Page MenuHomePhabricator

[Nix] Provide nix way of starting MariaDB
ClosedPublic

Authored by jon on Aug 4 2022, 7:45 PM.
Tags
None
Referenced Files
Unknown Object (File)
Fri, Nov 8, 8:58 PM
Unknown Object (File)
Fri, Nov 8, 8:58 PM
Unknown Object (File)
Fri, Nov 8, 8:58 PM
Unknown Object (File)
Fri, Nov 8, 8:58 PM
Unknown Object (File)
Fri, Nov 8, 8:58 PM
Unknown Object (File)
Fri, Nov 8, 8:58 PM
Unknown Object (File)
Fri, Nov 8, 8:58 PM
Unknown Object (File)
Fri, Nov 8, 8:58 PM

Details

Summary

Provide nix native way of creating a MariaDB database

Test Plan

From any branch, on a darwin (MacOS) machine:

nix run 'github:commE2E/comm?ref=jonringer/mariadb#mariadb-up'

Diff Detail

Repository
rCOMM Comm
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

There are a very large number of changes, so older changes are hidden. Show Older Changes

I'm not a good choice for a first-pass review except for these cases. Leaving some comments inline, but deferring most of the review to other people

nix/mariadb-up-mac.nix
41–135 ↗(On Diff #15343)

I assume that the ShellCheck CI doesn't have a way to parse this bash. Three questions:

  1. Is this bash? How would I know that it's bash? Where does Nix show that it's executing this as bash?
  2. Can we put this inside a separate .sh file with a bash shebang? I think it's cleaner for this to exist separately, and it's more likely that our tools will properly detect it if it's in its own file.
  3. If there's no way to separate this into its own .sh (probably unlikely), can you confirm that you've manually run ShellCheck against this code?
66 ↗(On Diff #15343)

Why are we using single-bracket conditionals here? We spent a bunch of time trying to rid the codebase of these in ENG-157... please try to avoid regressing us. I think I recall mentioning this to you in the past, so please try to integrate it going forward, eg. please never put up a diff with single-bracket conditionals unless there's a strong reason

nix/overlay.nix
49 ↗(On Diff #15343)

Some quick questions about version locking, eg. what yarn.lock does:

  1. Does this line lock every dev's MariaDB version to 10.8?
  2. Should we lock to a specific patch version as well?
  3. Should all of the tools we use be locked to a specific version like this?
In D4750#136943, @atul wrote:

nix run github:commE2E/comm#mariadb-up

Hmm getting the following:

atul@atuls-MacBook-Pro comm % nix run github:commE2E/comm#mariadb-up
error: cannot find flake attribute 'github:commE2E/comm#mariadb-up'

Is there some additional step I'm missing here?

Feedback for @jon – it often seems like you put stuff in test plan that people aren't able to reproduce. This causes churn for both you and reviewers, and I think we could save a lot of time if you were more diligent about making sure your test plans are reproducable for reviewers.

Feedback for @jon – it often seems like you put stuff in test plan that people aren't able to reproduce. This causes churn for both you and reviewers, and I think we could save a lot of time if you were more diligent about making sure your test plans are reproducable for reviewers.

Yea, was tired and wanted to go to bed, forgot to add my branch as a reference. My bad, and fixed.

nix/mariadb-up-mac.nix
41–135 ↗(On Diff #15343)

Is this bash? How would I know that it's bash? Where does Nix show that it's executing this as bash?

Yes, it's bash. We can render the file, then check it

Can we put this inside a separate .sh file with a bash shebang? I

Not really, as nix needs to interpolate the paths of packages

If there's no way to separate this into its own .sh (probably unlikely), can you confirm that you've manually run ShellCheck against this code?

Looking through some of the other "trivial builders", there's also a writeShellApplication which checks the content with shellcheck

66 ↗(On Diff #15343)

because I was having a lot of issues why it was crashing on mariadb_count=$(ps aux | grep -v grep | grep -c mariadbd) thought it was somethign to do with the [[ ]] because I was desperate.

Turns out grep normally fails if it finds 0 results. and forgot to undo this.

nix/overlay.nix
49 ↗(On Diff #15343)

Does this line lock every dev's MariaDB version to 10.8?

It locks every reference to mariadb. Since I will only be referencing mariadb, then it should be every dev's env.

Should we lock to a specific patch version as well?

No, generally patch versions have good fixes. We want those when we update nixpkgs. AFAIK, mariadb only does maintenance and security backports to minor versions.

Should all of the tools we use be locked to a specific version like this?

Depends on the tool, I do something similar for protobuf. But most packages don't update in meaningful ways too often. Once we get some nix CI, we should be able to determine any regressions when updating nixpkgs, and react accordingly.

Running into the following:

atul@atuls-MacBook-Pro comm % nix run github:commE2E/comm?ref=jonringer/mariadb#mariadb-up
zsh: no matches found: github:commE2E/comm?ref=jonringer/mariadb#mariadb-up
atul requested changes to this revision.Aug 5 2022, 10:23 AM
This revision now requires changes to proceed.Aug 5 2022, 10:23 AM

Use writeShellApplication for automatic shellcheck upon building

jon marked 3 inline comments as done.EditedAug 5 2022, 10:37 AM

For more information on writeShellApplication https://github.com/NixOS/nixpkgs/blob/68a2cf6583e73f355c70a27dd64913bb74038f03/pkgs/build-support/trivial-builders.nix#L254-L305

But it automatically sets set -euo pipefail that I've been doing in other scripts, and also runs the script through shellcheck when building it. So just doing nix build github:commE2E/comm?ref=jonringer/mariadb#mariadb-up (or any other nix command) also runs shellcheck

Handle BSD pgrep lack of a --count option

Use double braces for if statement

Also, for checking what nix is doing, you can also build it, and inspect the results

For example, seeing what interpreter it's using

$ nix build .#mariadb-up && head -n1 ./result/bin/mariadb-up
#!/nix/store/qm2lv1gpbyn0rsfai40cbvj3h4gz69yc-bash-5.1-p16/bin/bash
nix/mariadb-up-mac.nix
41–135 ↗(On Diff #15343)

We can render the file, then check it

I have no idea what this means. I fear we're slipping into a pattern again where I ask a question and get a really short sentence in response. Please make sure to respond to each request with enough detail that we don't end up churning during diff review. If you leave out the detail in your first response, you are only causing more work for everybody – your reviewers and you.

To be absolutely clear, I am requesting that you should me the line of code that shows that this shell script is being executed as bash. Can you please link that line of code?

Not really, as nix needs to interpolate the paths of packages

Can those things be provided as inputs into the bash script?

Looking through some of the other "trivial builders", there's also a writeShellApplication which checks the content with shellcheck

At runtime? That doesn't sound ideal...

nix/overlay.nix
49 ↗(On Diff #15343)

No, generally patch versions have good fixes. We want those when we update nixpkgs. AFAIK, mariadb only does maintenance and security backports to minor versions.

I don't disagree, but doesn't this compromise Nix's promise of reproducable builds? It sounds like different devs will have different versions.

I agree that patch versions have good fixes, but I would prefer a model where patch versions get pushed to each developer's environment when they are introduced. Instead, it appears that developers with the old version will not get the patched version... only people newly setting up the environment will get the patch versions. Or am I wrong?

(Ideally I wouldn't have to ask for further clarification here... you can reduce churn by interpreting what I am trying to ask, and giving a full response that covers everything.)

nix/mariadb-up-mac.nix
19 ↗(On Diff #15366)

Should the last line of this command end with a backslash? Not sure if this will execute. But it is the only command in the script, so I don't know.

Going off of StackOverflow and StackExchange.

58 ↗(On Diff #15366)

Assuming this doesn't need to be double quoted since the entire script is in quotes already? Same assumption for lines 74, 100, 104, 107, 122, and 124?

jon added inline comments.
nix/mariadb-up-mac.nix
19 ↗(On Diff #15366)

Yep, I had stdout and stderr on separate lines before, thanks

58 ↗(On Diff #15366)

Correct, nix store paths are computed and can't have spaces in them

$ nix eval nixpkgs#hello.outPath
"/nix/store/j943c0z8m4qhx1vr3zzh91fjz1bnhg1h-hello-2.12.1"
41–135 ↗(On Diff #15343)

I fear we're slipping into a pattern again where I ask a question and get a really short sentence in response. Please make sure to respond to each request with enough detail that we don't end up churning during diff review.

I expanded on this in a separate comment: https://phab.comm.dev/D4750#136994

But it probably should be part of the original response

It inherits the shell from the stdenv environment, which is going to contain bash v5.1

I am requesting that you should me the line of code that shows that this shell script is being executed as bash. Can you please link that line of code?

$ nix build github:commE2E/comm?ref=jonringer/mariadb#mariadb-up && head -n1 ./result/bin/mariadb-up
#!/nix/store/qm2lv1gpbyn0rsfai40cbvj3h4gz69yc-bash-5.1-p16/bin/bash

At runtime? That doesn't sound ideal...

It's a build time. In another comment, I linked to the nixpkgs definition of writeShellApplication which shows that it create a package where the contents of script are ran against shellcheck as part of the checkPhase (which is usually used for test suites).

In other words, writeShellApplication takes the scripts, runs it through a few tests (one of which is shellcheck), then re-exposes if it passed. If it failed any test then you would see any nix command trying to make use of it fail.

Can those things be provided as inputs into the bash script?

Possible, but that's unusual. Are we trying to solve shellcheck or trying to solve script re-use? If we're trying to solve shellcheck, then writeShellApplication already does this for us, so that's not much of a win. If we wanted to make the scripts more portable, then I think refactoring the script to just use PATH, and expose a nix wrapper script which sets the correct PATH then calls the portable script would make sense. However, I don't think we want to go down the path of supporting many different development environments.

nix/overlay.nix
49 ↗(On Diff #15343)

but doesn't this compromise Nix's promise of reproducable builds?

Not really, reproducible just means starting from a known location A can you always get to same exact location B? If the anwser is yes, then it's reproducible. For nix, only updating the nix lock file or the overlay should really be affecting which packages get introduced into the environment. If programmer A has the same flake.lock and nix/overlay.nix as programmer B, then both programmers will have the exact same (usually byte-for-byte same) packages.

I think you are more concerned about mariadb_108 moving between developers. But mariadb_108 is determined by nixpkgs, which is frozen to a particular commit in the flake.lock file.

One of my youtube videos on flakes might help with understanding how this works a bit (although I do make the assumption that you've dabbled with nix) https://youtu.be/90P-Ml1318U?t=90

It sounds like different devs will have different versions.

If they have the same flake.lock and nix/overlay.nix then no, the packages should be exactly the same. But if we do need to update the package, then we can make the change in either the flake.lock (if nixpkgs has what we want) or the overlay(if nixpkgs doesn't have what we want); then ask "please rebase on the latest master and run nix develop again".

I agree that patch versions have good fixes, but I would prefer a model where patch versions get pushed to each developer's environment when they are introduced.

The patch version will likely be decided by the flake.lock which contains a reference to a specific checkout of nixpkgs. I'm most refering to when we do update the lock file, it will likely bump the patch version.

Instead, it appears that developers with the old version will not get the patched version... only people newly setting up the environment will get the patch versions. Or am I wrong?

For the purpose of the mariadb package which nix will reference, that is determined by the nixpkgs reference in the flake.lock and anything we might do in the overlay. As we only update the flake.lock every few months, it's more likely that individual users will have the exact same version.

jon marked 4 inline comments as done.

Remove extraneous backslash

Previously had a line for both stdout and stderr, and forgot
to remove the newline continuation after combining the file handles

atul requested changes to this revision.Aug 8 2022, 7:50 AM

Sorry to request changes again, but still unable to get this to work in my environment:

atul@atuls-MacBook-Pro comm % nix run github:commE2E/comm?ref=jonringer/mariadb#mariadb-up
zsh: no matches found: github:commE2E/comm?ref=jonringer/mariadb#mariadb-up

Any ideas how I can resolve this?

This revision now requires changes to proceed.Aug 8 2022, 7:50 AM

zsh: no matches found: github:commE2E/comm?ref=jonringer/mariadb#mariadb-up

I guess this is related to zsh https://github.com/NixOS/nix/issues/4686

Either, do nix develop which will drop you into a bash shell, or you can single quote the "flake url". I'll update the comment

atul added 2 blocking reviewer(s): abosh, varun.

The command in test plan worked for me!

Resigning and adding @varun as blocking to review the nix stuff and @abosh as blocking to review the bash stuff

Some small fixes here and there, then should be good to go!

nix/mariadb-up-mac.nix
58 ↗(On Diff #15382)

Correct, nix store paths are computed and can't have spaces in them

$ nix eval nixpkgs#hello.outPath
"/nix/store/j943c0z8m4qhx1vr3zzh91fjz1bnhg1h-hello-2.12.1"

In response to this reply to my inline comment, won't ShellCheck still complain about this not being double quoted though? Even though we know Nix store paths can't have spaces in them, we should still double quote for consistency/good style.
{F131414}

Other instances of double quoting ShellCheck complains about on lines 74, 100, 104, 107, 122, and 124.

65–66 ↗(On Diff #15382)

So just to be clear, the wc -l will still capture the count of the number of pgrep results, but with whitespace? And that's why we need the xargs echo?

Not sure if it's better, but we could also use something like awk, like piping it to awk {print $1}?

69 ↗(On Diff #15382)

Turns out grep normally fails if it finds 0 results. and forgot to undo this.

This should be double brackets, right?

83 ↗(On Diff #15382)

Are double quotes necessary here? We use them every time we reference running_pid later anyways.

87 ↗(On Diff #15382)

You say "stop or kill" here but only "stop" on line 93, should the verbs for both match?

Same thing goes for saying "attempt 'mariadb-up'" here but "attempt 'mariadb-up' again" on line 93.

101 ↗(On Diff #15382)

I don't think there's a difference between COUNT(1) and COUNT(*) (at least semantically), but there are definitely more instances of COUNT(*) in the codebase than COUNT(1). Is there a reason we can't use COUNT(*)? Maybe performance? I prefer COUNT(*) since it makes more sense to me as a reader, but I could be wrong since my SQL experience is one quarter of college :P

108 ↗(On Diff #15382)

nit: include spaces between flags and their arguments. You will also probably have to add a space to the following two lines so they're aligned.

This revision now requires changes to proceed.Aug 8 2022, 12:46 PM
nix/mariadb-up-mac.nix
65–66 ↗(On Diff #15382)

wc -l counts the number of lines returned.
However, wc -l on mac will returns something like 0, so we feed it to xargs echo which will collapse whitespace to just a space between non-whitespace strings.

Not sure if it's better, but we could also use something like awk, like piping it to awk {print $1}?

I'm fine with this solution as well, but I find that less people know about awk than wc + xargs

69 ↗(On Diff #15382)

yes

83 ↗(On Diff #15382)

no, but shellcheck complains

87 ↗(On Diff #15382)

I'll just take 93

101 ↗(On Diff #15382)

Depends on the query optimizer. For MariaDB I would assume that it would know that the tuple info gets discarded, but COUNT(1) is a bit more explicit that the information of the user table is irrelevant.

jon marked 2 inline comments as done.

Address comments

jon added inline comments.
nix/mariadb-up-mac.nix
58 ↗(On Diff #15382)

Quoted them just for good measure

108 ↗(On Diff #15382)

I did -Bse "<command>" to be consistent with the previous invocation

Thanks for explaining everything!! I think writeShellApplication is perfect :)

jon marked 2 inline comments as done.

Kill the extraneous backslash, again

Ok, bash-wise, looks good!

nix/mariadb-up-mac.nix
65–66 ↗(On Diff #15382)

I'm fine with this solution as well, but I find that less people know about awk than wc + xargs

Haha, yeah. I guess that's true, this is awk

This revision is now accepted and ready to land.Aug 9 2022, 11:42 AM
This revision was automatically updated to reflect the committed changes.