Add protobuf generated code for Go #12
Conversation
Signed-off-by: Asra Ali <[email protected]>
|
All of the above is purely subjective opinion so feel free to disregard.
My vote is to pull it out into a top level
I think that'd be nice. If I'm not a Go developer, I might not have Go installed. (I feel doubly strong about this because Go insists on crapping all over your home directory.) Something Docker based could be cool b/c reproducibility is easier.
I'd really love to not check in the generated code at all, or possibly to have a separate branch for generated code that only GH Actions can push to. Part of the problem is that GH doesn't have a great story for displaying generated artifacts in the web UI. This is maybe a huge pain for Go, other languages are more reasonable because they have an explicit release process. |
There's gitattributes which doesn't display the generated code (see this PR too).
Sounds good, I'll move them to
Lemme see if this can work, protoc can be installed without that, and you just need to go plugin for it. I would want to avoid docker, but that is somewhat nice. |
That's kinda the opposite of what I want. I'd like the code not to be checked in at all (so we don't run into workflow issues when I forget to do this, and so you don't actually need protoc installed to work on this repo), but I'd still like to be able to look at the generated code (as part of PR reviews and just when browsing repo source). I find that when using generated protobuf code I need to look at the generated code on occasion, so it'd be nice to have that available. Again, this is me being very particular so feel free to solve the problem in whatever way is expedient right now :) |
|
Could we switch to containerized generation for the protobuf file? There is a similar issue for Fulcio: sigstore/fulcio#817. When I was playing around with this for the Sigstore bundle, I too used the I'm in favour of checking in the generated code, and have it browsable, but also having this repository being the canonical repository that all clients depend on, to avoid each client having to fiddle with code generation themselves. So this would mean that we have to align the Go modules for the generated code, and prepare a go.mod file, and possibly move the generated code afterwards so the module names aligns with the paths in the directory. The next step would be to prepare generation for other languages and publish the packages to the canonical package repository. But one thing at a time :)
I don't really understand this? |
|
Just to throw in my 2 cents, I've always found it idiomatic/practical to manage protobuf-generated Go code like this, with a Makefile target and a CI job that recompiles and checks for a diff. The only pain I've had is when protoc versions diverge, but the CI job will make sure that we notice that. I also don't expect contributors to this repo to have any trouble getting protoc installed. |
|
I agree, I also like CI. I'll update to at least (1) move to I think Zack's was saying he doesn't like being the one to push generated code, but wants CI to be totally responsible for it. I think that becomes a little annoying to mess with, unless we want to do PR reviews for just generated code the github actions bot is performing, or else the generated diffs would be invisible and pushed directly to the branch. |
Signed-off-by: Asra Ali <[email protected]>
|
OK final issues is around Go import paths. I think Fredrik has an idea of the best way to do this. I expect I need to change the EDIT: maybe I can fiddle with the options like |
Signed-off-by: Asra Ali <[email protected]>
|
I'm willing to concede this one. I'm just philosophically opposed to checking generated code into version control, and I've been burned by forgetting to run +1 to all the other decisions (a |
Signed-off-by: Asra Ali <[email protected]>
Makefile
Outdated
| # generate Go protobuf code | ||
| proto: | ||
| @echo "Generating Protobuf files" | ||
| docker run -v ${PWD}:/defs ${PROTOC_IMAGE} -i protos -f envelope.proto -l go --go-module-prefix github.com/secure-systems-lab |
There was a problem hiding this comment.
Cool that this works! I think the correct package path is this though:
| docker run -v ${PWD}:/defs ${PROTOC_IMAGE} -i protos -f envelope.proto -l go --go-module-prefix github.com/secure-systems-lab | |
| docker run -v ${PWD}:/defs ${PROTOC_IMAGE} -i protos -f envelope.proto -l go --go-module-prefix github.com/secure-systems-lab/go-securesystemslib |
There was a problem hiding this comment.
This I was actually unsure about: the generated DSSE code lives here in protobuf-specs for now, and without that the imports for the other files that depend on it might get messed up. I actually think I might be able ot preserve the secure-systems-lab part, let me see.
There was a problem hiding this comment.
Yeah :| I'm not sure I can preserve the module path outside of protobuf-specs... if I do, I end up with this error:
--go_out: github.com/sigstore/protobuf-specs/gen/pb-go/dsse/envelope.pb.go: generated file does not match prefix "github.com/secure-systems-lab/go-securesystemslib/gen/pb-go"
Signed-off-by: Asra Ali <[email protected]>
Signed-off-by: Asra Ali <[email protected]>
|
@bobcallaway or @kommendorkapten can you give a quick review please? |
Signed-off-by: Asra Ali <[email protected]>
.github/workflows/generate.yml
Outdated
| pull_request: | ||
| branches: [ main ] |
There was a problem hiding this comment.
Assuming we want this running on all pull requests, prior to merge, I think this needs to not have a branches key.
| pull_request: | |
| branches: [ main ] | |
| pull_request: | |
| types: | |
| - opened | |
| paths: | |
| - '**.proto' |
Edit: updated with types and paths
There was a problem hiding this comment.
I'm not an Actions expert, so you might need to play with these settings a bit until it starts building this PR.
There was a problem hiding this comment.
Ohhh i think i can leave it blank maybe, with the paths
There was a problem hiding this comment.
I think the branches is for targetted against, so understood if it's meant to capture all branches.
Either new workflows aren't triggered in the pull request itself or I've done something wrong still
There was a problem hiding this comment.
Yeah, maybe it needs to be merged before it starts working. We can fix in a follow-up if not!
Signed-off-by: Asra Ali <[email protected]>
Signed-off-by: Asra Ali <[email protected]>
asraa
dismissed stale reviews from bobcallaway, znewman01, kommendorkapten, and codysoyland
via
a8d46f4
|
Just pinging for an approval: Updated with a Dockerfile for auto-updating protoc-all |
Signed-off-by: Asra Ali [email protected]
Partial fix for #3 for Go generate code
This adds a CI test and utilities for generated Go protobuf stubs. Please give me suggestions and rip this apart if needed. I don't know:
Summary
Release Note
Documentation