Firstyear
misleading docs of `cargo_vendor` (and a problem with `cargo update`?)
Hi,
first TL;DR: cargo_vendor.service incorrectly claims the update param is false by default. Also, cargo update can't manage raw dependencies (happens with the [patch.crates-io] section), whereas cargo vendor can.
Thank you very much for maintaining this plugin! I am using version 1.3.6 of obs-service-cargo on recent openSUSE Tumbleweed. While updating a package with rust bindings (python-mitmproxy-rs) OBS run into a problem. The package had a service file like this:
<services>
<service name="download_files" mode="manual"/>
<service name="cargo_vendor" mode="manual">
<param name="srcdir">mitmproxy_rs-0.9.2</param>
<param name="compression">zst</param>
</service>
<service name="cargo_audit" mode="manual">
</service>
</services>
While running osc service runall cargo_vendor it failed with:
...
2024-10-09T10:10:03.009071Z INFO obs_service_cargo::vendor: ⏫ Updating dependencies before vendor
2024-10-09T10:10:03.045516Z ERROR obs_service_cargo::utils: stdoutput=""
2024-10-09T10:10:03.045541Z ERROR obs_service_cargo::utils: stderrput="error: failed to load source for dependency `boringtun`\n\nCaused by:\n Unable to update https://github.com/cloudflare/boringtun?rev=e3252d9c4f4c8fc628995330f45369effd4660a1\n\nCaused by:\n the source git+https://github.com/cloudflare/boringtun?rev=e3252d9c4f4c8fc628995330f45369effd4660a1 requires a lock file to be present first before it can be\n used against vendored source code\n\n remove the source replacement configuration, generate a lock file, and then\n restore the source replacement configuration to continue the build\n"
2024-10-09T10:10:03.045560Z ERROR obs_service_cargo::vendor: err=Failed to run command `cargo update`. Has exit code `101`. Standard Output Error:
2024-10-09T10:10:03.045576Z ERROR obs_service_cargo::cli: err=kind: cargo vendor process failed
reason: Unable to execute cargo
2024-10-09T10:10:03.232471Z ERROR cargo_vendor: kind: cargo vendor process failed
reason: kind: cargo vendor process failed
reason: Unable to execute cargo
Error: kind: cargo vendor process failed
reason: kind: cargo vendor process failed
reason: Unable to execute cargo
When I added <param name="update">false</param>, it passed:
...
2024-10-09T10:11:02.228690Z WARN obs_service_cargo::utils: 😥 Disabled update of dependencies. You should enable this for security updates.
2024-10-09T10:11:02.248464Z INFO obs_service_cargo::audit: 🎉 Cargo audit passed!
2024-10-09T10:11:06.252049Z INFO obs_service_cargo::vendor: 📦 Archiving vendored dependencies...
2024-10-09T10:11:41.014472Z INFO obs_service_cargo::cli: 🥳 ✨ Successfull ran OBS Service Cargo Vendor ✨
But cargo_vendor.service claims:
<parameter name="update">
<description>Specify whether to run a cargo update before vendor. Default: False</description>
<allowedvalue>false</allowedvalue>
<allowedvalue>true</allowedvalue>
</parameter>
So maybe it would be nice to note that the default is actually true?
Why did it happen? In the package's Cargo.toml there is:
[patch.crates-io]
# tokio = { path = "../tokio/tokio" }
smoltcp = { git = 'https://github.com/smoltcp-rs/smoltcp', rev = 'ef67e7b46cabf49783053cbf68d8671ed97ff8d4' }
boringtun = { git = 'https://github.com/cloudflare/boringtun', rev = 'e3252d9c4f4c8fc628995330f45369effd4660a1' }
to get newer revisions of dependencies than available at https://github.com/rust-lang/crates.io-index. cargo update had the same problem with both of the patched dependencies. Is it a bug in cargo update or is this expected?
Will you please take a look at this? Thanks a lot!
