Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

TreeArtifacts output directories aren't created with remote execution enabled #6393

Closed
cushon opened this issue Oct 15, 2018 · 33 comments
Closed
Labels
P2 We'll consider working on this in future. (Assignee optional) team-Remote-Exec Issues and PRs for the Execution (Remote) team type: bug

Comments

@cushon
Copy link
Contributor

cushon commented Oct 15, 2018

Previously: #6262

Repro:

cd $(mktemp -d)
git clone git@github.com:cushon/bazel-i6393.git
cd bazel-i6393/
bazel --bazelrc=/dev/null build --config=remote ...
ERROR: /tmp/tmp.pti7hTUec5/bazel-i6393/BUILD:3:1: error executing shell command: '/bin/bash -c cd bazel-out/k8-fastbuild/bin/a_dir && pwd' failed (Exit 1)
/bin/bash: line 0: cd: bazel-out/k8-fastbuild/bin/a_dir: No such file or directory
Target //:a failed to build
@ola-rozenfeld
Copy link
Contributor

The expected behaviour is for the TreeArtifact output directory to be created before the action is executed.

Wait, why? We've always had the opposite expectation, the action itself should create the output directory, just like it should create the output files. This is what the current tests test for, too.

@cushon
Copy link
Contributor Author

cushon commented Oct 15, 2018

We've always had the opposite expectation

That isn't how the local, forge, or sandbox (post-9b8b79002dc9e62bc3fa56525dc4b01c3c2fe805) strategies handle this case.

My model is that the outputs are the contents of the directory. What is the advantage of requiring the action to create the directory?

The issue that prompted the original bug was that earlier versions of javac write output to a directory, but expect the directory to be pre-existing. We could work around that by creating a wrapper script for javac that creates the directory, but it seems strictly better to just guarantee the directory exists.

@cushon
Copy link
Contributor Author

cushon commented Oct 15, 2018

@philwo for 9b8b790

@cushon
Copy link
Contributor Author

cushon commented Oct 15, 2018

also @lberki who said the behaviour [of not creating the directories] was 'surprising' in cl/214229700

@ola-rozenfeld
Copy link
Contributor

If we want remote execution to create the output directories before running the action, this must be explicitly specified in the remote execution API -- which it isn't, and I don't think it would be a good idea. Not only no existing servers support it, but why would they? This means no distinction between an empty output directory and a non-existing output directory. Why would we want to add this limitation? I mean, you can open a PR on the remote-apis repository for the discussion, but it won't be a short process (I foresee a lot of people to convince).

Currently, this sounds like a bug -- Bazel has an action that doesn't properly produce it's outputs when executed remotely. The wrapper idea sounds like the proper fix to me.

@cushon
Copy link
Contributor Author

cushon commented Oct 15, 2018

If we want remote execution to create the output directories before running the action, this must be explicitly specified in the remote execution API

The alternative is to "fix" all of the other spawn strategies to stop creating the output directories, is that the proposal? It feels like a regression to me, but it's probably better than the inconsistency.

This means no distinction between an empty output directory and a non-existing output directory. Why would we want to add this limitation?

In what sense is it a limitation? If an action declares an output directory and doesn't create it, currently it succeeds under remote execution and just doesn't produce output corresponding to that directory. If instead an empty directory was created and the action didn't write any output to that directory, wouldn't that have effectively the same result?

The wrapper idea sounds like the proper fix to me.

I mean, we could also have a wrapper that takes tarballs as input and unzips them, runs the tool, and then packages the outputs back up into another tarball. One of the benefits of TreeArtifacts is that they make it convenient to use tools that consume or produce directory contents without having to write wrapper scripts. Requiring those tools to create the output directories limits the generality of the solution.

@ola-rozenfeld
Copy link
Contributor

In what sense is it a limitation? If an action declares an output directory and doesn't create it, currently it succeeds under remote execution and just doesn't produce output corresponding to that directory. If instead an empty directory was created and the action didn't write any output to that directory, wouldn't that have effectively the same result?

Currently, those actions produce different ActionResults by the remote server. In the first case, the output directory would not be returned at all. In the second case, an empty output directory would be returned. These are different behaviors. You propose to eliminate the distinction forever, by spec. It would also be inconsistent with other outputs -- why should an action always be specified to create all its output directories, but not its output files? Just as there is a difference between an empty output file and a missing output file, there should be a difference between an empty output directory and a missing output directory, imo.

The alternative is to "fix" all of the other spawn strategies to stop creating the output directories, is that the proposal?

I see a few solutions:

  1. patching the remote strategy only to add a wrapper to create output directories
  2. fixing all spawn strategies to use the same wrapper
  3. changing the expectation so that an action is expected to always produce its outputs

I agree 2 is better than 1, although we could also start with 1 and move to 2. I'm not sure what would be required for 3 -- perhaps it's not feasible at all, because rule developers rely on the existing Bazel expectation?

@cushon
Copy link
Contributor Author

cushon commented Oct 15, 2018

why should an action always be specified to create all its output directories, but not its output files?

The language in Command.output_directories currently includes "only the contents of the indicated directories (recursively including the contents of their subdirectories) will be returned", which kind of sounds the directory itself isn't returned, which could suggest it isn't the actions' responsibility to create it. Regardless of what the outcome of this bug is, there might be an opportunity to tighten up the language in the spec.

I'm not sure what would be required for 3 -- perhaps it's not feasible at all, because rule developers rely on the existing Bazel expectation?

It'd be possible to rely on either behaviour, but naively it seems more likely for tools to assume the directory exists than to require that is doesn't exist. (Some tools might assert that it's non-empty, but that's not a problem.)

@ola-rozenfeld
Copy link
Contributor

We thought this is not ambiguous because what we actually return in the ActionResult is a digest of the Tree message, which encodes the entire directory structure -- there is no way to confuse it with just a list of files (and there's no way to not return the directory itself). But yes, you're right that we should phrase this better -- I think I'll just remove the word "contents" altogether for extra clarity.

@bergsieker
Copy link

We had a similar discussion internally a few months ago, asking the question about intermediate directory nodes, and concluded that there wasn't a clear best path forward. :)

I'll note two things:

  • We expected RBE to have other clients aside from Bazel, so we should value clear, unambiguous semantics.
  • We also value uniform behavior between local and remote builds.

I'm inclined to say that at the API layer, we should NOT create output directories. That leaves the semantics clear, unambiguous, and simple. Bazel can then either use a wrapper to create the directories, or precreate them and declare them as inputs. (Do we support empty directories as inputs yet?)

@EricBurnett
Copy link

Before we go down the road of requiring a wrapper for all actions (which seems ugly/clunky enough to force that an API change is potentially better): can bazel specify the desired directory in the input tree? I seem to recall that when we first discussed this we thought that bazel could/should specify the directories it wants pre-created as part of the inputs, in which case it can directly apply the "directories should be pre-created" logic itself fairly easily.

Assuming that's correct, I still prefer not creating directories, but ensuring the caller has the necessary tools to request them be created as desired.

@bergsieker
Copy link

Can someone clarify how Bazel handles this locally? Are the output directories created as part of the spawn, or before the spawn actually executes?

@ola-rozenfeld
Copy link
Contributor

ola-rozenfeld commented Oct 17, 2018 via email

@philwo
Copy link
Member

philwo commented Oct 17, 2018

Bazel's local sandbox strategies create all output directories before running the spawn inside the sandbox: https://source.bazel.build/bazel/+/master:src/main/java/com/google/devtools/build/lib/sandbox/AbstractContainerizingSandboxedSpawn.java;l=102

I can't find it for the local strategies (I think it's somewhere happening in Skyframe), but @cushon recently looked into this and might remember where that was.

@benjaminp
Copy link
Collaborator

I can't find it for the local strategies (I think it's somewhere happening in Skyframe), but @cushon recently looked into this and might remember where that was.

It's handled by SkyframeActionExecutor. (Though with the caveat this is for actions not spawns, which only usually overlap.)

@bergsieker
Copy link

This sample fails in the same way when I run it locally (with or without the linux-sandbox). Is it just me?

If you change the command to "pwd && ls -R && cd %s && pwd" you can see that ./bazel-out/k8-fastbuild/bin is created automatically, but ./bazel-out/k8-fastbuild/bin/a_dir is not, regardless of spawn strategy.

@bergsieker
Copy link

@cushon What is the priority of this issue? I believe it was originally filed as a result of a regression related to updates in javabase handling, and I don't want remote execution to be blindsided by future updates.

@cushon
Copy link
Contributor Author

cushon commented Oct 26, 2018

This sample fails in the same way when I run it locally (with or without the linux-sandbox). Is it just me?

Which version of Bazel are you using? It works for me with 0.18.0 and --spawn_strategy=standalone, and it should work at head with local sandboxing.

What is the priority of this issue?

I'm working around it by not using TreeArtifacts (see 73972b3); it's not blocking.

@ulfjack
Copy link
Contributor

ulfjack commented Mar 17, 2020

Adding the directories as inputs seems odd, too. I think Buildbarn - at least - wants to create the input tree as read-only. I'd be happy with a solution where the client sends a list of directories in the protocol, but I'm unsure about reusing the inputs for that.

@EdSchouten
Copy link
Contributor

Buildbarn ensures that all directories in the input root are writable, regardless of whether they were there explicitly (in the Merkle tree) or implicitly (as parents of outputs). It’s just that input files are read only, to make it possible to have a file cache with hardlinking.

@EricBurnett
Copy link

I think the ship has already sailed on allowing new outputs under the input root somewhere? E.g. with use of working_directory, it's almost certain the outputs will be somewhere other than the root of the action.

@EdSchouten
Copy link
Contributor

Exactly!

fashing pushed a commit to world-federation-of-advertisers/experimental that referenced this issue Jan 27, 2021
…l#6393.

This allows rules_swig to function under remote builds.

Bug: 168150587
Change-Id: I79cc96a4a6119d1d8d286d83fd4807152e722403
kungfucraig pushed a commit to world-federation-of-advertisers/experimental that referenced this issue Jan 27, 2021
* Extract common messages from ComputationControl service requests, replacing the "Handle" method prefix with "Process".

Bug: 169974020
Change-Id: Iaf643d424009d0a979a45b82503b7db94f679557

* Update implementation of ComputationControl service to use definition from system API.

This follows the newer package structure that is being migrated to.

Bug: 169974020
Change-Id: I08e4cf7f5d142e4ddc023230569a9ace4ebc641b

* Move common gcloud, GCS, and Spanner functionality to subpackages of gcloud package.

Bug: 169968333
Change-Id: If7d8d2e79293d9bb2791c74a3eaa458f7d1ce931

* Move package db.kingdom.gcp to kingdom.deploy.gcloud.spanner.

Bug: 169968333
Change-Id: I9ef49a79a08a849f8a61e988d252149a40f3cb20

* Reorganize integration tests; add gcloud subpackage.

Bug: 169968333
Change-Id: I6e2bd3af16d6f3f63744a3f635080ce774b8b7fd

* Restrict visibility of kingdom.deploy.gcloud.spanner subpackages.

Bug: 169968333
Change-Id: I59e1737dd01f34eadf93c8c3eabcd8b1d8050aa4

* Consolidate common gRPC functionality to common.grpc package.

Bug: 169968333
Change-Id: Ie3ce3a5ae8d8cbb33bdea0a688652b1d6856c024

* Move Requisition service implementation and server to appropriate subpackages of kingdom package.

Bug: 169968333
Change-Id: Id48a9a2b4fb175d7f861359f1101f225cc702a59

* Move KingdomApiServer to kingdom.deploy.common.server package.

Bug: 169968333
Change-Id: Ieb6a2cf6f679c465faac5e79de4ab28c0097824e

* Remove ProtoConversions.kt, distributing the conversion extensions to the files where they are used.

Bug: 169968333
Change-Id: I7e7cdaa8d0797fa0d7f0bdbd3ca0dab5c149e5e9

* Fix main_class for ForwardedStorageLiquidLegionsComputationControlServer targets.

Bug: 169974020
Change-Id: I2113cede8aa4df101cb205b618895457666572a2

* Move GrpcTestServerRule to common.grpc.testing package.

Bug: 169968333
Change-Id: I9bef4881055b6cc9f25e85517dcbbd0e08eb328a

* Implement SpannerComputationStatDatabase class

Bug: 171001876
Change-Id: Ic747d46e1b4c42cbd1ec5c6f40833f10162a3eba

* Remove Java code: it is now in a separate repo.

Bug: 171084474
Change-Id: I668a8fab90e8178f8ad54301c1872f6f96d7d8ef

* Populate computation_stats database for Duchies

Bug: 171240428
Change-Id: I01f705dac71b9d8276b95e430d897a89d620e2d1

* Initial commit.

Bug: 171084474

Change-Id: I70fd33bbe07306900df37db1ec52a5c69c8501ed

* Move AnySketch Java code to any-sketch-java repo

Bug: 171084474
Change-Id: I513fd217ef1ca84c951a3ba7c28fac688686ea18

* Bugfix: fix GcsLiquidLegionsComputationControlServer path

Bug: 171254150
Change-Id: Iaa133eafd51c567772223b66113c43354d3ffb32

* Fix a specific version for any-sketch dependency.

Bug: 171084474
Change-Id: I02aa7bc028f258cdb08fb55c1a636e6ef3611316

* Rename FakeStorageService to FileSystemStorageService, moving it to storage.filesystem package.

Bug: 169968333
Change-Id: Ie44df3b09e54cfc97490aa651ed85ceda77738b8

* Add --blob-storage-directory flag to FileSystemStorageServer.

Change-Id: Iacd0e9f452cc49f38745a2d3b2ec40addab9938f

* Moves the mill deamon into the new package structure

bug: 171083941
Change-Id: Idc46c7a9656878d1ba50a7bff824bd0539aceda1

* Remove CLA clause from CONTRIBUTING.md

Bug: 170886383
Change-Id: I9661993b7580aad8d6867a056c5ffb45a1c5cebe

* Add missing license headers to SWIG files.

Bug: 169349187
Change-Id: If1e214a3b6d4ad0187ce64729ec458ee854bb7eb

* Add workspace roots of deps to include path instead of that of current target.

Bug: 171084474
Change-Id: I1c24f3f99ec51d697fcf2d4ed93a05fcde45653f

* Move herald daemon to new package structure

bug: 171083941
Change-Id: Id67fe9d665be5a5995fcb83a67f3bbf8cb670b6c

* Do not use external/ path for external SWIG includes.

This fixes compilation of the generated cc_library target from java_wrap_cc when the java_wrap_cc target is used from another workspace. This change also returns the any_sketch workspace target to Bazel naming conventions, as the conventions apply regardless of any underlying Git repository name.

Bug: 171084474
Change-Id: Ic2414ce1a211cb6bee3e30bcf8a544128cf3acb4

* Update WORKSPACE to use any-sketch-java

Bug: 171084474
Change-Id: Ic2a3886d7cdb33e7bf0b829fabab3218846dfeb9

* Add AUTHORS file

Change-Id: Ic73ae7bfe93692feefd9849ab261960d45028e7d

* Remove unused com_github_tnarg_rules_cue workspace target.

Bug: 167428995
Change-Id: I895b737730d515a6350df25080c53d61d74b9033

* Fix ErrImageNeverPull for kingdom_and_three_duchies_local.

Bug: 169968333
Change-Id: I13262ca7b91938b93a92e85d8619366c4c76e528

* Extract k8s_import targets.

Bug: 168034831
Change-Id: I9edb64cbab98cd1ae746de3baea39dfe7d8c4c61

* Use a wrapper script which calls mkdir to work around bazelbuild/bazel#6393.

This allows rules_swig to function under remote builds.

Bug: 168150587
Change-Id: I79cc96a4a6119d1d8d286d83fd4807152e722403

* Add targets for building a custom container for our Bazel build environment.

Bug: 168619301
Change-Id: I7e0b116624378b100efcc531ccf9182d5e196328

* Track and log the total CPU time of processing a stage in kotlin.

The CPU time measured in this way is much bigger than the wall time (6~7 times larger), need to double check if it is the desired value.

It cannot use getCurrentThreadCpuTime, since the thread id changes in
the block, possible due to how kotlin corountine works.

Change-Id: Ib0f1d237eb6fa8fd6198192ea0a326c72045a1ab

* Update directory structure section of README

Bug: 169934646
Change-Id: Ia7581745b28cc15dfcaf9a88a56c4f6c422caacd

* Extract macros for installing APT and Go packages as layers.

Bug: 168619301
Change-Id: Ia01b490d1e6f4966331e7f8e495cb65c15aaf528

* Install CUE in custom RBE image.

Bug: 168150587
Change-Id: I155114831bdb2a97747a95c9f9005d6fab267109

* Moves metricvalue db abstractions and service to new package structure

bug: 171083941
Change-Id: I394211b0dc69668c10670e44915d9584a96b3e93

* Move computation storage service to new package structure

bug: 171083941
Change-Id: If67d5bf87ee940a099df354a6adb425eaebab5d7

* Move computation db into new structure

bug: 171083941
Change-Id: I7465c45e7cbb5ebf0c58a9bbf9a905e2c5ad7cd8

* Define ComputationStats service.

Bug: 171576235
Change-Id: I14c4ccf4c2cd8812398ac3332435c2ca8d48a8f3

* Add cue_cmd rule, using it to implement the cue_dump macro.

This will make it easier to use a toolchain configuration for CUE in the future. The `dump` CUE command had to be replaced with a `dumpFile` one due to bazelbuild/bazel#5511.

Bug: 168620448
Bug: 171800001
Change-Id: I54dffdc414ba86592fe088570723e9bb3d455960

* Move computationstat db into new package structure

Bug: 171083941
Change-Id: Iae00f5d473887892c943e4de405d55b9c42e2273

* Fix cue_dump resulting in invalid YAML and failing if cue binary not in static Bazel PATH.

Bug: 171800001
Change-Id: Ib1a396828984e2ce3811ad2fc1735ffafb84925d

* Add and use a cue_binaries repository rule for CUE targets rather than relying on having cue in PATH.

Bug: 171800001
Change-Id: I2ac24be3c64ad822ec7b1024867020241e5580ae

* Drop CUE from build environment images, as it is now included as a repository target.

Bug: 171800001
Change-Id: Ie76bcb463e649ffae4e33f310f641bea87b8996a

* Use `cue export` instead of `cue cmd` to generate YAML from CUE.

This also allows the cue_binaries repo target to be downgraded from a pre-release version to the latest release.

Bug: 171800001
Change-Id: I614f6b7df8da504619ed3ff3702c358e2cdfb04b

* Log bytes transmitted between the duchies.

These logs would be replaced by rpcs to the ComputationStatsService when
it is ready.

Change-Id: I1f79256a5e52ff64c20af216481171abab68268c

* Move remaining Duchy code into proper duchy subpackages.

Specifically:
* PublisherData service/server
* ComputationStorageServer
* MetricValueStore/ComputationStore
* LiquidLegionsMillDaemon
* CommonDuchyFlags
* ForwardedStorageLiquidLegionsMillDaemon

Bug: 171083941
Change-Id: I9278457dc046a4c4c63d423f8c44d628c2c4b316

* Add tzdata package to Bazel image.

Bug: 168619301
Change-Id: Idd7c3b6b203b5a29a1c98d1ca4f944f82fb0b33b

* Rename ComputationStorageServiceImpl to ComputationsService.

This does not yet change the name of the gRPC service, that will happen
in a follow-up CL.

Bug: 171972945
Change-Id: I5edb9ec3e62d2622125f837a77a6cb52cefab1c6

* Rename flags for Computations service.

Bug: 171972945
Change-Id: I95779d982f176bfe5a15734b8e4c7f39a4eb9039

* Rename computation_storage_service.proto to computations_service.proto.

This just renames files and BUILD targets. It does not rename the gRPC
service itself. That will happen in a follow-up CL.

Bug: 171972945
Change-Id: I69bc2c3065b6d6fd37c3b5098abd52625b345142

* Rename ComputationsStorageService to Computations.

Bug: 171972945
Change-Id: Ib7b4804e3ab27fc1dab63a9325550e8e17110efc

* Rename variables and classes for Computations service.

Previous CLs renamed the service itself. This CL cleans up some
variables and classes with names like "ComputationStorage" to make them
consistent with the new service name.

Bug: 171972945
Change-Id: Ib40e857130ca5b6d0860a218415eb90912ad5299

* Drop seldom-used package groups.

Change-Id: I1f838023425e81daac744977a1479beaf7e15102

* Add a container_commit_add_apt_key macro, using it to add the Bazel apt key.

Bug: 168619301
Change-Id: I51a4cf0d13bc793807c3abee7f8779d31863d6db

* Move Spanner schemata to spanner subpackages of {kingdom, duchy}.

This also stops embedding schema definition files as Java resources, wrapping access in a SpannerSchema data class.

Bug: 169968333
Change-Id: Iebb5dca6b395aafc9b73aa00a769cd54d65776e4

* Implement an internal ComputationStats service.

Bug: 171895841
Change-Id: Ia57ad3e80c1e9d586d625066a175810fa7d6f2b0

* Fix missing manual tags on targets for Bazel container image.

Bug: 168619301
Change-Id: I337b9a1e31d9b8ccc82732b61b4f8f1c13a9a8d2

* Format all files.

This adds a missing license header to ComputationStatDatabase.kt.

Bug: 169349187
Change-Id: I98274dd7d2be0f44ab3adf743144b29d97634593

* Define a protocol_cryptor which deals with basic crypto operations.

It would be used in various protocols such as two-round and three-round
protocols.

Next step: define the aggregator used inside the
protoco_encryption_utility as standalone class.

Change-Id: I9b9ee1e2b4881a0dd892b1714397deda1edfa98d

* Use the protocolCryptor for SameKeyAggregation related operations.

Change-Id: Ia246ff9436ba3f71b0496e6647575cad38209a70

* Split up SpannerFromFlags to decouple CLI flags

Change-Id: I69c36d816cb11b5e272b58db96903387cf9c016d

* Add ComputationStatsService to ComputationsServer

Bug: 172104863
Change-Id: I4355215a19b7ed761f6b9e7aa9fa4064209445ac

* Normalize the histogram in the anysketch estimator.

Change-Id: Ica02aed7d532734afdba82844adca423b748cf49

* Create JUnit version of e2e correctness test

Bug: 169349682
Change-Id: If046ceb764fc1e23a11dce28f305a9cb11331847

* RPC to createComputationStat for bytes of data transferred

Bug: 172104863
Change-Id: I90e543c2c63e884905116d9228be2922cf916dca

* Normalize the frequency hisogram in the MPC result.

The CL also updates the data type from Long to Double everywhere for the
value.

Change-Id: I1c7769f3503f2d9d71213613fbf0a822c82ea2d4

* Add blob fingerprints into MetricValues Spanner.

This also:

- Verifies the fingerprints when reading blobs.
- Adds some convenience functions for working with bytes and fingerprints.

Bug: b/169062567
Change-Id: I77a223b733cd25c2e9a5f6784dea2fbfc15a8cee

* Add build definition for prowjob_cluster image.

Change-Id: I6792ec337268b6a3041f42fde24a8bdc727a7ec3

* Script to run linters under prow.

Change-Id: I09da8f449644124de401bf27c27c7ea495df8a6f

* Move ComputationStats table under Computations db.

- ComputationStats table interleaves ComputationStageAttempts
- All computation related transactions in same db
- ComputationStatsService is still separate using ComputationDb
- Verified the changes by deploying to GKE

Bug: 172104863
Change-Id: I0ac0e44732e1e0b828a175a9714585844adfe250

* Use the computation stage type in computation stat service

Before this change we were relying on the caller to map the
stage enum to the right long value before sending the request.
This change adds type safety for the stage all the way to the
database write.

Bug: 172104863
Change-Id: I929df0add967ffc24eb5300410463ee5be0c9c27

* Define the three-round liquidlegion MPC protocol.

Change-Id: I2d5ad29fc6241464a213b72072f47176cb2a6c3f

* BugFix: Divide Sketch into chunks to send PDS in CorrectnessTest

Bug: 172676480
Change-Id: I712c9f30ced54af6acabe6b062d9bdcdf685fff0

* Handle Bazel startup options in bazel-docker script.

This also updates the is_rootless check to handle Podman and for the Docker command to be overridden using the DOCKER environment variable.

Bug: 168619301
Change-Id: I250ae22498d0e527aea3ec7e69addd00452306a7

* Drop concept of a separate "clean" Bazel image for lightweight upgrades.

It was error-prone due to the inability to push an image with multiple tags, and gave little benefit in terms of rebuild efficiency.

Bug: 168619301
Change-Id: Ib77d0579cd2822f44b5d79462681d52d06d8a498

* Use pushed Bazel build environment image as base for ProwJob image.

This also includes the Google Cloud APT key in the final image to avoid errors from apt commands, which is useful for debugging and allows usage of the image as a base.

Change-Id: I73f5733da36cb881b683bf4cea87c3370af95854

* Remove unnecessary move that prevents copy elision

Change-Id: I43d49e90cdf56b65a245980db0a068a0e3f0f100

* Improve exception message for mismatching token editVersion

Change-Id: I71839b4e754218e04b625918768e36deaaf5aa34

* Drop duplicate repo targets for binaries.

Change-Id: I65001cf3ee7c345c9a9a0ea96ce73b2608e8c3c3

* Update io_bazel_rules_docker to 0.15.0 release rather than specific commit.

Change-Id: I584b9b1913e2f88a0afaf559bb9c28444ede59b9

* Move protocolStage protos from /internal to /protocol/name

There stage enums are conflicting with each other since they are in the
same namespace.

Change-Id: I9b1b57bf0cada21b33678fee680b034550669185

* Create a c++ library to generate polya random variable.

This will be used for noise generation in various MPC protocols.

Change-Id: I72bad867668d99082e58747cfaff2c9144c82fea

* Log current memory usage before processing a new computation.

Change-Id: I7dfed14d6516050eae2e6747feeba7c82c3470f4

* Set memory JVM flags for Mill.

Change-Id: I7fd03f8edbefd5989019643f023b1351ab93224b

* Insert computations in queue but without active attempt

bug: 172861528
Change-Id: I5660e772410ab17c77fa81baf2200331d249c9fa

* Set attempt ending reason based on computation ending reason

When ending a computation the current attempt of the current stage
was being set to CANCELED no matter the reason for ending the
computation. This meant the last attempt of a successful computation
was marked as canceld instead of succeeded.

bug: 172861528
Change-Id: Ia36e8b59fde93f2b54cb9b30c33377606498b976

* Create the LiquidLegionsSketchAggregationV2Protocol.kt

Renamed LiquidLegionsSketchAggregationProtocol to
LiquidLegionsSketchAggregationV1Protocol

Test for LiquidLegionsSketchAggregationV2Protocol would added in
following CLs

Change-Id: Ib72528152e3089b1da70dfcec2cc93f3cef39bcb

* Add test for the LiquidLegionsV2ProtocolEnumStages

Change-Id: Iaecc86bae0b940b64b1ee1a863641604c30b9bcd

* Drop unused GlobalComputation service definition from public API.

This has been moved to the system API.

Bug: 169974020
Change-Id: I2d487ee4cd55323953858e2af13097c5bfaff5de

* Format all files.

This adds a missing license header to SpannerFlags.kt and fixes Bazel lint errors.

Bug: 169349187
Change-Id: I94e5885380c5eb25feae40328bdebbc7226bb01c

* Add column for protocol type to computations spanner table

The original design was to have each protocol use the same
schema but in different databases. This is in order to move
all computations for all protocols into a single database
which should make it easier to add new protocols to the system.

Change-Id: Ibfc38a73d6a20167f812fb2c6befd3544f8e3238

* Add infrastructure to write protocol type to database

This adds generic types and helper classes to convert from
enums to longs, much like the stages. Later chnage(s) will
actually write and read the computation type to the database.

Change-Id: I9a2880a42a788fab9721b0be7261ec1efdf609aa

* Update the Prow presubmit test script to build all targets before running tests.

This can catch issues with build targets that aren't used by tests, e.g. binaries.

Change-Id: I8dc46557925a4e3b95e726b7a9e3b70bc43e877a

* Disable verbose grpc logging on GKE

Change-Id: Ifdb0a5499bef7dd51329d40711c937857fa173a9

* Remove GlobalComputation from resource diagram.

Bug: 169974020
Change-Id: Ie7b02952cc0271a43d217dc1181787cb3af51711

* Add script for generating PlantUML diagrams.

Change-Id: Ia1dfc1b6945cc69d69e2c8dd3c2e3f130f474dfc

* Move ListCampaigns method to CampaignSearch service.

Bug: 173125480
Change-Id: Iac269e82895514c753dd987699fa305b32d0bc96

* Write Protocol column to computations db

Change-Id: I19394c697f54287164efcca7774bc832418db9a5

* Make Protocol column not null and add to index

Change-Id: I19deebcc6111a786092dfe64d50126f01d26c2dc

* Add RefuseMetricRequisition method to PublisherData service definition.

Bug: 173224789
Change-Id: I7ba2eff44d63a25189c23b2029fcb50baabb15fa

* Add MetricRequisition.State.PERMANENTLY_UNFILLABLE.

Bug: 173224789
Change-Id: Ib15a63f005da2c89260d8fbb6f4a8087cfddf0c6

* Define the proto datatypes used in the 3 round protocol crypto library.

Change-Id: Ic0fbe92cecdedd6f2cb26fd58e4f58d1e46e4ed9

* Define the liquid_legions_v2_encryption_utility header

Change-Id: Ib4a587afdb847838e71efe39534c4d8d5d53bf88

* Delegate DataProviderService.refuseRequisition to RequisitionService.

Note that this method is not yet implemented in RequisitionService.

Bug: 173224789
Change-Id: I3d353768b32a040a1bf3d37a48fab482fcafb59d

* Use absl::Status and StatusOr in the anysketch lib.

Change-Id: I6f20ea0b4e92056439903a270fe0cb4062db4156

* Upgrade various repository targets.

Of particular note for Cloud Spanner Emulator: "Fixed bug where direct index reads of commit timestamp values returned the max timestamp value."

Change-Id: I2945e71a3c02e2961604a0005ab86a22ed192a79

* Use absl::StatusOr in the anysketch-java lib.

Change-Id: Ibd7ded9dde179096cdfcce2609568fce3e280221

* Add UpdateComputation method to the computationControlService definition.

All other methods would be deprecated and deleted.
Also defined the internal AsyncComputationControlService proto.

Change-Id: I9d4f565323ebaffefcb02bf6812fab0d31d36616

* Use absl::Status and StatusOr in the measuremenet system repo.

Change-Id: I08d78f77cfccdba4ae8983b7fb67e9a4aead4153

* Use clang for C++ compilation.

This includes updating the build environment images for Bazel/Prow.

Bug: 173530993
Change-Id: I77e0cd8aa1072b2f18767063d8acc49b072d687f

* Specify canonical reproducible versions of repo targets.

Change-Id: I78616c1e0a55a04c8f841583a3aa966c1d37287d

* Add a system API version of Requisition service with FulfillMetricRequisition method.

Bug: 173449532
Change-Id: I77efa7f5a395609b6627864e62868bcd244b6054

* Make e2e test wait for all pods and add sleep

The readiness check in the e2e test has been allowing the test to run before all servers are ready. Wait until all pods are running or have succeeded. Then wait 30 seconds in case servers are running but not yet ready to accept connections. Eventually we should replace this with real readiness checks in the servers.

Bug: 169349682
Change-Id: Ie3de44da7cb294e1e84daeb3b480e42ef5700c79

* Call FulfillMetricRequisition on system Requisition service from PublisherData service impl.

Bug: 173449532
Change-Id: Iaa16b1633b4922d1048904bc74282fc4cf64c507

* Rename proto names in the crypto lib methods.

1. renamed ElGamalPublicKeys to ElGamalPublickKey, and ElGamalKeys to
ElGamalKeyPair.
2. deleted the ElGamalPublic and ElGamalKeyPair kotlin class due to name
conflict, changed to use the proto directly in the config map.

Change-Id: I25d805791cd43e06cc3953d4c1a10bc3e7270155

* Add a BatchProcessing method to the protocol_cyptor

Change-Id: I7e9a82cd22264af224afd14e0ffd01bfe7ecccd5

* Update SketchSql to be BigQuery-compatible.

This also fixes some bugs.

Bug: 173433998

Change-Id: I946dc0cc72927f25f6e8b93af9747d155a34e3b2

* Update build dependency documentation to include Clang.

Bug: 173530993
Change-Id: I206906fc0d2681daedabcbb87811ed9d9b02b12e

* Implement the CompleteReachEstimationPhase method.

A EndToEnd_threeRoundProtocol test would be added when all methods are
implemented.

The protocol_encryption_utility would eventually be deleted when the
three round protocol is done. So there are some code duplications
currently between it and the new liquid_legions_v2_xxx

Change-Id: I3618321447d83928a3ec72ac0befeef07928f950

* Delete the ph key in the requests/responses.

since it is not expected to be used.

Change-Id: I726fed5a4987d037f3cc1e69200316fee3af5207

* Rename the field in the ElGamalKeyPair and ElGamalPublicKey  protos.

Change-Id: I236a4a1c9ef752eb9386ca505df654a1b55cbcfe

* Drop FulfillMetricRequisition method from public Requisition service.

Bug: 173449532
Change-Id: I3cf0b8e36e1f2254e3d5b7b16f4bee5c77dd298d

* Call FulfillMetricRequisition on system Requisition service from integration test.

Bug: 173449532
Change-Id: If49597cb0515b8d92043d27b3ff3e5695f5df9f9

* Drop fulfillMetricRequisition from public Requisition service implementation.

Bug: 173449532
Change-Id: Icbf47a5502262a272efabd9e33c2da77bd4b739f

* Fix typos in the proto.

Change-Id: I2c3a26ca3de8f37fcf8269f6c93720d90e60a54f

* Create a skeleton AsyncComputationControlService.

Change-Id: Ib91497a37a8aaa7df7b22bb23d7144d8bb769178

* Add a destroy_strategy field to the EncryptSketchRequest.

The liquidLegion V1 two-round protocol is using the CONFLICTING_KEYS
option.
The V2 three-round protocol will use the FLAGGED_KEY option.

Change-Id: I5f34eb1ddc75bcb2c6c60f88bdfe7392c87e5de3

* Define a ComputationsEnumHelper which deals with all protocols.

The protocol specific StagerEnumHelpers would not be used outside this
class any more.

Change-Id: I414043c7d7314de5edcac9edd0b3d3c1c5e213ec

* Update the computationsService/Db etc. to support all protocols.

1. Added protocolT to all necessary interfaces.
2. Switched all usages of StageT to use ComputationStage instead of protocol specific stages.

Change-Id: I482fc96c5db13a00cc2015e66ebf1ce9978af191

* Throw FAILED_PRECONDITION error from internal RequisitionsService.fulfillRequisition if state could not be transitioned.

See https://google.aip.dev/216

Bug: 173449532
Change-Id: I7b6a1bb7ae954c1e52d4821ca30d2eaeeb3c3c0f

* Remove unnecessary RequisitionTransition typealias.

Bug: 173449532
Change-Id: Ifeeec9aee00972c5d8f36aa434ccd1cc11d6b960

* Encrypt destroyed registers according to the DestroyedRegisterStrategy.

Change-Id: I90d7790d02d93183782fb175997af3659ad3026e

* Using absl::string_view where it is accepted in the crypto lib.

Change-Id: I7795009ed9b3b444826356d7fa498396273feba6

* Use absl::string_view for string constants.

Change-Id: I8047530cb28ed80c58399ec632ab64b6e1250e92

* Add KingdomRelationalDatabase.getRequisition, with tests against the interface methods.

This also fixes the following bugs in createRequisition:
* The denormalized provided_campaign_id field is not set in the return value when a new requisition is inserted.
* create_time is overridden in the return value when a matching requisition already exists.

Change-Id: I3f74cdd5afd4b85be9279533298d0e15cbdc8009

* Implement the CompleteReachEstimationPhaseAtAggregator() for LL_V2

It is very similar to the BlindLastLayerIndexThenJoinRegisters() in the
LL_V1 protocol. The only difference is that in LL_V2 we return two flags
after sameKeyAggregation.

An e2e test will be added when all methods are implemented.

Change-Id: Ia515df800f6d72652049a4ddc5c584693f9fdc3e

* Unwrap SpannerExceptions thrown by AsyncRunner.runAsync.

Change-Id: I88c9757bb26092a215e2e229fa1aa181eaf76a56

* Assert that active_register_count is less than num_of_total_registers.

Change-Id: I3d8f8c2e64e917fbf8c3595df28e7b3b19208d21

* Add HealthCheck to CommonServer

Bug: 169701399
Change-Id: I1c4e012d8a4da26efce434f82eb8c382a00252d7

* Extract refusal details to MetricRequisition.Refusal message.

This allows the refusal details to be retrieved at a later time.

Bug: 174685344
Change-Id: Idc516da4677ce8a86fc3d8920aa70d87f455b211

* Estimate the reach at the end of round 1 of aggregator.

Also add a TODO to add noise here.

Change-Id: I58215ce0a2c589575c9726ea156b399e2215ce86

* Implement the CompleteFilteringPhase() method for the LL_V2 protocol.

An e2e test will be added when all methods are implemented.

Change-Id: Iba9aed324950e0039ce3f3b0befb022bc8b7d529

* Implement the CompleteFilteringPhaseAtAggregator() method for the LL_V2 protocol.

An e2e test will be added when all methods are implemented.

Change-Id: If452420ef0821f7adbf0799a9daf764d0e28db93

* Populate refusal field in RequisitionService.listRequisitions.

Bug: 174685344
Change-Id: Iee88ee5f38261412db8e1773821b30b20d133635

* Add and implement KingdomRelationalDatabase.refuseRequisition.

Bug: 174685344
Change-Id: Ieed51fb50d60e365081c3df9c925898bfe4a17dc

* Update anysketch-java to use latest anysketch c++ code.

Change-Id: I90f6fcd38e70d48c77076b24c70f504edba94718

* Use the latest anysketch libs in the system repo.

Change-Id: I1dc4f6034747c21a8f5d5709271eb367e4b28d5b

* Add a SimpleSpannerWriter for cases where the SpannerWriter result is the non-null transaction result.

Change-Id: Idf49a85b0f0d2467522bee5880c7a5026ed7fd0a

* Implement the CompleteSetupPhase() method.

Currently, we only shuffle the registers. Noise would be added later when
the noise strategy is determined.

Change-Id: I0130aab9d89daca177453a0198619dae18a26995

* Implement the CompleteFrequencyEstimationPhase method for the LL_V2 protocol.

In this phase, a non-aggregator work will decrypt the the local ElGamal encryption on the
SameKeyAggregator (SKA) matrix.

An e2e test will be added when all methods are implemented.

Change-Id: Ie24ee4b3dc6729f195b70628c30b65b11f926837

* Forbid non-positive count values in sketches.

Since we don't decrypt the counts in the three-round protocol, we are not able to filter out these zero count registers. If we allow zero count registers, the cardinality estimation will not be accurate.

Change-Id: I7749c723c0f0acdac90a0a54054d2ddb3700859b

* Update any_sketch and any_sketch_java repo targets to canonical reproducible forms.

This was missed in afcc4ff.

Change-Id: I99121a4d3d3c13a01644cf78bc6ad3b20a2841f3

* Set initial requisition state in KingdomRelationalDatabase.createRequisition.

This more closely matches the principle of ignoring output-only fields in request inputs (see https://google.aip.dev/203#output-only).

Bug: 174685344
Change-Id: Ie8553d3dfdb389a27314bdd317ef2d24acf33b55

* Encrypt count values greater than max_frequency as max_frequency + 1.

Change-Id: Ifb4fd646a08cf87ac9c755b1a6025bbb783d4d8d

* Define the liquid_legions_v2_encryption_utility_wrapper.

This is to be used as the JNI interface.

Change-Id: Ied0058652ceab180c31bd9665549b6385378c80e

* Add a few clarifying comments to AsyncComputationControl

Change-Id: Ice551b4fa031476622f86dda853474b321bf5fef

* Point to the latest any-sketch repo.

Change-Id: I35c2b7e7fcfa283bcb7b36939f567c169d358324

* Refactor the ComputationDataClient to support all protocols.

Major update:
1. Changed the ComputationDetails proto to be protocol specific.
2. Put the entire computationDetails in the token instead of putting muiltiple string fields.
3. Moved the role selection from the GcpSpannerComputationsDB to the ComputationService. (using globalID instead of LocalID)

TODO:
1. use fixed role (from flag) at a duchy for LL_V2 protocol computations.
2. the herald creates LL_V2 computations (hard coded or according to the kingdom's response)

Change-Id: Iacd2ac25dba4a2ee3d6d9cb6867dd49f301780e1

* Specify app.kubernetes.io/name label on all objects.

Bug: 175070690
Change-Id: I28f62768d75d646e680adc58c8adaf85e03cabaa

* Delete K8s objects by selector in k8s_apply, rather than attempting to delete by manifest file.

Bug: 175070690
Change-Id: I599624c7eb702d3fd046fbdadbca1c912b6f3c48

* Implement the CompleteFrequencyEstimationPhaseAtAggregator() method.

Also add an e2e test for the liquid_legions_v2_encryption_utility library.

Minor Update to the code:
1. stop using zero_offset constant, but compare with actual 0 directly, which saves plenty of crypto additions.

Change-Id: I610475b4bd2f68a77f15b680ef56e74a7126ecf6

* Set up JNI for the LL_V2 crpyto library.

Also pointed the WORKSPACE to the latest any-sketch library, which
forbids the count value to be 0. Deleted/fixed the impacted tests.

Change-Id: I7a016a77c1eccab31c7b005eac411a878c06b582

* Rename liquidLegionsMill to liquidLegionsV1Mill

Change-Id: I2282487e0f2653b4e4049e83f706cf407a0d3e0b

* Extract the common pieces of mills into a MillBase.

Change-Id: Ia868d1e0cbc92fbddbb2c679bb8ef16a96e28e38

* Setup the liquid legions v2 mill and implement the first two methods.

i.e., confirmRequisitions() and completeSetupPhase()

Change-Id: Ia5c480f4b0c0085bce96ad2b0a3a1f8a6709fb7a

* Implement all the other methods in the LiquidLegionsV2 mill.

Change-Id: I7e3070aada30af430ed9324e2d4d4ddb0a4bd11f

* Use an action map to organize actions in the mill.

Change-Id: I9809a4dc51516a21eeaa7060093823823eb5d0f3

* Clean up MillBase.

* Make the terminal stage of a protocol an abstract property of
MillBase, so MillBase does not need to be aware of protocol specifics.

* Fix bug where the stage logged in MillBase::processComputation is
v1-specific.

* Fix bug where the computationType is not set correctly in
MillBase::getLatestComputationToken.

* Fix formatting.

Change-Id: I39bb4ecb770612fae39a30affa91bd939588d892

* Reformat MillBase to be consistent with codebase

Change-Id: I1e029614ad3c3315af6cde86ffd72c8249763896

* Fix some typos.

Change-Id: If5c2083b0201be940abe7d2f7f83104e65dc0e70

* Add BlobMetadata type PASS_THROUGH

There are some blobs that inputs to a stage which are also
carried over as output of the stage. There was no representation
of that in the DB so it had to be encoded in kotlin logic. This
makes it harder to have a generic handeler of messages in the
computation control service.

Change-Id: I5cd39af2f7b3610ab8e5babbcc4c9d90bc5318df

* Implement LiquidLegionsSketchAggregationV1 in AsyncComputationControlService

Change-Id: I5a768f00781433fae07aa176589a87d42b55686e

* Add LIQUID_LEGIONS_SKETCH_AGGREGATION_V2 to Async CCS

Change-Id: Ia2c2835b6a7d731facb6158d20382dad776bccb7

* Don't run buildifier lint check on delted build files

buildifier has a non-zero exit status for files that do not exist, which
means deleting a build file caused lint failures.

Change-Id: Id346e40e0a665defbad46f822bf21b7103fb5da2

* Implement system level Computation Control Service

The liquiud legions specific one will be removed in
a follow on commit.

Change-Id: Id57182f641e474b2f682ba992fa101b374f6c3f8

* Swap LiquidLegionsV1Mill to new advance computation request

This also replaces the liquidlegionsV1 server with the single
external facing comptuations control server.

Change-Id: Iba1bd71f699ad634ca1c96b489288d8ebf42725e

* Fix the correctness test in kind.

Change-Id: I4fac69de8e8745c93374be1e43e0bcfe05ae9ec7

* Update the herald to a generic version.

So for, it is still hardcoded to create LL_V2 computations.

TODO:
1. Add protocol into the globalComputation proto.
2. Create corresponding computation in the herald.

Change-Id: Ie4921fe3c70aa8250c938ec9e18b26678da5d208

* Fix correctness test on GKE.

Change-Id: Ia7377e4386b12e395a5234625c33b60f092b8e7f

* Add initContainers to pods in cue config

- initContainers make sure the dependent servers are up and running
- Will be adding readinessProbe in the next cl

Bug: 169701399
Change-Id: I3a1f70240be75dc178ac140697b926196a5fd37a

* Log time differently from other metric.

Change-Id: Ib1aada6a9df9cbee782d767bb4dad9582363dbd5

* Update the integrationTest and correctness to use LL_V2 protocol

Currently, it is hardcoded to do so. In the future the computation type
should come from the kingdom.

Change-Id: I331bf409f43ca031f095e93067eadb9501f55879

* Add an UpdateComputationDetails method to the ComputationsService.

There will be 2 usage cases so far.
1. The LL_V2 protocol estimates the reach in round 1, the result will be cached in the computation_details and attached to the final report in round 3 when the mill reports to the kingdom.
2. The CompleteFrequencyPhase result(freqeuncy distribution map) would be cached inside the computation_details instead of in the blobstore. The cache will be used for retry if necessary.

Note that, most fields in the computation_details are not suitable for updating. e.g., the computationRole, the blob_storage_prefix, etc. However, since the service is an internal only service, we assume the caller knows what it is doing and won't mess up it is own computation.

Change-Id: I45759563bb77c672025f45f5d673c4a433d62412

* Implement the UpdateComputationDetails method.

Change-Id: Ie7829da4d5f601fbd81088508ada16e32b30f491

* Add ReadinessProbe to Server pods

- ReadinessProbe will use grpc_health_probe to check the statuses of the servers every x seconds.

Bug: 169701399
Change-Id: I24e333bbef9a25710346d745a514f5f39f899d17

* Add grpc_health_check_bin to fake-storage-server data

Change-Id: I824cabb969cea67833a34224ddd28aac767608cb

* Cache reach esitmate and send to kingdom together with frequency later.

Remove frequency estimate from the ComputationDetails, since it is
already being cached in the blob.

Change-Id: I0d1081197bfff6278c089cfaf5ec4133f7aa2cd0

* Rename the LL_V2 proto phase names to EXECUTION_PHASE_ONE/TWO/THREE.

There will be minor updates to what we do in each phase, and the old
names won't be accurate anymore.

The major change is that reach estimating is deferred to the end of execution phase two,
before which some noises are filtered out.

Change-Id: Ifad73ca00552ec9fa9f011cb03fce27ed6297222

* Adds a SHA256 Fingerprinter in C++.

This also moves the C++ implementation more in line with the Java
implementation by renaming HashFunction to Fingerprinter.

Bug: 177600980
Change-Id: If731ac39d535e7fcc265764c521f03acc6af8e10

* Seed v2alpha version of public API from v1alpha.

The meaningless file ending changes to v1alpha are for Git to detect the copies without --find-copies-harder.

Bug: 159032794
Change-Id: I3d345c08e4e952d00e6490b3f30590197bcda45c

* Simplify the public API resource messages for measurement consumer use.

* Rename Advertiser to MeasurementConsumer.
* Rename Campaign to EventGroup.
* Add Measurement resource.
* Change the cardinality of MetricRequisition such that there's one per (DataProvider, Measurement) pair.

Bug: 159032794
Change-Id: Ibbb730ec3b2b3002691001f97d300fbd18fcd5a4

* Redefine public API services such that each service corresponds to a single resource type, except for the Duchy RequisitionFulfillment service.

 * DataProviderRegistration -> DataProviders
 * MeasurementConsumerRegistration -> MeasurementConsumers
 * EventGroupSearch -> EventGroups
 * Requisition -> Requisitions
 * PublisherData -> RequisitionFulfillment

Bug: 159032794
Bug: 174863707
Change-Id: I2c077b3bf467d0077068e49804d114306633bedd

* Update the math lib to support our actual use case.

Change-Id: Ia390f9fee7fd36f99314ef08e4a028a41439cba8

* Use the latest PJC rego.

Change-Id: I1f53cdede0ca9c817bda6e66b23ff16e62c36749

* Use latest any-sketch and PJC repos.

Change-Id: I89d16ed431a9c3783edb0bb07ccc8a2840fffbcd

* Use the RETURN_IF_ERROR macro from the PJC repo.

The PJC repo added this macro recently, now it is causing a macro duplicated
warning.

Change-Id: I680ed6b7d6a80a5953f06142acf55adaee8d4a5e

* Update the noise parameters proto.

Four types of noise registers are to be added in the setup phase.
1. blind histogram noise  (R, F2 <>)
2. noise for publisher noise (C1, R, <>)
3. global DP noise for reach  (R, F1, <>)
4. padding noise  (C2, R, <>)

1, 2 and 4 will be filtered out before estimating reach.
3 will impact the reach estimate but will be filtered out before
estimating the frequency.

The total number of all above noise registers will be equal to an agreed constant.

Change-Id: I005f5428c324deb5a331218e978dd9c580cb915b

* Add measurements service

Bug: 159032794
Change-Id: I8db25770e35d62424d2224da303d08eaa52e35f1

* Point any-sketch-java to the latest any-sketch repo.

Change-Id: I831962a339598ca2fcb042af6e65d8ff83c6576d

* Cut off the frequency estimate at max_frequency instead of max_freqeuncy+1.

In other words, all frequency >= max_frequency would be counted as
max_frequency now.

Also make the code consistent with the comment. No the 2-D SKM is a
(max_frequency-1) by N matrix, i.e., the row means different frequency
values, the column number is equal to the number of 4-tuples.

Change-Id: I6c26ceb4ea7ddad64d04a828890d9e5fd37feff2

* Support cryptographic consent signaling in public API.

Assumptions:
* The MeasurementConsumer and DataProviders have exchanged root certificates and the MeasurementConsumer has obtained the Aggregator's root certificate out-of-band.
* A one-time set of keys is generated by the MeasurementConsumer for each measurement: one encryption key pair and one signing certificate.
* SketchConfigs and CombinedPublicKeys are well-known to participants, such that participants are not relying on the Kingdom as the single source-of-truth for them.
* Each encrypted value is symmetrically encrypted using a key derived from a shared secret from a key-agreement protocol applied to a pair of public keys.

Bug: 175707034
Change-Id: Ic7a8310dea373ec5e36d6f7fd1b71377adb4be15

* Implement noise creation in the setup phase.

The noise is not handled by the protocol yet.

Change-Id: I9a6b1795f2f6defddf54a1f6dff75cd38c71ddf7

* Update a comment in the any-sketch lib.

Change-Id: I990358fe4a970e2f5d7de95454d9c8d7fa1b10ac

* Handle the reach noises in the MPC protocol.

1. Moved reach estimate from the end of phase 1 to the end of phase 2.
2. The mill is not setting noise paramters yet.

Change-Id: I87f4e49ddaa3a0cdad66e2174132838f6c61ca77

* Update @rules_proto to revision cfdc2fa31879c0aebe31ce7702b1a9c8a4be02d2.

This appears to address build errors with Bazel 4.0.0 by updating the underlying @com_google_protobuf target to a newer version.

Change-Id: I9928cb725a920992dd931dd177d9fccd151b051f

* Update repository targets for Bazel 4.0.0 compatibility.

Change-Id: Id9590ae87d303ce1fd7839417de2dac8e152f857

* Fix syntax error in WORKSPACE.

Change-Id: I0f81111fb207e4e0d71bafd1e816c39d7724acc3

* Generate and handle frequency noise in the protocol.

Also, in oder to test pure noise without actual data, changed the behavior of all methods to
accept empty input.

Change-Id: If9513158fd4f51d6144a99e3db026282d1fb6d18

* Minor updates to the LLV2 protocol.

Change-Id: I2100f6989926a5c56465fe6f7bd6d4a604a3ad2c

* Add total_requistion_count to GlobalComputation.

This number is required by all duchies during noise generation.

Change-Id: I2f13bc9310dedcea0c6aeba9b465912d28043d80

* Add total_requisition_count to LLV2 computatonDetails.

Change-Id: Ib2ae49df6879cc160ec7c736dbfca4decf354f9b

* Adding AUTHORS and CONTRIBUTING.md

Change-Id: I8bec9fa046af66f6f539bae60b7ee93c147bdc7c

* Changing some references to Open Measurement to Cross-Media Measurement

Change-Id: Id983202c03aee346eddfd83dfd914eea30d28bd1

* Add hyphen to Cross-Media in AUTHORS

Change-Id: I069353d333c521fc0ef45ea046ab3e7554962043

* Changing any-sketch license headers to refer to Cross-Media Measurement Authors

Change-Id: Ib148509530123d99cc4feccd1c1e09cb84dd8678

* Changing any-sketch-java license headers to refer to Cross-Media Measurement Authors

Change-Id: Ic498b9f46eb9525a6fc8b08c1249d01ea3ad3ef7

* Changing cross-media-measurement license headers to refer to Cross-Media Measurement Authors

Change-Id: I468321ff1674f21e48758cb4f33a3b15dfc759eb

* Changing cross-media-measurement-api license headers to refer to Cross-Media Measurement Authors

Change-Id: If0ee805eded84cae6dced34d917b80bdf113f65b

* Changing rules-swig license headers to refer to Cross-Media Measurement Authors

Change-Id: I8830ce761cc575f7c3b201f64042629f425f0762

* Add support in cue_export for passing Cue's tags

Change-Id: Ic6b8c74d9b13a41121127f660291da15efba9ab9

* Add support in cue_dump for Cue's tags

Change-Id: Ib7062ab7c36f864ab43d19ec013ba4ac70362d7c

* Removing LICENSE, AUTHORS, and CONTRIBUTING.md from any-sketch

Change-Id: I100e643ff626a32aa1af4e240c49c9127d3e97a9

* Removing LICENSE, AUTHORS, and CONTRIBUTING.md from any-sketch-java

Change-Id: I7eb1998ce4afad02f16a0614b1088507266a1d53

* Removing LICENSE, AUTHORS, and CONTRIBUTING.md from cross-media-measurement

Change-Id: I715d257443108f153baab28fe965f84155257a91

* Removing LICENSE, AUTHORS, and CONTRIBUTING.md from cross-media-measurement-api

Change-Id: I9db8f549583cae22462d9a7ec655a762aaab2d8e

* Removing LICENSE, AUTHORS, and CONTRIBUTING.md from rules-swig

Change-Id: I02457cd6c40ef15c1edc93e9ecd4616348cf0748

* Changing any-sketch WORKSPACE to use local repository

Change-Id: I84ec99442da88b16d352c322d075391673199319

* Changing any-sketch-java WORKSPACE to use local repository

Change-Id: Icc867c65568241f2fb12cfb9af866490854c401d

* Changing cross-media-measurement WORKSPACE to use local repository

Change-Id: I145baa80bccd76d2ecf1a91722dfba81be69da16

* Add config file for container register & test cloud settings

Change-Id: I59b884691f4232ca0d003c29397043f239c6abc0

* Use variable for container repo prefix

Change-Id: I8b426d0ec9f38fa9b8024f5d07de43fadc0bd07d

* Remove internal codenames & use variables instead in Cue

Change-Id: Ia28f1474644b00a3893d1ed16c4ae6ec51081e84

* Add some missing license headers in any-sketch-java

Change-Id: I5664417db2f21abab627c9a9fd1f203c7d71331f

* Add some missing license headers in any-sketch

Change-Id: Id62abe9ccfe90138bf65e18a7ce596efb9e91e2f

* Add some missing license headers in cross-media-measurement

Change-Id: I6530772d5ef655f2592199648158f9702ac0bdc4

* Add some missing license headers in rules-swig

Change-Id: Ia7d27c7e07b0349aac906859aed7722ee926427e

* Fix typo in Cue tag name

Change-Id: Ic809dabde7994c60728f53c7f779a6426d8bfaac

* Populate the total_requisition_count in the GlobalComputations.

Change-Id: Iecfab11c1d6e6d3153731e44af00006a84542ad0

* Drop Google Git auth from presubmit test script.

Change-Id: I5217974d01f4d652e1564d6d9e2f09f2463496d1

* Update grpc-health-probe to 0.3.6.

This also renames the workspace target to grpc_health_probe.

Change-Id: I1db7d82dfbe7cf0065ad44360a6b91b4998cb427

* Set total_requisition_count when creating new computations.

Also changed to let the herald set the initial computationDetails.

Change-Id: I6eb4bbbe6dc3a241c85d37abf3d102e5e5ba4922

Co-authored-by: Sanjay Vasandani <sanjayvas@google.com>
Co-authored-by: Eli Fox-Epstein <efoxepstein@google.com>
Co-authored-by: Yunus Yen <yunyeng@google.com>
Co-authored-by: Jason Frye <fryej@google.com>
Co-authored-by: Yao Wang <wangyaopw@google.com>
Co-authored-by: Karl Millar <kmillar@google.com>
Co-authored-by: Ugur Akyol <uakyol@google.com>
purkhusid added a commit to purkhusid/rules_proto_grpc that referenced this issue Feb 13, 2021
@shahms
Copy link

shahms commented Feb 26, 2021

There remains a situation in which a workaround is not presently possible: if you want to declare a directory and some subset of files beneath it. Say you know the primary output but not some additional outputs which may also be generated and need to be kept. Currently:

def _impl(ctx):
    resources = ctx.actions.declare_directory("{name}.d".format(name = ctx.label.name))
    primary_output = ctx.actions.declare_file("{name}.d/{name}.html".format(name = ctx.label.name))
    ctx.actions.run_shell(
        command = "touch \"$@\"",
        outputs = [resources, primary_output],
        arguments = [primary_output.path],
    )
    return [DefaultInfo(files = depset([resources]))]

dir_and_file = rule(
    implementation = _impl,
)

Building targets using that rule with RBE fails inside Bazel and no amount of mkdir in the script will fix that. While you can just declare the directory, it is useful for a variety of reasons to be able to have a File nominating both the primary output as well as the containing directory. With the current remote semantics, that's not possible.

@lberki
Copy link
Contributor

lberki commented Mar 1, 2021

I would much prefer not to support this case because the fact that a declare_file file refers to a subset of declare_directory directory makes for very complicated behavior: for example, what if they come from different actions (or even configured targets) and then one action needs to be invalidated and the other does not?

@shahms
Copy link

shahms commented Mar 1, 2021

Very reasonable. I should note that Bazel doesn't currently allow separate actions to output a directory and a file within that directory (it gives an error about one artifact being a prefix of the other). It might be nice if this error happened at artifact declaration time instead if this is not intended to be supported.

@fmeum
Copy link
Collaborator

fmeum commented Apr 22, 2022

I just found this issue while working on a fix for the "other half" over at #15276: Creating the directories corresponding to empty TreeArtifacts, which Bazel's sandbox runners do, but remote execution doesn't (yet).

Does anybody see an issue with Bazel adding the output directories to the input tree? I do see great value in having this issue fixed one way or the other and fixing it in Bazel seems much simpler than amending the spec and waiting for all RBE implementations to adapt. If this approach is generally viewed to be viable, I would be happy to implement it.

@EricBurnett
Copy link

Re-reading the discussion above (it's been a few years :)), I believe that should be fine and correct:

  1. With the deprecation of output_directories in the spec and the switch to output_paths where it's not defined ahead of time whether an output will be a directory or a file, servers do not have the information to create output directories proactively. (Though they should be creating parent directories, per comment on output_paths).
  2. With the existence of working_directory, it's generally expected that outputs may fall somewhere under the input root.
  3. And more broadly, nothing has ever specified they should be disjoint.

So I think it's completely reasonable to use directories in the input to specify what should be pre-created for outputs, and in fact, the most reasonable choice given the spec constraints. (Consistent with my opinion back in 2018: #6393 (comment))

Conversely, I think the only place where this could be problematic is if any servers have specific expectations that a directory is not simultaneously listed in the input root and specified as an output. I can't think of a good reason they would have - needing to support (2) means that input directories must sometimes be writable at some level, so it would seem to be a server-side assertion with no clear technical purpose, and not supported by any spec text (3). Seems unlikely to me... though I won't go so far as to say it's definitely safe for all existing implementations :). Other folk can flag if they know of any implementations that might care.

@lberki
Copy link
Contributor

lberki commented Apr 25, 2022

/cc @coeuvre

@fmeum
Copy link
Collaborator

fmeum commented Apr 28, 2022

I just noticed that Bazel's own remote backend implementation doesn't allow for output directories to be listed in inputs, but that does seem to be against the spec. For example, the spec explicitly mentions that the entire working directory can be declared as an output directory.

fmeum added a commit to fmeum/bazel that referenced this issue Jul 6, 2022
By explicitly declaring output directories as inputs to a remote action,
this commit ensures that these directories are created by the remote
executor prior to the execution of the action. This brings the behavior
of remote execution regarding tree artifacts in line with that of local
or sandboxed execution.

Getting the tests to pass requires modifying a check in Bazel's own
remote worker implementation: Previously, the worker explicitly verified
that output directories don't exist after the inputs have been staged.
This behavior is not backed by the spec and has thus been modified: Now,
it is only checked that the output directories either don't exist or are
directories.

Fixes bazelbuild#6393

Closes bazelbuild#15366.

PiperOrigin-RevId: 447451303
ckolli5 added a commit that referenced this issue Jul 7, 2022
By explicitly declaring output directories as inputs to a remote action,
this commit ensures that these directories are created by the remote
executor prior to the execution of the action. This brings the behavior
of remote execution regarding tree artifacts in line with that of local
or sandboxed execution.

Getting the tests to pass requires modifying a check in Bazel's own
remote worker implementation: Previously, the worker explicitly verified
that output directories don't exist after the inputs have been staged.
This behavior is not backed by the spec and has thus been modified: Now,
it is only checked that the output directories either don't exist or are
directories.

Fixes #6393

Closes #15366.

PiperOrigin-RevId: 447451303

Co-authored-by: Chenchu K <ckolli@google.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
P2 We'll consider working on this in future. (Assignee optional) team-Remote-Exec Issues and PRs for the Execution (Remote) team type: bug
Projects
None yet
Development

Successfully merging a pull request may close this issue.