Add auto dependency flow design doc

[dagood]

Issue: #183. This builds on PR #152 (repo API), adding arguments for automatic dependency flow.

@dotnet/source-build-contrib

[eerhardt]

repo's repo output manifest and repo input manifest

I question how dynamic this graph needs to be. In my mind, I don't see the dependencies between repos changing often enough to warrant a dynamic system where the orchestrator is completely agnostic of the dependencies. I think the system we have in source-build today works now, and will work for the foreseeable future.

I think the amount of work to build and maintain these input/output manifests for each repo will not be worth the value gained.

[eerhardt]

I see this is mentioned in the "Incremental steps toward the vision" section below. Do we see this as necessary even in the "long term" vision?

[DustinCampbell]

I suppose that depends on how hard it is to change the dependencies later. If the graph is easily updated by checking into the orchestrator itself, it might not be worth the effort. Also, it might be easier to see problems if there's one source of truth for the graph rather than having it sprinkled around the repos.

[markwilkie]

I agree that keeping the "orchestrator" as simple as possible is important. Clear declarative contracts are good, and having a ridiculously straight forward orchestrator initially will allow the build to stand up, and then we'll really know what needed and where the highest priority problems are

[dagood]

I'm going to add a commit removing the "far enough forward we probably won't ever do it" stuff so we have a concrete idea what that looks like. (I also prefer removing it at this point.)

@markwilkie, what do you mean by "Clear declarative contracts are good"? That seems to argue the opposite of this thread, which is proposing to remove a potential declarative contract and instead (continue to) store the metadata in the source-build repository.

[dagood]

It still sounds to me like you're arguing for these contracts, but in this context, repo output/input manifest == produces/consumes, and I'm getting rid of them. The only use case for repo output/input is removing the "which repo builds first" metadata from source-build, and instead associating repos based on what packages they output/input.

The orchestrator has to build a graph either way, and IMO it's only marginally more challenging with repo input/output manifests. The problem is asking repos to produce this information without first performing a build: this is a rather large implementation/maintenance cost for an undetermined--almost definitely small--gain. (Even after performing a build, this information is not necessarily easy to gather.)

[markwilkie]

One of the things we learned with desktop is that it's becomes very expensive to manage a product/build when it's unclear what the dependencies are. (it's becomes tough to change anything) The core "requirement" here (for me anyway) is that there's a reasonable way to manage the build over time. A proven strategy is to leverage contracts to help do this. (no magic bullets of course....)

I suspect there are many implementations that will work. For example, where the contract (input/output list?) lives is probably not important. What's important (I think) is that it's explicit what the dependencies are and not simply implied as a "side effect" of the build scripts themselves. Knowing the implications what one's change in that world is a tough place to live.

[dagood]

I see--you could say that each repo produces itself, and each repo in source-build has a list of repos that it consumes. The contract for produces is identity, and for consumes it's having a RepositoryReference item of another repo's name.

[markwilkie]

Perhaps, although referencing packages is probably the most concrete (and known) way to take these dependencies. So long as we're not taking crazy dependencies on specific little packages, I presume this is a reasonable thing to do. (but I don't know that for sure)

[dagood]

I presume this is a reasonable thing to do.

If "this" is "have repos list the packages they depend on and produce before any building happens", the consensus so far is that it's not reasonable and we shouldn't ask repos to do it. Instead, we expect that repo-level dependencies defined in the source-build repo are clear and easy enough to maintain that we should stick with that. (What I described above is the current state of the repo's "contracts", which can also be used by the product build orchestrator.)

[eerhardt]

This may be picking on the details, but signing at this stage isn't going to work.

Take for example the Core-Setup build today - it needs to produce .zips, .msis, etc. that have assemblies embedded in them. In order to sign all these different artifacts, we would need to write systems that knows how to take these things apart, sign all the things inside them that need to be signed, and then put them back together again. Signing is probably best done during the "repo builds" themselves.

[dagood]

Same as above, this is something that was discussed earlier on as a way to save time, but I agree I don't see it being feasible (and maybe not even possible, depending on exactly how the layers go together--e.g. signed things put in signed containers would still require multiple round trips).

Also giving removing this a shot.

[eerhardt]

Do we want to spec here how this is going to be specified to the repos? ex. /p:DotNetSourceBuildTargetFramework=netcoreapp2.1.

[dagood]

Hmm, I'd kind of assumed that the TFM could somehow be picked up from the source-built NETStandard.Library/Microsoft.NETCore.App nupkg using a props file in the package or something. Looking a bit closer, I don't see anything like that, and it looks like CoreFX needs netcoreappX.X before Core-Setup builds, so it probably can't even work in theory.

An arg makes sense to me. It sounds like we'll need one for netstandard and one for netcoreapp.

[eerhardt]

We can't pick up the TFM from a NuGet package because NuGet needs the TFM to know which assets to pick out of the NuGet packages. TFMs need to be specified first - before 'restore' can take place.

It sounds like we'll need one for netstandard and one for netcoreapp.

Do we need both? I assumed the idea was that the whole source build would be for netcoreapp? /cc @weshaggard @ericstj

[dagood]

I don't have a good grasp of what this impacts during the product build itself. I imagine people using the source-build end product would want to be able to build apps against netstandard to have the greater targeting area, but I don't know what's necessary to make that happen.

[eerhardt]

A really good/important question we need to figure out is: "What is the expected usage of these source-built assets?"

Do we expected people to reference the .nupkgs that are produced by this build? If so, then they won't be able to build any netstandard1.x projects. (Or even netstandard2.0 when we move to a netstandard2.1 or 3.0.) Is this intended?

[dagood]

Created #184 to track/discuss--maybe we need some documentation around that point in particular.

[eerhardt]

/cc @livarcocc @DustinCampbell

[eerhardt]

What does the word blob mean in this property? Is it linked to Azure blobs in some way?

[dagood]

This refers to "blob feed", which is the dir structure this API tells repos to put outputs into. It's not a free-for-all dumping ground, so I think it makes sense to have the structure's name in the property rather than something more generic. Blob feeds are briefly described in the terms.

For what "blob" means in "blob feed", I don't know. Sometime soon I'm hoping there will be docs in BuildTools I can link to that will explain.

[dagood]

I'm merging this in to establish a location for this design's current state. Please feel free to create issues or continue to comment here to discuss it more.

[natemcmaster]

May have been mentioned above, but what was the reasoning for changing from /p: to -p: in 3f1f37e? I would prefer /p: so I don't have to implement a parsers to change all these args before passing to msbuild

[dagood]

MSBuild supports -p:! This change flowed from the repo API doc: #152.

[natemcmaster]

Oh, awesome 🎆. TIL a new msbuild syntax. Disregard previous comment

[natemcmaster]

Started trying to use this. I found at least one problem with this: PowerShell. All aspnet repos have a build.cmd script that forwards all arguments to build.ps1. The parameter binding behavior of PowerShell makes it difficult to use the posix format args.

For example, consider this:

REM build.cmd
@ECHO OFF
PowerShell -NoProfile -NoLogo -ExecutionPolicy unrestricted -Command "[System.Threading.Thread]::CurrentThread.CurrentCulture = ''; [System.Threading.Thread]::CurrentThread.CurrentUICulture = '';& '%~dp0build.ps1' %*; exit $LASTEXITCODE"

# build.ps1
[CmdletBinding(PositionalBinding = $false)]
param(
    [string]$Path = $PSScriptRoot,
    [Parameter(ValueFromRemainingArguments = $true)]
    [string[]]$MSBuildArgs
)

Write-Host "`$Path = $Path"
Write-Host "`$MSBuildArgs = $MSBuildArgs"
Write-Host "`$MSBuildArgs length = $($MSBuildArgs.Length)"
# & dotnet msbuild @MSBuildArgs

You get the following behavior:

C:\tmp> build.cmd -t:Build
$Path = C:\tmp
$MSBuildArgs = -t: Test
$MSBuildArgs length = 2

C:\tmp> build.cmd /t:Build
$Path = C:\tmp
$MSBuildArgs = /t:Test
$MSBuildArgs length = 1

C:\tmp> build.cmd -p:SomeProp=true
$Path = SomeProp=true
$MSBuildArgs =
$MSBuildArgs length = 0

C:\tmp> build.cmd -p:SomeProp=true -p:SomeOtherProp=true
ERROR: Cannot bind parameter because parameter 'p' is specified more than once. 

C:\tmp> build.cmd /p:SomeProp=true /p:SomeOtherProp=true
$Path = C:\tmp
$MSBuildArgs = /p:SomeProp=true /p:SomeOtherProp=true
$MSBuildArgs length = 2

[dagood]

@natemcmaster Opened #194 to talk about that in more detail.

[natemcmaster]

Thanks