[PM] Enhance single version requirements imposed during bootstrapping #5675
Conversation
AMoo-Miki
requested review from
ananzh,
kavilla,
ashwin-pc,
joshuarrrr,
abbyhu2000,
zengyan-amazon,
kristenTian,
zhongnansu,
manasvinibs,
ZilongX,
Flyingliuhub,
BSFishy,
curq,
bandinib-amzn and
SuZhou-Joe
as code owners
AMoo-Miki
force-pushed
the
common-ground
branch
from
3be6ded
to
bfb31ce
Compare
Codecov ReportAttention:
Additional details and impacted files@@ Coverage Diff @@
## main #5675 +/- ##
==========================================
- Coverage 67.02% 66.99% -0.04%
==========================================
Files 3294 3294
Lines 63307 63345 +38
Branches 10071 10089 +18
==========================================
+ Hits 42432 42438 +6
- Misses 18430 18457 +27
- Partials 2445 2450 +5
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. |
|
As of now, build repo during building process, will clone OSD, then pull each plugin into the plugins directory of OSD, before running plugin level bootstrap and build. There is no cleanup of the plugin repos within plugins directory, after the build is completed. We think there are two ways to solve the error on build_workflow code now:
Thanks. |
|
Nice move towards version decoupling ! So with this newly introduced loose options, we'll be able to avoid the version-bump-only releases for bunch of components correct ? Also given this will ease the building check during bootstrap, would there be any concern during run time ? Usually a match major.minor should work seamlessly though (say osd core 2.11.1 with plugin 2.11.2) |
| dev: boolean = false, | ||
| range?: string | ||
| ) { | ||
| log.info(`[${this.name}] running yarn to install ${depName}@${version}`); |
There was a problem hiding this comment.
Should we log range info here as well?
@peterzhuamazon I observed the following behaviour while assembling OSD docker image with
So if one plugin build failed, then the single version check might be failed for the next plugin pulled into I think for |
Ok, then it is a bi-product of continue-on-error incremental build I think. |
This is the cleanup of the plugin. |
This change deals purely with bootstrapping but what you mentioned is covered by #4612
Using
|
@ruanyl, that is great observation. However, this cleanup was a compromise established at the time to be able to make releases. In practice, doing individual builds defies the single-version validation. I believe single-version validation was implemented to make sure no differing versions of packages end up in a browser bundle with the potential for conflicting logic that would break the experience or at the very least, wastefully enlarge the bundles. However, the way it was implemented applies to all packages because, during bootstrap, there is no way to know what dep ends up where. So today, only a tiny portion of the errors thrown in the name of single-version are actually problems and the 90% are unnecessary; that is to say 10% are actually important! By building plugins one at a time and cleaning up after them, we are in fact circumventing the single-version validation. We are also making the build process unnecessarily long. There is also the side-effect of a previous build updating yarn.lock in a way that would compromise the building of the plugins after it. To summarize that all:
|
|
could we elaborate why the change is associated with package.json, my understand none of osd plugins dependencies are declare and managed in package.json
|
| /* `singleVersionResolution` controls how violations of single-version-dependencies is applied. | ||
| * STRICT (default): throw an error and exit | ||
| * LOOSE: identify and install a single version that satisfies all ranges | ||
| * BRUTE_FORCE: identify and install the newest version |
There was a problem hiding this comment.
The goal was to make it as scary as possible so no one uses it.
There was a problem hiding this comment.
well, not that scary to me ^o^
| * `FORCE`: | ||
| * For each dependency, first LOOSE resolution is attempted but if that fails, BRUTE_FORCE is applied. | ||
| * | ||
| * `IGNORE`: |
There was a problem hiding this comment.
Any benefit by using this option more than get error as warning. could we still run osd by ignore the error/warning. If not, should we callout specific dev scenario to leverage this option
There was a problem hiding this comment.
You can still run OSD with IGNORE and it will more than likely work just fine.
| @@ -141,6 +141,40 @@ yarn osd | |||
| Bootstrapping also calls the `osd:bootstrap` script for every included project. | |||
| This is intended for packages that need to be built/transpiled to be usable. | |||
|
|
|||
| #### Single-version validation | |||
|
|
|||
| Bootstrapping, by default, applies a `strict` single-version validation where it requires all the dependencies defined | |||
There was a problem hiding this comment.
could we clarify what does single version validation mean and probably giving an example. that will help. let's say HelloPlugin
There was a problem hiding this comment.
This is really all that it is:
Bootstrapping, by default, applies a `strict` single-version validation where it requires all
the dependencies defined more than once to have the same version-range in the `package.json`
files of Dashboards, packages, and plugins. If a violation is identified, bootstrapping terminates
with an error.
Unfortunately, I don't know the exact reasons behind its existence; I have some theories but I am having a hard time defending them.
Great to know, thanks for the background! @AMoo-Miki
Right, in my past experience, nearly all single-version error cases that I encountered in development are about dev dependencies, it would be nice to allow plugins to choose whichever version of dev dependencies they want to use, like husky, lint-staged, etc. I believe dev dependencies won't get bundled. So I'm thinking, does it make sense to introduce an option to skip the validation of dev dependencies?
Totally understand your points, but does it imply plugins are NOT independent at build time? I'm a little concern the consequence, will that "encourage" people to write code which statically depends on other plugins? like |
All of OSD and plugin dependencies are declared and managed via their |
Since we build and package a bunch of plugins together with each OSD release, I am pushing for them to ALSO be compiled (aka bootstrapped) together to make sure they don't have any conflicts with each other. Of course they are all independent of each other and can be compiled without the other plugins. However, being compiled together will be one extra validation to boost out confidence that users with multiple plugins can do a
We have (or should have) linting rules that would prevent that from happening. @kavilla, please tell me I am right.
Yes. The hope is that one day, before I turn 100, plugins can be compiled and packaged without OSD being in the neighborhood.
Indeed. Being compiled alone is not too much of a challenge but being compiled alongside another plugin is complicated due to the possible impacts of any common deps with different versions. |
|
i got it. maybe change help disambiguate which package.json
|
|
The backport to To backport manually, run these commands in your terminal: # Navigate to the root of your repository
cd $(git rev-parse --show-toplevel)
# Fetch latest updates from GitHub
git fetch
# Create a new working tree
git worktree add ../.worktrees/OpenSearch-Dashboards/backport-2.x 2.x
# Navigate to the new working tree
pushd ../.worktrees/OpenSearch-Dashboards/backport-2.x
# Create a new branch
git switch --create backport/backport-5675-to-2.x
# Cherry-pick the merged commit of this pull request and resolve the conflicts
git cherry-pick -x --mainline 1 7c0bd9f39ba95aa419cbda58502a66827bece580
# Push it to GitHub
git push --set-upstream origin backport/backport-5675-to-2.x
# Go back to the original working tree
popd
# Delete the working tree
git worktree remove ../.worktrees/OpenSearch-Dashboards/backport-2.xThen, create a pull request where the |
…opensearch-project#5675) Add `--single-version` switch to `bootstrap` to manipulate the behavior of single-version validation Signed-off-by: Miki <miki@amazon.com> (cherry picked from commit 7c0bd9f) Signed-off-by: Miki <miki@amazon.com>
…opensearch-project#5675) Add `--single-version` switch to `bootstrap` to manipulate the behavior of single-version validation Signed-off-by: Miki <miki@amazon.com> Signed-off-by: yujin-emma <yujin.emma.work@gmail.com>
Add
--single-versionswitch tobootstrapto manipulate the behavior of single-version validationFixes #5561
Check List
yarn test:jestyarn test:jest_integration