We looked at Stuart and it can prevent a recursive submodule update at
the first level but then it would prevent further updates. Here Repo A
can prevent a recursive update in edk2 but it would then not be able to
get libspdm.
[Repo A] -[1]> [edk2] -[2]> [libspdm] -[3]> [cmocka]
At its root, the issue is that this is broken, not wasteful. Therefore,
it is disruptive and a regression for existing workflows.
We, and I'm sure many other projects, recursively clone packages in edk2
with submodules. For years, this has been fine except for a few brief
exceptions. We pulled the change with the libspdm dependency into our
codebase 8 days ago and this has been broken all day. The track record
of cryptomilk.org in the past was also very poor and frequently caused
problems. There is not an incident response team that I'm aware of at
cryptomilk.org that provides status updates and proactively addresses
services issues (i.e. https://www.githubstatus.com/).
Also, libspdm is now a dependency and cloning cmocka there may fail.
Users should expect that they can clone and work in that repo as part of
their firmware development process without frequent service disruptions
in the way.
While I started this thread to raise the issue for users impacted here,
I filed https://github.com/DMTF/libspdm/issues/2707 to track the request
in the libspdm repo.
Thanks,
Michael
On 5/22/2024 6:24 PM, Kinney, Michael D wrote:
Libspdm also depends on openssl. We did not want to clone openssl twice.
I though stuart config specifies which submodules to clone. Can’t we skip
all the submodules within libspdm to fix CI?
Can't devs choose to not use --recursive?
Mike
-----Original Message-----
From: Michael Kubacki <mikub...@linux.microsoft.com>
Sent: Wednesday, May 22, 2024 3:16 PM
To: devel@edk2.groups.io; Kinney, Michael D <michael.d.kin...@intel.com>;
Yao, Jiewen <jiewen....@intel.com>
Subject: Re: [edk2-devel] libspdm Breaking Builds
I don't think that's a very good solution given the diversity of
downstream projects dependent on the repo or even for the libspdm repo
itself.
Thanks,
Michael
On 5/22/2024 5:57 PM, Michael D Kinney wrote:
This was discussed and the decision was made to no use recursive clone on
libspdm.
Mike
-----Original Message-----
From: Michael Kubacki <mikub...@linux.microsoft.com>
Sent: Wednesday, May 22, 2024 1:40 PM
To: devel@edk2.groups.io; Yao, Jiewen <jiewen....@intel.com>
Cc: Kinney, Michael D <michael.d.kin...@intel.com>
Subject: libspdm Breaking Builds
Recently, the libspdm submodule was added to SecurityPkg
(SecurityPkg/DeviceSecurity/SpdmLib/libspdm) [1].
That submodule points to https://github.com/DMTF/libspdm.git.
The libspdm repo contains a submodule for cmocka that is hosted on
cryptomilk.org [2].
Cloning that submodule is failing today, breaking all builds/CI
dependent on SecurityPkg.
This has been an issue in the past and it is very disruptive given the
number of dependencies on edk2/SecurityPkg. Because of its reliability
issues, edk2 moved to a version of the repo hosted in tianocore [3] in
2021 [4]
Can you please make a similar change in libspdm and we get edk2 updated
as soon as possible?
Thanks,
Michael
[1]
https://github.com/tianocore/edk2/commit/54a4fd9b35cac79e7c54b750d3dddd0fbb43
dca1
[2] https://github.com/DMTF/libspdm/blob/main/.gitmodules
[3] https://github.com/tianocore/edk2-cmocka
[4]
https://github.com/tianocore/edk2/commit/2ad22420a710dc07e3b644f91a5b55c09c39
ecf3
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119122): https://edk2.groups.io/g/devel/message/119122
Mute This Topic: https://groups.io/mt/106250971/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
