rename proto names in the crypto lib methods. 1. renamed ElGamalPublicKeys to ElGamalPublickKey, and ElGamalKeys to ElGamalKeyPair. 2. deleted the ElGamalPublic and ElGamalKeyPair kotlin class due to name conflict, changed to use the proto directly in the config map. Change-Id: I25d805791cd43e06cc3953d4c1a10bc3e7270155 * Add a BatchProcessing method to the protocol_cyptor Change-Id: I7e9a82cd22264af224afd14e0ffd01bfe7ecccd5 * Update SketchSql to be BigQuery-compatible. This also fixes some bugs. Bug: 173433998 Change-Id: I946dc0cc72927f25f6e8b93af9747d155a34e3b2 * Update build dependency documentation to include Clang. Bug: 173530993 Change-Id: I206906fc0d2681daedabcbb87811ed9d9b02b12e * Implement the CompleteReachEstimationPhase method. A EndToEnd_threeRoundProtocol test would be added when all methods are implemented. The protocol_encryption_utility would eventually be deleted when the three round protocol is done. So there are some code duplications currently between it and the new liquid_legions_v2_xxx Change-Id: I3618321447d83928a3ec72ac0befeef07928f950 * Delete the ph key in the requests/responses. since it is not expected to be used. Change-Id: I726fed5a4987d037f3cc1e69200316fee3af5207 * Rename the field in the ElGamalKeyPair and ElGamalPublicKey protos. Change-Id: I236a4a1c9ef752eb9386ca505df654a1b55cbcfe * Drop FulfillMetricRequisition method from public Requisition service. Bug: 173449532 Change-Id: I3cf0b8e36e1f2254e3d5b7b16f4bee5c77dd298d * Call FulfillMetricRequisition on system Requisition service from integration test. Bug: 173449532 Change-Id: If49597cb0515b8d92043d27b3ff3e5695f5df9f9 * Drop fulfillMetricRequisition from public Requisition service implementation. Bug: 173449532 Change-Id: Icbf47a5502262a272efabd9e33c2da77bd4b739f * Fix typos in the proto. Change-Id: I2c3a26ca3de8f37fcf8269f6c93720d90e60a54f * Create a skeleton AsyncComputationControlService. Change-Id: Ib91497a37a8aaa7df7b22bb23d7144d8bb769178 * Add a destroy_strategy field to the EncryptSketchRequest. The liquidLegion V1 two-round protocol is using the CONFLICTING_KEYS option. The V2 three-round protocol will use the FLAGGED_KEY option. Change-Id: I5f34eb1ddc75bcb2c6c60f88bdfe7392c87e5de3 * Define a ComputationsEnumHelper which deals with all protocols. The protocol specific StagerEnumHelpers would not be used outside this class any more. Change-Id: I414043c7d7314de5edcac9edd0b3d3c1c5e213ec * Update the computationsService/Db etc. to support all protocols. 1. Added protocolT to all necessary interfaces. 2. Switched all usages of StageT to use ComputationStage instead of protocol specific stages. Change-Id: I482fc96c5db13a00cc2015e66ebf1ce9978af191 * Throw FAILED_PRECONDITION error from internal RequisitionsService.fulfillRequisition if state could not be transitioned. See https://google.aip.dev/216 Bug: 173449532 Change-Id: I7b6a1bb7ae954c1e52d4821ca30d2eaeeb3c3c0f * Remove unnecessary RequisitionTransition typealias. Bug: 173449532 Change-Id: Ifeeec9aee00972c5d8f36aa434ccd1cc11d6b960 * Encrypt destroyed registers according to the DestroyedRegisterStrategy. Change-Id: I90d7790d02d93183782fb175997af3659ad3026e * Using absl::string_view where it is accepted in the crypto lib. Change-Id: I7795009ed9b3b444826356d7fa498396273feba6 * Use absl::string_view for string constants. Change-Id: I8047530cb28ed80c58399ec632ab64b6e1250e92 * Add KingdomRelationalDatabase.getRequisition, with tests against the interface methods. This also fixes the following bugs in createRequisition: * The denormalized provided_campaign_id field is not set in the return value when a new requisition is inserted. * create_time is overridden in the return value when a matching requisition already exists. Change-Id: I3f74cdd5afd4b85be9279533298d0e15cbdc8009 * Implement the CompleteReachEstimationPhaseAtAggregator() for LL_V2 It is very similar to the BlindLastLayerIndexThenJoinRegisters() in the LL_V1 protocol. The only difference is that in LL_V2 we return two flags after sameKeyAggregation. An e2e test will be added when all methods are implemented. Change-Id: Ia515df800f6d72652049a4ddc5c584693f9fdc3e * Unwrap SpannerExceptions thrown by AsyncRunner.runAsync. Change-Id: I88c9757bb26092a215e2e229fa1aa181eaf76a56 * Assert that active_register_count is less than num_of_total_registers. Change-Id: I3d8f8c2e64e917fbf8c3595df28e7b3b19208d21 * Add HealthCheck to CommonServer Bug: 169701399 Change-Id: I1c4e012d8a4da26efce434f82eb8c382a00252d7 * Extract refusal details to MetricRequisition.Refusal message. This allows the refusal details to be retrieved at a later time. Bug: 174685344 Change-Id: Idc516da4677ce8a86fc3d8920aa70d87f455b211 * Estimate the reach at the end of round 1 of aggregator. Also add a TODO to add noise here. Change-Id: I58215ce0a2c589575c9726ea156b399e2215ce86 * Implement the CompleteFilteringPhase() method for the LL_V2 protocol. An e2e test will be added when all methods are implemented. Change-Id: Iba9aed324950e0039ce3f3b0befb022bc8b7d529 * Implement the CompleteFilteringPhaseAtAggregator() method for the LL_V2 protocol. An e2e test will be added when all methods are implemented. Change-Id: If452420ef0821f7adbf0799a9daf764d0e28db93 * Populate refusal field in RequisitionService.listRequisitions. Bug: 174685344 Change-Id: Iee88ee5f38261412db8e1773821b30b20d133635 * Add and implement KingdomRelationalDatabase.refuseRequisition. Bug: 174685344 Change-Id: Ieed51fb50d60e365081c3df9c925898bfe4a17dc * Update anysketch-java to use latest anysketch c++ code. Change-Id: I90f6fcd38e70d48c77076b24c70f504edba94718 * Use the latest anysketch libs in the system repo. Change-Id: I1dc4f6034747c21a8f5d5709271eb367e4b28d5b * Add a SimpleSpannerWriter for cases where the SpannerWriter result is the non-null transaction result. Change-Id: Idf49a85b0f0d2467522bee5880c7a5026ed7fd0a * Implement the CompleteSetupPhase() method. Currently, we only shuffle the registers. Noise would be added later when the noise strategy is determined. Change-Id: I0130aab9d89daca177453a0198619dae18a26995 * Implement the CompleteFrequencyEstimationPhase method for the LL_V2 protocol. In this phase, a non-aggregator work will decrypt the the local ElGamal encryption on the SameKeyAggregator (SKA) matrix. An e2e test will be added when all methods are implemented. Change-Id: Ie24ee4b3dc6729f195b70628c30b65b11f926837 * Forbid non-positive count values in sketches. Since we don't decrypt the counts in the three-round protocol, we are not able to filter out these zero count registers. If we allow zero count registers, the cardinality estimation will not be accurate. Change-Id: I7749c723c0f0acdac90a0a54054d2ddb3700859b * Update any_sketch and any_sketch_java repo targets to canonical reproducible forms. This was missed in afcc4ff. Change-Id: I99121a4d3d3c13a01644cf78bc6ad3b20a2841f3 * Set initial requisition state in KingdomRelationalDatabase.createRequisition. This more closely matches the principle of ignoring output-only fields in request inputs (see https://google.aip.dev/203#output-only). Bug: 174685344 Change-Id: Ie8553d3dfdb389a27314bdd317ef2d24acf33b55 * Encrypt count values greater than max_frequency as max_frequency + 1. Change-Id: Ifb4fd646a08cf87ac9c755b1a6025bbb783d4d8d * Define the liquid_legions_v2_encryption_utility_wrapper. This is to be used as the JNI interface. Change-Id: Ied0058652ceab180c31bd9665549b6385378c80e * Add a few clarifying comments to AsyncComputationControl Change-Id: Ice551b4fa031476622f86dda853474b321bf5fef * Point to the latest any-sketch repo. Change-Id: I35c2b7e7fcfa283bcb7b36939f567c169d358324 * Refactor the ComputationDataClient to support all protocols. Major update: 1. Changed the ComputationDetails proto to be protocol specific. 2. Put the entire computationDetails in the token instead of putting muiltiple string fields. 3. Moved the role selection from the GcpSpannerComputationsDB to the ComputationService. (using globalID instead of LocalID) TODO: 1. use fixed role (from flag) at a duchy for LL_V2 protocol computations. 2. the herald creates LL_V2 computations (hard coded or according to the kingdom's response) Change-Id: Iacd2ac25dba4a2ee3d6d9cb6867dd49f301780e1 * Specify app.kubernetes.io/name label on all objects. Bug: 175070690 Change-Id: I28f62768d75d646e680adc58c8adaf85e03cabaa * Delete K8s objects by selector in k8s_apply, rather than attempting to delete by manifest file. Bug: 175070690 Change-Id: I599624c7eb702d3fd046fbdadbca1c912b6f3c48 * Implement the CompleteFrequencyEstimationPhaseAtAggregator() method. Also add an e2e test for the liquid_legions_v2_encryption_utility library. Minor Update to the code: 1. stop using zero_offset constant, but compare with actual 0 directly, which saves plenty of crypto additions. Change-Id: I610475b4bd2f68a77f15b680ef56e74a7126ecf6 * Set up JNI for the LL_V2 crpyto library. Also pointed the WORKSPACE to the latest any-sketch library, which forbids the count value to be 0. Deleted/fixed the impacted tests. Change-Id: I7a016a77c1eccab31c7b005eac411a878c06b582 * Rename liquidLegionsMill to liquidLegionsV1Mill Change-Id: I2282487e0f2653b4e4049e83f706cf407a0d3e0b * Extract the common pieces of mills into a MillBase. Change-Id: Ia868d1e0cbc92fbddbb2c679bb8ef16a96e28e38 * Setup the liquid legions v2 mill and implement the first two methods. i.e., confirmRequisitions() and completeSetupPhase() Change-Id: Ia5c480f4b0c0085bce96ad2b0a3a1f8a6709fb7a * Implement all the other methods in the LiquidLegionsV2 mill. Change-Id: I7e3070aada30af430ed9324e2d4d4ddb0a4bd11f * Use an action map to organize actions in the mill. Change-Id: I9809a4dc51516a21eeaa7060093823823eb5d0f3 * Clean up MillBase. * Make the terminal stage of a protocol an abstract property of MillBase, so MillBase does not need to be aware of protocol specifics. * Fix bug where the stage logged in MillBase::processComputation is v1-specific. * Fix bug where the computationType is not set correctly in MillBase::getLatestComputationToken. * Fix formatting. Change-Id: I39bb4ecb770612fae39a30affa91bd939588d892 * Reformat MillBase to be consistent with codebase Change-Id: I1e029614ad3c3315af6cde86ffd72c8249763896 * Fix some typos. Change-Id: If5c2083b0201be940abe7d2f7f83104e65dc0e70 * Add BlobMetadata type PASS_THROUGH There are some blobs that inputs to a stage which are also carried over as output of the stage. There was no representation of that in the DB so it had to be encoded in kotlin logic. This makes it harder to have a generic handeler of messages in the computation control service. Change-Id: I5cd39af2f7b3610ab8e5babbcc4c9d90bc5318df * Implement LiquidLegionsSketchAggregationV1 in AsyncComputationControlService Change-Id: I5a768f00781433fae07aa176589a87d42b55686e * Add LIQUID_LEGIONS_SKETCH_AGGREGATION_V2 to Async CCS Change-Id: Ia2c2835b6a7d731facb6158d20382dad776bccb7 * Don't run buildifier lint check on delted build files buildifier has a non-zero exit status for files that do not exist, which means deleting a build file caused lint failures. Change-Id: Id346e40e0a665defbad46f822bf21b7103fb5da2 * Implement system level Computation Control Service The liquiud legions specific one will be removed in a follow on commit. Change-Id: Id57182f641e474b2f682ba992fa101b374f6c3f8 * Swap LiquidLegionsV1Mill to new advance computation request This also replaces the liquidlegionsV1 server with the single external facing comptuations control server. Change-Id: Iba1bd71f699ad634ca1c96b489288d8ebf42725e * Fix the correctness test in kind. Change-Id: I4fac69de8e8745c93374be1e43e0bcfe05ae9ec7 * Update the herald to a generic version. So for, it is still hardcoded to create LL_V2 computations. TODO: 1. Add protocol into the globalComputation proto. 2. Create corresponding computation in the herald. Change-Id: Ie4921fe3c70aa8250c938ec9e18b26678da5d208 * Fix correctness test on GKE. Change-Id: Ia7377e4386b12e395a5234625c33b60f092b8e7f * Add initContainers to pods in cue config - initContainers make sure the dependent servers are up and running - Will be adding readinessProbe in the next cl Bug: 169701399 Change-Id: I3a1f70240be75dc178ac140697b926196a5fd37a * Log time differently from other metric. Change-Id: Ib1aada6a9df9cbee782d767bb4dad9582363dbd5 * Update the integrationTest and correctness to use LL_V2 protocol Currently, it is hardcoded to do so. In the future the computation type should come from the kingdom. Change-Id: I331bf409f43ca031f095e93067eadb9501f55879 * Add an UpdateComputationDetails method to the ComputationsService. There will be 2 usage cases so far. 1. The LL_V2 protocol estimates the reach in round 1, the result will be cached in the computation_details and attached to the final report in round 3 when the mill reports to the kingdom. 2. The CompleteFrequencyPhase result(freqeuncy distribution map) would be cached inside the computation_details instead of in the blobstore. The cache will be used for retry if necessary. Note that, most fields in the computation_details are not suitable for updating. e.g., the computationRole, the blob_storage_prefix, etc. However, since the service is an internal only service, we assume the caller knows what it is doing and won't mess up it is own computation. Change-Id: I45759563bb77c672025f45f5d673c4a433d62412 * Implement the UpdateComputationDetails method. Change-Id: Ie7829da4d5f601fbd81088508ada16e32b30f491 * Add ReadinessProbe to Server pods - ReadinessProbe will use grpc_health_probe to check the statuses of the servers every x seconds. Bug: 169701399 Change-Id: I24e333bbef9a25710346d745a514f5f39f899d17 * Add grpc_health_check_bin to fake-storage-server data Change-Id: I824cabb969cea67833a34224ddd28aac767608cb * Cache reach esitmate and send to kingdom together with frequency later. Remove frequency estimate from the ComputationDetails, since it is already being cached in the blob. Change-Id: I0d1081197bfff6278c089cfaf5ec4133f7aa2cd0 * Rename the LL_V2 proto phase names to EXECUTION_PHASE_ONE/TWO/THREE. There will be minor updates to what we do in each phase, and the old names won't be accurate anymore. The major change is that reach estimating is deferred to the end of execution phase two, before which some noises are filtered out. Change-Id: Ifad73ca00552ec9fa9f011cb03fce27ed6297222 * Adds a SHA256 Fingerprinter in C++. This also moves the C++ implementation more in line with the Java implementation by renaming HashFunction to Fingerprinter. Bug: 177600980 Change-Id: If731ac39d535e7fcc265764c521f03acc6af8e10 * Seed v2alpha version of public API from v1alpha. The meaningless file ending changes to v1alpha are for Git to detect the copies without --find-copies-harder. Bug: 159032794 Change-Id: I3d345c08e4e952d00e6490b3f30590197bcda45c * Simplify the public API resource messages for measurement consumer use. * Rename Advertiser to MeasurementConsumer. * Rename Campaign to EventGroup. * Add Measurement resource. * Change the cardinality of MetricRequisition such that there's one per (DataProvider, Measurement) pair. Bug: 159032794 Change-Id: Ibbb730ec3b2b3002691001f97d300fbd18fcd5a4 * Redefine public API services such that each service corresponds to a single resource type, except for the Duchy RequisitionFulfillment service. * DataProviderRegistration -> DataProviders * MeasurementConsumerRegistration -> MeasurementConsumers * EventGroupSearch -> EventGroups * Requisition -> Requisitions * PublisherData -> RequisitionFulfillment Bug: 159032794 Bug: 174863707 Change-Id: I2c077b3bf467d0077068e49804d114306633bedd * Update the math lib to support our actual use case. Change-Id: Ia390f9fee7fd36f99314ef08e4a028a41439cba8 * Use the latest PJC rego. Change-Id: I1f53cdede0ca9c817bda6e66b23ff16e62c36749 * Use latest any-sketch and PJC repos. Change-Id: I89d16ed431a9c3783edb0bb07ccc8a2840fffbcd * Use the RETURN_IF_ERROR macro from the PJC repo. The PJC repo added this macro recently, now it is causing a macro duplicated warning. Change-Id: I680ed6b7d6a80a5953f06142acf55adaee8d4a5e * Update the noise parameters proto. Four types of noise registers are to be added in the setup phase. 1. blind histogram noise (R, F2 <>) 2. noise for publisher noise (C1, R, <>) 3. global DP noise for reach (R, F1, <>) 4. padding noise (C2, R, <>) 1, 2 and 4 will be filtered out before estimating reach. 3 will impact the reach estimate but will be filtered out before estimating the frequency. The total number of all above noise registers will be equal to an agreed constant. Change-Id: I005f5428c324deb5a331218e978dd9c580cb915b * Add measurements service Bug: 159032794 Change-Id: I8db25770e35d62424d2224da303d08eaa52e35f1 * Point any-sketch-java to the latest any-sketch repo. Change-Id: I831962a339598ca2fcb042af6e65d8ff83c6576d * Cut off the frequency estimate at max_frequency instead of max_freqeuncy+1. In other words, all frequency >= max_frequency would be counted as max_frequency now. Also make the code consistent with the comment. No the 2-D SKM is a (max_frequency-1) by N matrix, i.e., the row means different frequency values, the column number is equal to the number of 4-tuples. Change-Id: I6c26ceb4ea7ddad64d04a828890d9e5fd37feff2 * Support cryptographic consent signaling in public API. Assumptions: * The MeasurementConsumer and DataProviders have exchanged root certificates and the MeasurementConsumer has obtained the Aggregator's root certificate out-of-band. * A one-time set of keys is generated by the MeasurementConsumer for each measurement: one encryption key pair and one signing certificate. * SketchConfigs and CombinedPublicKeys are well-known to participants, such that participants are not relying on the Kingdom as the single source-of-truth for them. * Each encrypted value is symmetrically encrypted using a key derived from a shared secret from a key-agreement protocol applied to a pair of public keys. Bug: 175707034 Change-Id: Ic7a8310dea373ec5e36d6f7fd1b71377adb4be15 * Implement noise creation in the setup phase. The noise is not handled by the protocol yet. Change-Id: I9a6b1795f2f6defddf54a1f6dff75cd38c71ddf7 * Update a comment in the any-sketch lib. Change-Id: I990358fe4a970e2f5d7de95454d9c8d7fa1b10ac * Handle the reach noises in the MPC protocol. 1. Moved reach estimate from the end of phase 1 to the end of phase 2. 2. The mill is not setting noise paramters yet. Change-Id: I87f4e49ddaa3a0cdad66e2174132838f6c61ca77 * Update @rules_proto to revision cfdc2fa31879c0aebe31ce7702b1a9c8a4be02d2. This appears to address build errors with Bazel 4.0.0 by updating the underlying @com_google_protobuf target to a newer version. Change-Id: I9928cb725a920992dd931dd177d9fccd151b051f * Update repository targets for Bazel 4.0.0 compatibility. Change-Id: Id9590ae87d303ce1fd7839417de2dac8e152f857 * Fix syntax error in WORKSPACE. Change-Id: I0f81111fb207e4e0d71bafd1e816c39d7724acc3 * Generate and handle frequency noise in the protocol. Also, in oder to test pure noise without actual data, changed the behavior of all methods to accept empty input. Change-Id: If9513158fd4f51d6144a99e3db026282d1fb6d18 * Minor updates to the LLV2 protocol. Change-Id: I2100f6989926a5c56465fe6f7bd6d4a604a3ad2c * Add total_requistion_count to GlobalComputation. This number is required by all duchies during noise generation. Change-Id: I2f13bc9310dedcea0c6aeba9b465912d28043d80 * Add total_requisition_count to LLV2 computatonDetails. Change-Id: Ib2ae49df6879cc160ec7c736dbfca4decf354f9b * Adding AUTHORS and CONTRIBUTING.md Change-Id: I8bec9fa046af66f6f539bae60b7ee93c147bdc7c * Changing some references to Open Measurement to Cross-Media Measurement Change-Id: Id983202c03aee346eddfd83dfd914eea30d28bd1 * Add hyphen to Cross-Media in AUTHORS Change-Id: I069353d333c521fc0ef45ea046ab3e7554962043 * Changing any-sketch license headers to refer to Cross-Media Measurement Authors Change-Id: Ib148509530123d99cc4feccd1c1e09cb84dd8678 * Changing any-sketch-java license headers to refer to Cross-Media Measurement Authors Change-Id: Ic498b9f46eb9525a6fc8b08c1249d01ea3ad3ef7 * Changing cross-media-measurement license headers to refer to Cross-Media Measurement Authors Change-Id: I468321ff1674f21e48758cb4f33a3b15dfc759eb * Changing cross-media-measurement-api license headers to refer to Cross-Media Measurement Authors Change-Id: If0ee805eded84cae6dced34d917b80bdf113f65b * Changing rules-swig license headers to refer to Cross-Media Measurement Authors Change-Id: I8830ce761cc575f7c3b201f64042629f425f0762 * Add support in cue_export for passing Cue's tags Change-Id: Ic6b8c74d9b13a41121127f660291da15efba9ab9 * Add support in cue_dump for Cue's tags Change-Id: Ib7062ab7c36f864ab43d19ec013ba4ac70362d7c * Removing LICENSE, AUTHORS, and CONTRIBUTING.md from any-sketch Change-Id: I100e643ff626a32aa1af4e240c49c9127d3e97a9 * Removing LICENSE, AUTHORS, and CONTRIBUTING.md from any-sketch-java Change-Id: I7eb1998ce4afad02f16a0614b1088507266a1d53 * Removing LICENSE, AUTHORS, and CONTRIBUTING.md from cross-media-measurement Change-Id: I715d257443108f153baab28fe965f84155257a91 * Removing LICENSE, AUTHORS, and CONTRIBUTING.md from cross-media-measurement-api Change-Id: I9db8f549583cae22462d9a7ec655a762aaab2d8e * Removing LICENSE, AUTHORS, and CONTRIBUTING.md from rules-swig Change-Id: I02457cd6c40ef15c1edc93e9ecd4616348cf0748 * Changing any-sketch WORKSPACE to use local repository Change-Id: I84ec99442da88b16d352c322d075391673199319 * Changing any-sketch-java WORKSPACE to use local repository Change-Id: Icc867c65568241f2fb12cfb9af866490854c401d * Changing cross-media-measurement WORKSPACE to use local repository Change-Id: I145baa80bccd76d2ecf1a91722dfba81be69da16 * Add config file for container register & test cloud settings Change-Id: I59b884691f4232ca0d003c29397043f239c6abc0 * Use variable for container repo prefix Change-Id: I8b426d0ec9f38fa9b8024f5d07de43fadc0bd07d * Remove internal codenames & use variables instead in Cue Change-Id: Ia28f1474644b00a3893d1ed16c4ae6ec51081e84 * Add some missing license headers in any-sketch-java Change-Id: I5664417db2f21abab627c9a9fd1f203c7d71331f * Add some missing license headers in any-sketch Change-Id: Id62abe9ccfe90138bf65e18a7ce596efb9e91e2f * Add some missing license headers in cross-media-measurement Change-Id: I6530772d5ef655f2592199648158f9702ac0bdc4 * Add some missing license headers in rules-swig Change-Id: Ia7d27c7e07b0349aac906859aed7722ee926427e * Fix typo in Cue tag name Change-Id: Ic809dabde7994c60728f53c7f779a6426d8bfaac * Populate the total_requisition_count in the GlobalComputations. Change-Id: Iecfab11c1d6e6d3153731e44af00006a84542ad0 * Drop Google Git auth from presubmit test script. Change-Id: I5217974d01f4d652e1564d6d9e2f09f2463496d1 * Update grpc-health-probe to 0.3.6. This also renames the workspace target to grpc_health_probe. Change-Id: I1db7d82dfbe7cf0065ad44360a6b91b4998cb427 * Set total_requisition_count when creating new computations. Also changed to let the herald set the initial computationDetails. Change-Id: I6eb4bbbe6dc3a241c85d37abf3d102e5e5ba4922 Co-authored-by: Sanjay Vasandani <sanjayvas@google.com> Co-authored-by: Eli Fox-Epstein <efoxepstein@google.com> Co-authored-by: Yunus Yen <yunyeng@google.com> Co-authored-by: Jason Frye <fryej@google.com> Co-authored-by: Yao Wang <wangyaopw@google.com> Co-authored-by: Karl Millar <kmillar@google.com> Co-authored-by: Ugur Akyol <uakyol@google.com>
There remains a situation in which a workaround is not presently possible: if you want to declare a directory and some subset of files beneath it. Say you know the primary output but not some additional outputs which may also be generated and need to be kept. Currently:
Building targets using that rule with RBE fails inside Bazel and no amount of |
I would much prefer not to support this case because the fact that a |
Very reasonable. I should note that Bazel doesn't currently allow separate actions to output a directory and a file within that directory (it gives an error about one artifact being a prefix of the other). It might be nice if this error happened at artifact declaration time instead if this is not intended to be supported. |
I just found this issue while working on a fix for the "other half" over at #15276: Creating the directories corresponding to empty TreeArtifacts, which Bazel's sandbox runners do, but remote execution doesn't (yet). Does anybody see an issue with Bazel adding the output directories to the input tree? I do see great value in having this issue fixed one way or the other and fixing it in Bazel seems much simpler than amending the spec and waiting for all RBE implementations to adapt. If this approach is generally viewed to be viable, I would be happy to implement it. |
Re-reading the discussion above (it's been a few years :)), I believe that should be fine and correct:
So I think it's completely reasonable to use directories in the input to specify what should be pre-created for outputs, and in fact, the most reasonable choice given the spec constraints. (Consistent with my opinion back in 2018: #6393 (comment)) Conversely, I think the only place where this could be problematic is if any servers have specific expectations that a directory is not simultaneously listed in the input root and specified as an output. I can't think of a good reason they would have - needing to support (2) means that input directories must sometimes be writable at some level, so it would seem to be a server-side assertion with no clear technical purpose, and not supported by any spec text (3). Seems unlikely to me... though I won't go so far as to say it's definitely safe for all existing implementations :). Other folk can flag if they know of any implementations that might care. |
/cc @coeuvre |
I just noticed that Bazel's own remote backend implementation doesn't allow for output directories to be listed in inputs, but that does seem to be against the spec. For example, the spec explicitly mentions that the entire working directory can be declared as an output directory. |
By explicitly declaring output directories as inputs to a remote action, this commit ensures that these directories are created by the remote executor prior to the execution of the action. This brings the behavior of remote execution regarding tree artifacts in line with that of local or sandboxed execution. Getting the tests to pass requires modifying a check in Bazel's own remote worker implementation: Previously, the worker explicitly verified that output directories don't exist after the inputs have been staged. This behavior is not backed by the spec and has thus been modified: Now, it is only checked that the output directories either don't exist or are directories. Fixes bazelbuild#6393 Closes bazelbuild#15366. PiperOrigin-RevId: 447451303
By explicitly declaring output directories as inputs to a remote action, this commit ensures that these directories are created by the remote executor prior to the execution of the action. This brings the behavior of remote execution regarding tree artifacts in line with that of local or sandboxed execution. Getting the tests to pass requires modifying a check in Bazel's own remote worker implementation: Previously, the worker explicitly verified that output directories don't exist after the inputs have been staged. This behavior is not backed by the spec and has thus been modified: Now, it is only checked that the output directories either don't exist or are directories. Fixes #6393 Closes #15366. PiperOrigin-RevId: 447451303 Co-authored-by: Chenchu K <ckolli@google.com>
Previously: #6262
Repro:
The text was updated successfully, but these errors were encountered: