Have we solved the problem of generated config yet? (best practices)

Profpatsch · January 15, 2020, 1:46pm

Dhall promises to replace all kinds of configuration formats by one language.
However, in practice I need predefined formats to be checked into my source code repository.

For example, the CircleCI service expects a yaml file at .circleci/config.yml. All other CI systems I know work similarly.

Are there any best practices the dhall community recommends for these use-cases?

Questions:

When to generate this file? pre-commit hook?
How to set up CI so that the files don’t go out of sync? With a good workflow?
How to make it so that developers don’t have to think about this?
How to make developers not hate the fact that they have to check in generated code?

ari-becker · January 15, 2020, 8:58pm

Fwiw, we deal with this by using Concourse, which doesn’t follow a .concourse/config.yml kind of model. And I’m convinced that pipeline-stored-in-repo is a fundamentally poor model, because either a) improvements in one repo don’t carry over into other repos, b) instituting changes across all repos in a company quickly turns into a slow political death march, or c) developers are developers, not DBAs, not security professionals, etc.

To answer your question, I don’t think it’s solvable. Git client-side commit hooks cannot guarantee that the dhall executable is installed and available on the path, let alone of the correct version. GitHub doesn’t allow (not really) for server-side commit hooks (in a previous life I got some experience with BitBucket ScriptRunner hooks and everything else pales by comparison…). The best you can do is have a CI process which references itself, which is to say, has a pre-build validation step which checks a diff between the committed file and what would be generated, and a clear error message describing how to re-generate the file.

tristanC · January 16, 2020, 12:38am

@ari-becker some CI systems, at least Zuul, let you use git based configuration across multiple repos. Though I wish more services would accept dhall format directly, that would make our life easier

@Profpatsch to check in generated code, e.g. go vendors copy, we have a CI jobs that look for clean git status after running the generation command. We use a simple Makefile target that is easy to run by the developer or the CI. The test works both way, it also fails if the yaml has been updated without using dhall.

vmchale · January 17, 2020, 5:00pm

I use a Makefile in github-actions-dhall (I’m not sure if you are already familiar with it): https://github.com/vmchale/github-actions-dhall

Checking in generated code isn’t ideal but the only alternative I see is setting up some bot to go in-between, which, based on my experience with these things, would not be worth it.

Gabriel439 · January 18, 2020, 11:24pm

@Profpatsch: You can study how we do this for the official Dhall language test suite. We have some .diag files which are generated from .dhallb (CBOR) files and they need to stay in sync.

First, we author a Nix derivation that builds the generated files, like this one:

github.com

dhall-lang/dhall-lang/blob/543d91e27d67f583b095cbb02babae3f2a944789/release.nix#L65-L76


expected-test-files =
  pkgsNew.runCommand "expected-test-files" {} ''
    ${pkgsNew.rsync}/bin/rsync --archive ${./tests}/ "$out"


    ${pkgsNew.coreutils}/bin/chmod --recursive u+w "$out"


    for FILE in $(${pkgsNew.findutils}/bin/find "$out" -type f -name '*.dhallb'); do
      ${pkgsNew.cbor-diag}/bin/cbor2diag.rb "$FILE" > "''${FILE%.dhallb}.diag"
    done


    ${pkgsNew.dhall}/bin/dhall type --file "${./.}/tests/type-inference/success/preludeA.dhall" > "$out/type-inference/success/preludeB.dhall"
  '';

Then, for user convenience we add a script to build that derivation and copy the generated files to where they belong:

github.com

dhall-lang/dhall-lang/blob/543d91e27d67f583b095cbb02babae3f2a944789/scripts/generate-test-files.sh#L1-L5


set -eu


nix build --file ./release.nix expected-test-files
rsync --archive --checksum --delete result/ ./tests
chmod -R u+w ./tests

Optional: make that script part of a git commit hook so that users are less likely to forget to do it.

Finally, we add a Nix derivation to CI that checks that the files built by the derivation match the files that should be generated:

github.com

dhall-lang/dhall-lang/blob/543d91e27d67f583b095cbb02babae3f2a944789/release.nix#L89-L96


test-files-lint = pkgsNew.runCommand "test-files-lint" {} ''
  ${pkgsNew.rsync}/bin/rsync --archive ${pkgsNew.expected-test-files}/ ./tests.expected
  ${pkgsNew.rsync}/bin/rsync --archive ${./tests}/ ./tests.actual


  ${pkgsNew.diffutils}/bin/diff --recursive ./tests.{actual,expected}


  touch $out
'';

That enforces that the generated files can’t get out of sync with the original files in case people forget to update the generated files.

Gabriel439 · April 5, 2020, 3:31am

There is now a chapter in the Dhall manual addressing the original request:

github.com

Gabriel439/dhall-manual/blob/e19a35fbfb509fa6447fa9c53e8bd96f9b83e584/manuscript/05-SynchronizeFiles.md

# How to keep a generated file in sync with the original Dhall expression

Up until now we've been generating a YAML configuration file from a Dhall
configuration file and (presumably) storing both of them in version control.
After all, Mergify requires that the generated YAML configuration file is
stored in version control since Mergify does not directly accept a Dhall
configuration file.  Also, we most likely want to store the Dhall configuration
file in version control, too.

The problem is that nothing guarantees that the Dhall file and the YAML file
remain in sync with one another.  We would like to enforce the invariant that
for every commit to the trunk branch of our repository the YAML file matches
what would be generated from the Dhall configuration file.

This chapter documents how to enforce that invariant using continuous
integration and to set up an ergonomic user experience for keeping the
generated file up-to-date.

> **Note:** I generally advise against storing generated files in version
> control and recommend one of the following alternatives when possible:

This file has been truncated. show original