Skip to content
This repository was archived by the owner on Jun 10, 2025. It is now read-only.

Add rust v3#1

Merged
cpaelzer merged 20 commits into
canonical:mainfrom
cpaelzer:add-rust-v3
Jul 15, 2022
Merged

Add rust v3#1
cpaelzer merged 20 commits into
canonical:mainfrom
cpaelzer:add-rust-v3

Conversation

@cpaelzer

@cpaelzer cpaelzer commented Jul 1, 2022

Copy link
Copy Markdown
Collaborator

Hi,
this is the successor of the former discussion here which has now been rebased and updated to match the current state.

Since the last time we discussed this rustc itself is in main and we have a new Ubuntu release going on.
Some other things have settled and some others (e.g. creating cargo.lock in dh-cargo) have not.

We also have internally prepared our test-package mdevctl to present it for review to the MIR team after we have settled on the rules we want to initially have for rust.

Most old discussions became spin-offs into minor details or late additions.
Therefore I have re-started this and rebased it onto the new GH based markdown content and wanted to present it to the MIR team to discuss and vote on adding that.

cpaelzer and others added 14 commits July 1, 2022 08:52
Some golang statements are actually meant to apply to any kind
of vendored code, generalize those statements.

Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
Some Golang specific rules apply to rust as well, list go+rust in those
cases to make it clear that it applies to both.

Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
I was discussing with mclemencau/mdhudson/slangasek about what we should do
looking forward to rust binaries (like firefox, but less single special
snowflakes) in main.
We excercised a bit based on my current example of mdevctl [1] and out
of this we have efforts to bring the rust toolchain to main as well as
these efforts to define the MIR rules for those.

But the discussion is more wide-reaching as I want some commitment to get the
toolchain itself to be considered supported as well as some guidance how to
best deal with rust in its current state.

At first it seems to be similar to golang, but it is worse. On one hand lib
transitions are often quite hard in rust, see [2].
But more than that I was told that often transitions get stuck for quite
a long time and are way too broken (this might improve and then we want
to make rust less special).

Finally while the concept of dynamic libraries [3] exists, it isn't usable
as effectively only .so files from the very same build [4] are usable reliably
and therefore are like static builds but in multiple files.

In the discussions it was suggested:
> "
> Regarding the overall rust-in-main question: I'm fine with rustc being in
> main provided there's resourcing.  I think packages /using/ rust should only
> be allowed in main via vendoring of their dependencies, because the
> maintenance of rust libraries in Debian is bad right now.
> ...
> When we did the exception for golang, Jamie Strandboge drafted it for the
> Security Team and I think there was some consultation with Foundations /
> Archive Admins.
> ...
> ultimately it's the Security Team that bears the maintenance burden of
> decisions we make about what to put in main, so I would defer to them and
> have them consult whoever they think is relevant.
> "

In addition the extra burden will also be on the owning team and
sustained engineering, so we want to get all their consultation
before we switch to this.

And while this is shockingly different from how everything else works today
it really seems the only doable way *right now*. All the best practise we
are used to (lib only once for re-use and less maintenance) does no more
apply here until rust and the rust ecosystem evolves further.
But while it is shocking at first, compared to all other approaches that came
up so far that at least is realizable in a not too far future.
And we also have to admit that all golang MIRs of the recent years have
eventually went the vendoring-route as well, so that - for now - just
seems to be the more applicable and doable way.

Updates to v1:
- The new rule/template layout has made this much smaller.
- From the first iteration of this we realized that many golang rules
  will just apply to rust the same way - that again made it less noisy
- We also have identified that vendored code in general (not just rust)
  should have an update plan, so we add a rule for that as well.

[1]: https://bugs.launchpad.net/ubuntu/+source/mdevctl/+bug/1942394
[2]: https://github.com/dtolnay/semver-trick
[3]: https://rust-lang.github.io/rfcs/0404-change-prefer-dynamic.html
[4]: https://doc.rust-lang.org/reference/linkage.html

Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
Co-authored-by: Lukas Märdian <slyon@ubuntu.com>
Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
This is less duplication (and was not rust specific) and makes it more
clear that if there are common ways to refresh vendored sources in some
languages using those is appreciated.

Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
Following Debians dh tooling built-using no more tracks all dependencies
anway. Adapt the wording to reflect that.

Furthermore the same applies to the rule statments which need to reflect
the go-mod/cargo.lock that we have come to in discussions for other
sections of the document.

Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
Until the ecosystems settled and all projects adapted.
Ass well as the dh_* toolchain tolerates and produces reliable
go.mod/cargo.lock tracking we have to be slightly more lenient on
how exactly vendored dependencies are updated.

That shall now - for all types - be outlined in README.source.
That can for some projects still be `go mod ...` or `cargo update ...`
but in other cases might need other steps and README.source
provides the flexibility to do so.

Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>

@slyon slyon left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM overall, just some small inline comments.

I feel like this should be landed soon to have a base to build upon. It can still be improved/adopted later on, once we processed some initial Rust packages.

Comment thread README.md Outdated
Comment thread README.md Outdated
@cpaelzer

cpaelzer commented Jul 5, 2022

Copy link
Copy Markdown
Collaborator Author

LGTM overall, just some small inline comments.

I feel like this should be landed soon to have a base to build upon. It can still be improved/adopted later on, once we processed some initial Rust packages.

That is exactly the stance I have to this - thanks for seeing that I'm not the only one :-)
I'm going through your inline feedback one by one now ... all accepted - thanks!

cpaelzer and others added 2 commits July 5, 2022 14:19
Co-authored-by: Lukas Märdian <slyon@ubuntu.com>
Co-authored-by: Lukas Märdian <slyon@ubuntu.com>

@didrocks didrocks left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. +1. Just a sidenote between go.mod and go.sum requirement.

Comment thread README.md Outdated
@joalif

joalif commented Jul 5, 2022

Copy link
Copy Markdown

LGTM +1

Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
@cpaelzer

cpaelzer commented Jul 6, 2022

Copy link
Copy Markdown
Collaborator Author

Thank you all for the review and feedback so far, all integrated in the current PR.

To merge this we are waiting on @setharnold to also give a +1 from securities POV as they have the biggest dependency to ensure their existing/intended tracking of CVEs in embedded code will work.

@setharnold setharnold left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I believe we need additional tooling support before we allow in the first rustlang package.

Thanks

Comment thread README.md Outdated
Comment thread README.md Outdated
Comment thread README.md
cpaelzer added 2 commits July 12, 2022 10:01
Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
…-Built-Using

As discussed in #1 this will add awareness for Static-Built-Using but
even more important make the requirement for a generated
cargo.lock/go.sum a requirement for now.

Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
@cpaelzer cpaelzer requested a review from setharnold July 13, 2022 12:54

@setharnold setharnold left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This goes a very long way to address my concerns. I'd feel better if it included a guidance on using the mdevctl-style change to manually manage the Cargo.lock file.

Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
@cpaelzer

Copy link
Copy Markdown
Collaborator Author

@setharnold wrote:

This goes a very long way to address my concerns. I'd feel better if it included a guidance on using the mdevctl-style change to manually manage the Cargo.lock file.

Hi Seth, so you mean I was giving in to you "too much" :-)

Ok, I can adapt to - instead of generally making it impossible to promote a rust package - provide guidance on how to do it yourself until tooling is available. See the last commit 8625876 added in this branch please, does it cover what you asked for?

@setharnold wrote:

I believe we need additional tooling support before we allow in the first rustlang package.

Yeah - we all did agree in discussion that this is clearly the mid/long term way to go.
I the meantime I have already talked to Matthieu and the feedback was positive.
We can expect that Foundations will work on this as part of the dh-cargo efforts they already planned for this cycle.

@cpaelzer cpaelzer requested a review from setharnold July 14, 2022 05:54

@setharnold setharnold left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

+1, thanks for working with Matthieu to make sure automated tooling is prioritized to meet our needs. Thanks for iterating on this with us.

@cpaelzer cpaelzer merged commit 1ff640d into canonical:main Jul 15, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

6 participants