That's how the website build works. It's kinda funny watching Docker build fire up when you need to publish a web page, but it separates things nicely.
I don't think it's a huge declaration, but there is definitely a case for doing a "year of efficiency" type effort with the builds. It's got a lot of tech debt built up as witnessed by "ant clean" "ant realclean" and "ant nuke_it_from_space." Not looking forward to the religious wars this will spark, but needs to be done. I would be happy to organize some scoping documentation in Confluent to start. Patrick On Wed, Apr 30, 2025 at 7:20 AM Joseph Lynch <joe.e.ly...@gmail.com> wrote: > I also feel like this is what docker is for? It should be relatively > straightforward to start from a golang Dockerfile, add the files you need, > generate the docs and copy the result back out? > > -Joey > > On Wed, Apr 30, 2025 at 10:14 AM Chris Lohfink <clohfin...@gmail.com> > wrote: > >> Cassandra's rube goldberg build system is so incredibly painful to >> integrate inside corporate CI environments already... maybe docker >> containers so you dont actually install random tools on the host computer >> it might not have privileges to do? >> >> On Wed, Apr 30, 2025 at 6:13 AM Josh McKenzie <jmcken...@apache.org> >> wrote: >> >>> So while it would be nice to keep things such that someone just runs ant >>> and gets everything built, given this does not seem to be a standard method >>> of dealing with a go install in build scripts, I would suggest we stop >>> doing it. It looks to be very simple to install Go, so maybe switch to >>> telling someone how to install it if it is not found, as well as giving >>> them the setting to disable that artifact. >>> >>> +1 to Jeremiah's thoughts here. >>> >>> Passing thought - maybe introduce an "ant install-deps" target that'll >>> install deps if not found? >>> >>> On Tue, Apr 29, 2025, at 7:30 AM, Maxim Muzafarov wrote: >>> >>> Hey, >>> >>> I've prepared a python script that generates the same docs (no go >>> dependency). I use the jinja2 dependency, not sure if it's optimal >>> because I had to google how to use it though (also not sure if it has >>> to be run in docker). >>> I haven't tested the generated files with the website, but I've >>> compared the results with the same files in the trunk, and they look >>> similar (almost). >>> >>> >>> https://github.com/apache/cassandra/compare/trunk...Mmuzaf:cassandra:generate-cqlprotodocs-python >>> >>> On Tue, 29 Apr 2025 at 10:10, Benedict <bened...@apache.org> wrote: >>> > >>> > We should never download and install software via adhoc scripts >>> without user consent. Was this ever discussed on this mailing list? If not, >>> it’s a clear breach of policy (introducing a new dependency) and a severe >>> one in my opinion, as it seems to introduce a new supply chain attack >>> vector for all developers of Cassandra. >>> > >>> > >>> > >>> > On 29 Apr 2025, at 08:17, Mick Semb Wever <m...@apache.org> wrote: >>> > >>> > >>> > >>> > . >>> > >>> > >>> >> >>> >> But that doesn’t seem to be the case here, the script checks for arm >>> vs amd64, Linux vs Mac, and then fetches and untars the go distro into tmp. >>> There is no verification of the download. The only check is if curl >>> returned non 0. >>> > >>> > >>> > >>> > Thanks for catching this, the sha256 check should always have been in >>> place. Adding this is just a one-liner, so that alone shouldn't force the >>> decision. >>> > >>> > >>> > >>> >> It looks to be very simple to install Go >>> > >>> > >>> > >>> > It takes a bit to ensure all build and CI systems are updated, and we >>> never catch everything (esp what's downstream). >>> > >>> > >>> > While it's "simple", multiplied by everyone (and every system) it adds >>> up to be a significant time demand. >>> > >>> > Again, this too shouldn't be forcing the decision either way on what >>> we want to do. >>> > >>> > >>> > >>> >>> >>>
