GNU bug report logs

#26608 Provide --only-substitutes flag to "guix package --upgrade"

PackageSource(s)Maintainer(s)
guix PTS Buildd Popcon
Full log

Message #34 received at 26608@debbugs.gnu.org (full text, mbox, reply):

Received: (at 26608) by debbugs.gnu.org; 3 Sep 2018 14:11:07 +0000
From debbugs-submit-bounces@debbugs.gnu.org Mon Sep 03 10:11:07 2018
Received: from localhost ([127.0.0.1]:44443 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1fwpZK-0003e8-Nr
	for submit@debbugs.gnu.org; Mon, 03 Sep 2018 10:11:06 -0400
Received: from [82.153.16.8] (port=47017 helo=ronja.pompo.co)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <alex@pompo.co>)
 id 1fwpZH-0003dC-9s; Mon, 03 Sep 2018 10:11:04 -0400
Received: from rosser (vodsl-8997.vo.lu [85.93.202.37])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by ronja.pompo.co (Postfix) with ESMTPSA id 3C8A7402FA;
 Mon,  3 Sep 2018 14:10:57 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pompo.co; s=mail;
 t=1535983857; bh=3zF55RApxQW/X+upZzku+GEwteudvedpfMUF3yyndPY=;
 h=References:From:To:Cc:Subject:Reply-To:In-reply-to:Date:From;
 b=dGcGBQplM2cxJPiAJ65dE/mruEa2WYSs6OJFynsAs7kJeVQQNS6E97m2z/Lv683eC
 wcklV4yzz6f7FBGTEXaOYhia3HCwyO89s8HvlKRU+2kverTnV0NTrQNs4SjFvYt6BP
 9aV680wXUDZ/bWLN93x9gpmNQZTW8r+/IDw7eoss=
References: <87vb5vsffd.fsf@gnu.org> <87pny2iks2.fsf@gnu.org>
 <877ekagtg9.fsf@netris.org> <87zhx5msfl.fsf@pompo.co>
 <87lg8pccys.fsf_-_@netris.org> <87zhx59gh3.fsf@elephly.net>
 <m1wos82y70.fsf@ordinateur-de-catherine--konrad.home>
 <875zzs9wzl.fsf@netris.org> <m1d0u0qi4v.fsf@fastmail.net>
 <874lfcxd2v.fsf_-_@gnu.org> <87wos8lzcj.fsf@pompo.co>
 <878t4nqzqv.fsf@gnu.org>
User-agent: mu4e 1.0; emacs 26.1
From: Alex Sassmannshausen <alex@pompo.co>
To: Ludovic Courtès <ludo@gnu.org>
Subject: Re: bug#22629: “Stable” branch
In-reply-to: <878t4nqzqv.fsf@gnu.org>
Date: Mon, 03 Sep 2018 16:10:36 +0200
Message-ID: <87r2iau0wz.fsf@pompo.co>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: 1.3 (+)
X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org",
 has NOT identified this incoming email as spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 the administrator of that system for details.
 
 Content preview:  Hi Ludo, Ludovic Courtès writes: > Hi Alex, > > (Cc’ing
    <https://bugs.gnu.org/32022> and <https://bugs.gnu.org/26608>, > which are
    related.) > > Alex Sassmannshausen <alex@pompo.co> skribis: > >> I don't
   know if this is what Konrad desires, but from my perspective, a >> desirable
    part of the definition of stable would be a that the build >> farms have
   produced a set of binaries/substitutes for a given Guix >> revision that is
    "good enough". > > I just had a bright idea (yes!): this can be addressed
    by writing > something like this in ~/.config/guix/channels.scm: > > (map
    latest-commit-with-substitutes-available > %default-channels) > > The hypothetical
    ‘latest-commit-with-substitutes-available’ would use > (git) and (guix
    ci) to find the latest commit for which substitutes of > interest are available,
    and would return: > > (channel > ;; … > (commit "cabbag3")) ;the ideal
   commit [...] 
 
 Content analysis details:   (1.3 points, 10.0 required)
 
  pts rule name              description
 ---- ---------------------- --------------------------------------------------
 -0.0 SPF_PASS               SPF: sender matches SPF record
  1.3 RDNS_NONE              Delivered to internal network by a host with no rDNS
  0.0 T_DKIM_INVALID         DKIM-Signature header exists but is not valid
X-Debbugs-Envelope-To: 26608
Cc: 26608@debbugs.gnu.org, Konrad Hinsen <konrad.hinsen@fastmail.net>,
 22629@debbugs.gnu.org, 32022@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Reply-To: alex@pompo.co
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: 0.3 (/)

Hi Ludo,

Ludovic Courtès writes:

> Hi Alex,
>
> (Cc’ing <https://bugs.gnu.org/32022> and <https://bugs.gnu.org/26608>,
> which are related.)
>
> Alex Sassmannshausen <alex@pompo.co> skribis:
>
>> I don't know if this is what Konrad desires, but from my perspective, a
>> desirable part of the definition of stable would be a that the build
>> farms have produced a set of binaries/substitutes for a given Guix
>> revision that is "good enough".
>
> I just had a bright idea (yes!): this can be addressed by writing
> something like this in ~/.config/guix/channels.scm:
>
>   (map latest-commit-with-substitutes-available
>        %default-channels)
>
> The hypothetical ‘latest-commit-with-substitutes-available’ would use
> (git) and (guix ci) to find the latest commit for which substitutes of
> interest are available, and would return:
>
>   (channel
>     ;; …
>     (commit "cabbag3"))   ;the ideal commit

This sounds incredibly interesting — and it is testament once again to
the power of Guix that this kind of solution could be feasible!

Thinking this through in my head somewhat, I had the following thoughts:
- This procedure is invoked client side, where the channel is defined
- That means the git searching is done client side, on every invocation
of guix (I guess this might be cacheable?)
- So the downside vis-a-vis a maintained "stable branch" would be a
price in performance as experienced by the end user
- The upside of course would be automatic curation of a stable branch
that saves a ton of volunteer effort and work

I have no idea what the performance cost would be.  I guess you would
use "guix weather" to turn the set of requested packages into a manifest
which can then be checked with it.

So the cost would be one of the following scenarios:
Option a)
- fetch set of packages in a given commit
- query guix weather for 100% substitutes
- iterate until a match
- then perform the appropriate guix pull

Option b)
- perform a guix pull to the latest commit
- query guix weather for 100% substitutes
- until success, step back one step at a time through guix pull

(because of the cost of guix pull this seems unfeasible)

Option c)
Implement some form of substitute cache set querying on build farms, as
part of guix weather, so the 100% match is done on the build farm
instead of the client.

Dunno.  There may be some things that already exist in Guix land that
I'm missing.

It's a super exciting approach for sure.

> This has to be done with great care to prevent a downgrade attack and to
> make sure the user doesn’t miss out on security updates, but maybe we
> could provide a procedure that makes reasonable choices.

Right — so at the very least it would have to prevent us going "back in
time" from the guix pull commit we are currently at.

The question of security updates is tricky at the moment already — I
would hazard a guess that many people bail out of upgrading when they
can't get substitutes for their entire profile / system right now, which
means they are not getting security upgrades for package (a) when a
substitute for (b) fails.

Thanks for your thoughts — super intriguing!

Alex

Send a report that this bug log contains spam.

debbugs.gnu.org maintainers <help-debbugs@gnu.org>. Last modified: Sun Jan 5 03:35:11 2025; Machine Name: wallace-server

GNU bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.