Thursday, 2026-04-09

« Wednesday, 2026-04-08 Index Friday, 2026-04-10 »
*** Unknown123 is now known as Mike--05:29
fungiclarkb: i see pbr-7.0.3-py2.py3-none-any.whl listed there? keep in mind there's a block of text between the sdist link and list of wheels for the release12:09
fungihttps://pypi.org/project/pbr/#pbr-7.0.3-py2.py3-none-any.whl has the details for it12:11
clarkbfungi: oh so it is what a weird ui thing13:21
fungii think it's designed so that projects with 100 different platform-specific and python-version-specific wheel files can be filtered, but yes when you only have one wheel file it sort of disappears visually in the noise13:24
-opendevstatus- NOTICE: Anubis is now deployed on our Gitea backends, and things are back to working normally though you may notice an Anubis screen flash briefly when starting to browse opendev.org; any jobs which failed prior to 15:00 UTC today can be safely rechecked15:35
fungiwould it be appropriate for me to mass-propose patches to remove precommit from the tox configs in all projects, until teams have time to work out how to make it not try to fetch git repos on its own over the network for things where it should be using local checkouts from zuul or packages from pypi?16:34
fungii don't use the tool and have limited interest in learning how to make it align with the way our ci system expects jobs to be optimized, but also am tired of teams complaining about their jobs failing any time we have a problem with the git frontends when that situation could have been avoided entirely16:35
dansmithI don't have it enabled locally so it's not _actually_ in my way, even though I sort of object to the entire premise of it17:11
dansmithif it's doing anything negative with CI by default, I'd say that's justification to rip it out on its own17:12
spotz[m]I think it's worth a shot?17:19
JayFI think proposing the patches won't get you what you want though, we need the discussion if you want them to land.17:19
JayFIn fact, mass proposing those patches before someone was able to read an ML post about them, describing the pain, for instance, might anchor people into being less likely to merge them17:19
spotz[m]Would it be worth attempting the change in one area to see if it even fixes the issue for sure?17:21
JayFIt's a design problem with pre-commit, really17:22
dansmithwell, proposing them and letting projects fix or abandon them seems fine to me, as long as there's some outcome17:23
JayFThe question isn't "will it help with git load" it's "are the project teams OK with the tradeoff" (and maybe a little of "opendev doesn't wanna let the teams make that tradeoff anymore for $reasons")17:23
dansmithit's really "how you get stuff done on the internet" which is ... "propose a patch that isn't quite right so someone gets mad and fixes it properly"17:23
JayFA bad PR is the fastest path to getting someone to write a good PR :D 17:24
dansmiththe github corrollary ^17:24
dansmithright, it's the opendev infra impact that needs some action regardless17:24
fungiit's really mostly that we designed robust solutions to supply artifacts (packages, git repositories, vm images, et cetera) to jobs so that they wouldn't run into so many of the problems inherent with fetching them over the internet on every run, so it's frustrating for projects to ignore those capabilities and introduce fragility into their jobs, then complain about the impact17:27
fungifrom that decision17:27
sean-k-mooneyfungi: is the main issue current the git clone or is it beyond that17:27
sean-k-mooneyfungi: mainly askign to understand the current probleme yoru trying to solve17:28
fungiit's that it's cloning hacking over the internet and then checking out the 8.0.0 tag. we have solutions optimized for installing a normal hacking 8.0.0 package or from a locally-supplied git checkout on the test node's filesystem17:30
sean-k-mooneyack17:31
fungiso when we have some incident impacting our git offload servers intended for normal users, nova's zuul jobs are breaking unnecessarily and i have very little interest in helping solve that problem17:31
sean-k-mooneywell its not just nova but ya ok i get the issue17:32
sean-k-mooneyi thikn we could have zuul pre prepar them but im not sure that folks will want the extra infra of that17:33
fungiyes, nova was an example. my even bigger frustration is that the same antipattern got pushed out to a lot of other repos without considering the impact17:34
sean-k-mooneythe main regression woudl be the extra linting that we do only via pre-commit17:34
sean-k-mooneyperhas a better option woudl be to only use local hook or tool script althought that makes sharign ahrder17:35
sean-k-mooneyas long as we dont regresss the linting and folks cna still use it lcoally we coudl go back to keepign the lint job and pre-commit config in sync17:37
sean-k-mooneyit wasnt really much addtional work17:37
sean-k-mooneyalthough we woudl need to replace https://github.com/openstack/nova/blob/master/.pre-commit-config.yaml#L3-L36 with something17:37
sean-k-mooneyperhaps hackign checks in some cases?17:38
fungithe basic design principle with these systems is that projects should be able to continue testing and merging changes normally even if the opendev.org site is offline (and also if test nodes are unable to reach the gerrit server, for that matter)17:40
sean-k-mooneyright htat why we have the error on clone flag for devstack17:40
sean-k-mooneyideally all content is either coming form a mirror or if its git prepared by zuul17:41
sean-k-mooneythe simiple 2 secodn chang ewoudl be to use the github mirror17:41
sean-k-mooneybut that not realy ideal either 17:41
fungiyes, and zuul can supply clones from other sources like github too, so usable even if test nodes can't reach that17:42
sean-k-mooneyso what i need to check is pre-commit i belive suprpot a env var for its "home" location17:59
sean-k-mooneywhich is wher eit loosk for the relevent repos17:59
sean-k-mooneyi want to check can we just poitn that at zuul cloned repos or perhaps copy them17:59
sean-k-mooneythe answe ris proably no17:59
sean-k-mooneybut if that works it would be trival to add hacking to the pep8 job as a required repo and move it to the right place before runign or somethign like that18:00
fungiyes, that sounds viable, if precommit caches git repositories in a known location18:03
opendevreviewMerged openstack/openstack-manuals master: Add note for reno link update for release task  https://review.opendev.org/c/openstack/openstack-manuals/+/98208818:37
sean-k-mooneyinstead of doing someting liek .cache/pre-commit/repos/opendev.org/openstack/hacking18:46
sean-k-mooneytis generating a repo###### has dir name18:46
sean-k-mooneyand it has a sqlite db to know where everythign is18:47
sean-k-mooneyprek dos someitng imilar so  we shoud have to jsut sed the .pre-comite-cofnig.yaml to update the repo paths to file://${home}/src/opendev.org/openstack/hacking18:48
sean-k-mooneythat woudl nto be hard to do i jsut dont know if we want to do that in genreal18:49
sean-k-mooneyit woudl be triival to do for just the hackign repo but im thinking of the other repos that we dont currenly have in zuul18:49
sean-k-mooneybut hackign is the only one hitting opendev.org i think today18:49
clarkbwhat I don't understand is why they are so resistant to just using pypi18:50
sean-k-mooneyfor the hook distirbution?18:51
clarkbyes. I think some of the other language systems do pull from the upstream package repos too18:51
clarkbnot only that but they pip install the git dir and that pulls everything else from pypi18:51
sean-k-mooneyyes so for python hooks it will use pip to install the deps fi you list any18:51
sean-k-mooneyi.e. that how hacking and flake8 are isntall via the hackign pre-commit hook18:51
clarkbthis is why I mentioned the work around is to have a shim in git that is just a list of things you want installed then pip install that and it downloads what you really care about18:51
sean-k-mooneyyep18:52
sean-k-mooneyso puting the hackign hook into its own tiny repo18:52
clarkbbut its weird if that is the behavior anyway to avoid just going straight ot pypi in the first place18:52
sean-k-mooneythat is just the hook18:52
clarkbright I'm saying why can't you define the hook in your local yaml file that says this is where the code is18:52
clarkbrather than a git repo it could be pypi18:52
sean-k-mooneyyou can18:52
clarkbok then why are we not just doing that?18:53
sean-k-mooneythe reason we are pullign hackign was jut to not copy it18:53
sean-k-mooneytaht woudl be tirival to fix actully18:54
clarkbit just seems like this system wasn't really designed to be use outside of your laptop where you would run it once and cache it. Reminds me a lot of the sharp edges of docker fwiw. Oh you want to mirror an image? You must host it on docker hub can't have mirrors for anything else18:54
sean-k-mooneywe coudl baisly copy https://github.com/openstack/hacking/blob/master/.pre-commit-hooks.yaml18:54
sean-k-mooneyand run it as a local hook18:54
clarkbsimilarly here: oh you want to use code hosted in the python package repo sorry can't do that18:54
sean-k-mooneyclarkb: well it was desced for ci18:55
clarkbno it wasn't18:55
sean-k-mooneybut with the asusmtion that the cache is on a nfs/afs share18:55
clarkbor if it was it was by someone who has never designed anything for ci18:55
sean-k-mooneythat is used acrss runs18:55
clarkbI say this as someone who has maintained CI systems since 201018:55
sean-k-mooneyant htat what bites us18:55
clarkbanyway what I'm saying is you should be able to point pre-commit at hacking on pypi and have it load /hacking/blob/master/.pre-commit-hooks.yaml from there which is in the package18:55
clarkband if it isn't in the package then that is a package bug we can fix18:56
clarkbthe fact that precommit still doesn't have this ability is a bit mind boggling to me18:56
sean-k-mooneyya so since hackign is the souce of bleedign let me create a tiny patch ot make that not git cloen18:56
clarkbI seem to recall looking into this the last time it came up and that file isin the package but things may have changed since then18:57
sean-k-mooneyright but the isssuue is not with the file its that git is the protical that the tool uses for the distibutoion of the hooks18:58
sean-k-mooneytaht likely shoudl be changed18:58
clarkbright I've been saying this since the first time ssbarnea was all hyped about pre commit. That this is a fundamental flaw and it shouldn't be that difficult to fix18:58
sean-k-mooneybut it the choice they roginaly made the same as the go echosystem did 18:58
clarkbbut as I see this as a fundamental flaw and existing tools work just fine for me I have zero motivation to fix it for them18:58
clarkbwe rejected pre commit on this basis years ago when ssbarnea was trying to get us to sue it18:59
clarkband we've been fine if I'm honest18:59
clarkbbut openstack didn't think my protests were enoguh reason to find another tool or fix the tool and prceeded anyway18:59
clarkband this is not the first time w've had this discussion because its not the first time this has cuased us issues19:00
clarkbthe problem is that opendev manages to fix the backend issues which removes the motivation to fix the flaky job sources19:01
clarkband then we rinse and repeat this some time in the future when things go sideways again19:02
sean-k-mooneyi dont think i was involev in those converstaion but lets see if we can fix things goign forward19:04
sean-k-mooneyfor what its worth i was execting the git clone to be cached vai the http proxies we have at teh providers19:05
sean-k-mooneybut i guess the s in https prbably is preventign that form beign a thing19:05
sean-k-mooneywell that and most proxies doent cache git conetnt by default i guess19:06
sean-k-mooneyclarkb: so i belive we can fix hacking like this https://review.opendev.org/c/openstack/watcher/+/983925/1/.pre-commit-config.yaml19:12
sean-k-mooneythat will get rid fo the clone and pull a pined version of hackign form pypi which will use our pip caches 19:15
sean-k-mooneyalthough in need to test that quickly by localy violateing a hackign rule19:16
sean-k-mooneyclarkb: ok ya that works if i add "vim: set tabstop=4 shiftwidth=4\n#\n#\n#\n#\n#" to a file the local hackign version flag H10619:21
sean-k-mooneyso we coudl apply that change to all relevent repos as a first step19:22
clarkbyou're still heavily dependent on other external services look like but I guess I'm not in the queue to fix those when they break19:25
sean-k-mooneywe can transform any fo the ones that are just invokeing a cli in the same way if they are on pypi ectra19:26
sean-k-mooneythat will cover codespell bandit sphinxlint and ruff/autopep819:27
sean-k-mooneyfor the thing likd detec-private-keys well that can jsut be a local tool script19:27
sean-k-mooneyof if we used prek i think all ormost of the https://github.com/pre-commit/pre-commit-hooks hooks19:28
sean-k-mooneyare built into the tool so they are provie with just the pip intsll of perk19:28
sean-k-mooneyso we coudl likely remove almost all the clones and just vendor the few scrips that are left19:28
sean-k-mooneywe have tools directores in most fo the repos where we keep things like this already it would just take a littel mroe time to do19:29
sean-k-mooneyclarkb: ill leave this patch as it is as a minimal refence and ill see if i can quickly transform the the other low hanign fruit in a follwo up19:30
sean-k-mooneywe will loos the "pre-commit autoupdate" but honestly that fine we bump these thing like once or twice a release we can jsut check when we do19:31
sean-k-mooneyclarkb: so https://pypi.org/project/pre-commit-hooks/ is a thing i think we can skip the vendoring of the srcipt entirly adn jsut call them form local hooks19:47
sean-k-mooneythat what im tryign to make work now at least19:48
sean-k-mooneyit provides them all as console scripts https://github.com/pre-commit/pre-commit-hooks/blob/main/setup.cfg#L30-L6219:49
sean-k-mooneyclarkb: lookign at the repo history i think that has been posibel at least for those hoosk for at least 7 years19:50
sean-k-mooneythere is just no documentaiotn for that at least not obevious docs19:51
clarkbI wonder if this is a happy accident and we're using something that wasn't intended for this purpose19:52
clarkbor its the classic forgot to document it problem.19:52
sean-k-mooneywell they are intentionally exported as console_scripts19:52
sean-k-mooneyso that to mee looks liek jsut never docuemtned19:53
fungiif memory serves, it was roughly 8 years ago that we called out this problem, but i guess enough people have cycled out and in that they forgot it was every discussed and reimplemented it fresh20:09
sean-k-mooneyit looks like it was posibel form the sart the older console_script were added 12 years go 20:10
sean-k-mooneyit was just never docuemented or it was remvoed20:10
sean-k-mooneythis woudl not be the normal way to use hooks as you hae to duplcit the hook logic in yoru local repo20:11
sean-k-mooneybut the hook logic is juca calling a cli 99% of the time and is trivial20:11
fungithough this conversation has affirmed my suspicion it's a tool designed for the golang ecosystem (where dependencies are managed in a very particular way) that people are trying to apply to python projects (where dependencies are typically handled much differently)20:13
sean-k-mooneyfungi: clarkb  im tryign to convert watcher now but i messed up by tryign to do too much in one go (moving some check to ruff that it can do natively)20:13
JayFfungi: a lot of new tools are golang/rust ecosystem shaped; that's why they are git-first and package-second :/ 20:14
JayFfungi: it's a pain point gentoo devs hit frequently when packaging things20:14
fungii guess it'll all work out once we finish rewriting all of openstack in rust. i hear that'll be ready any day now ;)20:14
clarkbJayF: the secret is that go has a package system. Its the google go repo cache20:14
clarkbit just happens to use git for its protocol but it acts like package provider preventing unecessary git operations to the actual git locations20:15
sean-k-mooneythe comuity proxy ya20:15
clarkbsr.ht helped them impriove it after they got ddos by all the go mod users20:15
JayFIt didn't always work that way though20:15
sean-k-mooneyyou technially can turn that off but no one does unless there is a coperate firewall in the way20:15
JayFIt's always been git based, but I think the proxying stuff came later20:15
JayFRealistically I haven't done meaningful greenfield go development in long enough I just don't know20:16
sean-k-mooneyfor what its worht pre-commit to my understanding is primarlly a python thing20:17
fungiweird20:17
sean-k-mooneymakefiles for all there evil and i guess good is a go thing20:17
sean-k-mooneyor maybe jsut a redhat thing20:17
sean-k-mooneyredhat go proejct have make for some reason20:18
fungimakefiles are a c thing20:18
sean-k-mooneyi dont mind simle make fiels20:18
fungior at least were 30 years ago when c was what we had20:18
fungibattle-tested and solid20:19
sean-k-mooneybut when you right a devstack equvlent to install openstack on opensift in it that a little bit more make then im ok with in my life20:19
fungiat one point clarkb had a poc to replace tox with make20:19
fungii was +2 on the idea20:19
sean-k-mooneyi coudl get behind justfiles which is basiclly make but where tab vs spaes does not change the bevhior...20:20
clarkbits still in the zuul gerrit change list somewhere20:20
sean-k-mooneyhttps://review.opendev.org/c/openstack/watcher/+/983933/1/.pre-commit-config.yaml20:24
sean-k-mooneyso its kind of ugly because i have too repeat things20:24
sean-k-mooneybut with that watcher shoudl nolonger use git cone20:24
sean-k-mooneyi obviously need to test that more but that every hooks converted to pullign the deps form pypi20:25
sean-k-mooneyi shoudl clean up a few of the comments but that the simpletst 1:1 traslation.20:26
clarkbthe thing make (and its descendents) does that tools like tox fail at (in my opinion anyawy) is the whole depednecy resolution don't do work you don't need to d othing20:28
clarkbby making that an upfront first class thing you have to think about it. The downside is you have to think about it and it can get complicated. But if you want fast tools that is a good place to start20:28
fungiyeah, simplistically, each section makes a target. if that target already exists then make skips it20:29
sean-k-mooneyya the slightly ugly thing is it expct your targts to be compliation step so it expect files to eb cureated20:29
sean-k-mooneyso if your not doing that you need the PHONE hack20:30
sean-k-mooney*PHONY20:30
fungidebian (and so ubuntu and other derivative) source packages use make to this day. the debian/rules file is just a makefile20:30
sean-k-mooneyreally i know it was more imperitive then specfils ( they are also not declaritve enve if it looks like it)20:31
sean-k-mooneybut not that they were basicaly make20:31
funginot just basically make, entirely make20:31
sean-k-mooneyso in our operator repos we just have pre-commit call make  for our local hooks20:32
sean-k-mooneyhttps://github.com/openstack-k8s-operators/nova-operator/blob/main/.pre-commit-config.yaml#L1-L3920:32
sean-k-mooneythe operators ahve generated code for thign like copy20:33
sean-k-mooneybecause go20:33
clarkbthen if you want to go a level deeper you end up using something like bazel. Which I hated because it was too magical. But after using it a bit with Gerrit and learning the magic I'm more tolerant of it. In particular it does things like remember test results and won't rerun tests unless you force it to. As if java never has flaky tests20:33
sean-k-mooneyso there are a bunch of meta programing stpe you have to do before you compile and or commit20:33
fungiclearly java isn't bugproof, that's why god created rust20:39
clarkbmeanwhile haskell is written by god20:40
sean-k-mooneyno that way javascript was created. because if your going to have bugs anyway you might as well use javascript20:40
fungishe has multiple side-projects, sure20:40
fungi(see also: lisp)20:40
sean-k-mooneyhttps://zuul.opendev.org/t/openstack/build/848e9474ea0147009725f5095b0e560e/log/job-output.txt#904-95620:48
sean-k-mooneyso as far as i can tell no more git clones20:48
sean-k-mooneylcally "breakign" the lint seasm to also work20:48
funginice! i know it's more verbose, but you can actually see what's being used there, as compared to a bunch of references to git remotes20:49
sean-k-mooneyya its also fast locally20:50
sean-k-mooneylike 6 seconds20:50
fungialso it was cloning relatively large repos just to use a few bits from a single file, i think?20:52
sean-k-mooneyfor our usecase yes20:52
sean-k-mooneyhooks are not neessary packages20:52
sean-k-mooneythey can be in any language20:52
sean-k-mooneybut the oens watcher ues are just wraper around clis20:52
sean-k-mooneyand that is true of almost every repo20:53
sean-k-mooneywell i might be wrong on that last point20:53
sean-k-mooneybut i bleive that ture of nova cybrog placement ectra20:53
sean-k-mooneyjust takign random oslo repo https://opendev.org/openstack/oslo.middleware/src/branch/master/.pre-commit-config.yaml20:54
sean-k-mooneythat a subset of what wathcher is using so it can be converted the same way20:55
« Wednesday, 2026-04-08 Index Friday, 2026-04-10 »

Generated by irclog2html.py 4.1.0 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!