Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

gens, protos: initialize rust codegen #83

Merged
merged 3 commits into from
Jul 10, 2023

Conversation

jleightcap
Copy link
Contributor

@jleightcap jleightcap commented Jun 30, 2023

Summary

Towards Bundle support in sigstore-rs, per sigstore/sigstore-rs#280 (comment).

Release Note

Adds rust codegen.

Documentation

gen/pb-rust/src/lib.rs Outdated Show resolved Hide resolved
gen/pb-rust/build.rs Outdated Show resolved Hide resolved
Makefile Outdated Show resolved Hide resolved
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is the most KISS method I could come up with for AOT codegen. This has a downside of decoupling the build steps -- the codegen uses the top-level Dockerfile, but packaging uses gen/pb-rust/Cargo.toml. However, a make all for any new .protos should cover this case.

@jleightcap jleightcap marked this pull request as ready for review July 5, 2023 13:50
@woodruffw
Copy link
Member

Making sure I understand how this works:

  1. The separate codegen crate performs the AOT codegen
  2. The AOT codegen is done into the sigstore_protobuf_specs, which is the crate that users are expected to actually use

Am I getting that right? If so, that seems reasonable and this LGTM; CI needs fixing 🙂

@woodruffw
Copy link
Member

Suggestion: squash down to a single commit and do a sign-off from there, to get DCO passing. You could also rebase and sign-off for each commit separately, but that seems painful given that we'll probably just squash it anyways 🙂

@jleightcap jleightcap force-pushed the jl/pb-rust-protobuf branch 2 times, most recently from cd8bab7 to 0409c7a Compare July 5, 2023 14:21
@jleightcap
Copy link
Contributor Author

Making sure I understand how this works:

  1. The separate codegen crate performs the AOT codegen

Yep,

  1. The AOT codegen is done into the sigstore_protobuf_specs, which is the crate that users are expected to actually use

and the codegen crate populates the parent pb-rust crate.

@jleightcap jleightcap force-pushed the jl/pb-rust-protobuf branch 4 times, most recently from c246b89 to 814d996 Compare July 5, 2023 17:58
Signed-off-by: Jack Leightcap <jack.leightcap@trailofbits.com>
Copy link
Member

@woodruffw woodruffw left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, nice work!

@woodruffw
Copy link
Member

CC @kommendorkapten and @haydentherapper for review/approval as well, since I can't merge.

@haydentherapper
Copy link
Collaborator

Thanks! Can you also update https://github.com/sigstore/protobuf-specs/blob/main/RELEASE.md?

@woodruffw
Copy link
Member

Oh yeah, we'll also need a publishing workflow for this. I can add that after the initial merge here.

apt-get install -y --no-install-recommends \
curl \
build-essential
RUN curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | bash -s -- -y
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Isn't there a better way to install the rust toolchain than curl | bash as root?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We could probably install the Debian/Ubuntu distribution instead, but IMO this will serve us better over time: the system distribution tends to lag behind the latest stable, and the Rust dependency ecosystem (unfortunately?) tends to adopt stabilized features relatively quickly.

I think the risk of doing so is similar to the risk of installing a bunch of Python development dependencies as root, which we do immediately below as well 🙂

Copy link
Contributor Author

@jleightcap jleightcap Jul 6, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For better or worse this is the default recommended installation per https://www.rust-lang.org/tools/install. cargo is available, but not rustup, from apt. However, the cargo version is out of date:

this version of Cargo is older than the `2021` edition, and only supports `2015` and `2018` editions.

And the only method of updating cargo AFAIK is via rustup.

rust: docker-image
@echo "Generating rust protobuf files"
docker run \
--platform linux/amd64 \
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not super familiar with Rust yet, but I assume this would only create a package for linux/amd64? Would we want to support other OS/architectures too?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oh, reading more it seems this is just the target OS/arch for the codegen, so when the docker image has run successfully, only Rust source code is being generated, no object files?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oh, reading more it seems this is just the target OS/arch for the codegen, so when the docker image has run successfully, only Rust source code is being generated, no object files?

Correct! I think that --platform option actually shouldn't be needed at all; @jleightcap may have added it because of his local development environment.

(Rust package distributions are always source only, so the environment that creates them should have no effect on their buildability across other platforms.)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah, this is a copy-paste from the other targets (python, typescript, &c).

The pb-rust crate itself is architecture agnostic.

Signed-off-by: Jack Leightcap <jack.leightcap@trailofbits.com>
@jleightcap jleightcap force-pushed the jl/pb-rust-protobuf branch from 814d996 to ae23636 Compare July 6, 2023 16:44
Signed-off-by: Jack Leightcap <jack.leightcap@trailofbits.com>
@woodruffw
Copy link
Member

CC @kommendorkapten and @haydentherapper for re-review 🙂

Copy link
Collaborator

@haydentherapper haydentherapper left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@kommendorkapten for approval and merge

@kommendorkapten kommendorkapten merged commit fef6971 into sigstore:main Jul 10, 2023
@woodruffw woodruffw deleted the jl/pb-rust-protobuf branch July 10, 2023 18:58
@woodruffw
Copy link
Member

Thanks all! Great work here @jleightcap.

@woodruffw woodruffw mentioned this pull request Jul 10, 2023
@haydentherapper
Copy link
Collaborator

+1, thank you for your contribution!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants