Synchronize the SDK lockfile during release (#3838)

## Description
This PR introduces an additional step to the
`generate-smithy-rs-release` script to synchronize the SDK lockfile with
the runtime lockfiles and the Cargo dependencies specified in
[CargoDependency.kt](https://github.com/smithy-lang/smithy-rs/blob/main/codegen-core/src/main/kotlin/software/amazon/smithy/rust/codegen/core/rustlang/CargoDependency.kt).
For more details on why we synchronize the SDK lockfile, please refer to
the sdk-lockfiles
[README](https://github.com/smithy-lang/smithy-rs/tree/main/tools/ci-build/sdk-lockfiles).

We've decided to synchronize the SDK lockfile during release for the
following reasons:
- Synchronization occurs behind the scenes, avoiding disruptions to the
development workflow, unlike enforcing this check during pre-commit
- It is a single-sourced place for synchronizing the SDK lockfile

## Testing
Tested with the following scenario:
1. Added a dummy dependency to `aws-smithy-runtime` and updated
`rust-runtime/Cargo.lock`
```
--- a/rust-runtime/aws-smithy-runtime/Cargo.toml
+++ b/rust-runtime/aws-smithy-runtime/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "aws-smithy-runtime"
-version = "1.7.1"
+version = "1.7.2"
 authors = ["AWS Rust SDK Team <aws-sdk-rust@amazon.com>", "Zelda Hessler <zhessler@amazon.com>"]
 description = "The new smithy runtime crate"
 edition = "2021"
@@ -41,6 +41,7 @@ hyper-rustls = { version = "0.24", features = ["rustls-native-certs", "http2"],
 once_cell = "1.18.0"
 pin-project-lite = "0.2.7"
 pin-utils = "0.1.0"
+predicates = "3.1.2"
```
2. `sdk-lockfiles audit` failed as expected
```
➜  smithy-rs git:(ysaito/sync-sdk-lockfile-during-release) sdk-lockfiles audit
2024-09-17T21:48:12.346747Z  INFO sdk_lockfiles::audit: checking whether `rust-runtime/Cargo.lock` is covered by the SDK lockfile...
2024-09-17T21:48:12.381919Z  INFO sdk_lockfiles::audit: checking whether `aws/rust-runtime/Cargo.lock` is covered by the SDK lockfile...
2024-09-17T21:48:12.382360Z  INFO sdk_lockfiles::audit: checking whether `aws/rust-runtime/aws-config/Cargo.lock` is covered by the SDK lockfile...
`difflib` (0.4.0), used by `rust-runtime/Cargo.lock`, is not contained in the SDK lockfile!
`float-cmp` (0.9.0), used by `rust-runtime/Cargo.lock`, is not contained in the SDK lockfile!
`normalize-line-endings` (0.3.0), used by `rust-runtime/Cargo.lock`, is not contained in the SDK lockfile!
`predicates` (3.1.2), used by `rust-runtime/Cargo.lock`, is not contained in the SDK lockfile!
`predicates-core` (1.0.8), used by `rust-runtime/Cargo.lock`, is not contained in the SDK lockfile!
Error: there are lockfile audit failures
```
3. Ran [a dry-run
release](https://github.com/smithy-lang/smithy-rs/actions/runs/10914801466)
4. Confirmed that [the SDK lockfile was synchronized during Generate
release
artifacts](https://github.com/smithy-lang/smithy-rs/actions/runs/10914801466/job/30294275147#step:4:390)
5. Confirmed that [the diffs in the SDK
lockfile](d57a7896d3)
only contained updating the `aws-smithy-runtime` crate version and
adding dummy dependencies.
6. `sdk-lockfiles audit` succeeded in the release artifacts
```
➜  smithy-rs git:(ysaito/sync-sdk-lockfile-during-release) ✗ sdk-lockfiles audit --smithy-rs-path ~/Downloads/smithy-rs-release/smithy-rs
2024-09-17T21:54:15.491070Z  INFO sdk_lockfiles::audit: checking whether `rust-runtime/Cargo.lock` is covered by the SDK lockfile...
2024-09-17T21:54:15.521851Z  INFO sdk_lockfiles::audit: checking whether `aws/rust-runtime/Cargo.lock` is covered by the SDK lockfile...
2024-09-17T21:54:15.522278Z  INFO sdk_lockfiles::audit: checking whether `aws/rust-runtime/aws-config/Cargo.lock` is covered by the SDK lockfile...
SUCCESS
```
----

_By submitting this pull request, I confirm that you can use, modify,
copy, and redistribute this contribution, under the terms of your
choice._
This commit is contained in:
ysaito1001 2024-09-18 14:56:57 -05:00 committed by GitHub
parent 1cecc3baa6
commit b62000e4d7
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 14 additions and 0 deletions

View File

@ -88,6 +88,7 @@ RUN set -eux; \
cargo install --locked --path tools/ci-build/publisher; \ cargo install --locked --path tools/ci-build/publisher; \
cargo install --locked --path tools/ci-build/runtime-versioner; \ cargo install --locked --path tools/ci-build/runtime-versioner; \
cargo install --locked --path tools/ci-build/sdk-lints; \ cargo install --locked --path tools/ci-build/sdk-lints; \
cargo install --locked --path tools/ci-build/sdk-lockfiles; \
cargo install --locked --path tools/ci-build/sdk-versioner; \ cargo install --locked --path tools/ci-build/sdk-versioner; \
chmod g+rw -R /opt/cargo/registry chmod g+rw -R /opt/cargo/registry

View File

@ -31,6 +31,19 @@ git diff --staged --quiet || \
-c "user.email=aws-sdk-rust-primary@amazon.com" \ -c "user.email=aws-sdk-rust-primary@amazon.com" \
commit \ commit \
-am "Update changelog" -am "Update changelog"
echo "Synchronizing the SDK lockfile with runtime lockfiles and with crate dependencies specified in CargoDependency.kt..."
./gradlew aws:sdk:syncAwsSdkLockfile
# Verify that crate dependencies in runtime lockfiles are covered by the updated SDK lockfile
sdk-lockfiles audit
# Commit the updated SDK lockfile
git add aws/sdk/Cargo.lock
git diff --staged --quiet || \
git -c 'user.name=AWS SDK Rust Bot' \
-c 'user.email=aws-sdk-rust-primary@amazon.com' \
commit aws/sdk/Cargo.lock \
-m "Synchronize the SDK lockfile"
# Generate the crates to publish # Generate the crates to publish
./gradlew rust-runtime:assemble ./gradlew rust-runtime:assemble
popd popd