https://pantsbuild.org/ logo
#development
Title
# development
a

ancient-vegetable-10556

09/23/2022, 8:12 PM
I’m reviewing the remaining Environment Design TODOs, and I have a question about
[GLOBAL].ca_certs_path
. This is a BootstrapOption, which is inherently non-environment-sensitive. There’s clearly places where we need an environment-sensitive value, but we also need a value which is fixed to the environment where Pants is being run (e.g. in
scheduler.py
). Is the solution here to add a new option for process-level certs paths (which defaults to
ca_certs_path
), or something else?
w

witty-crayon-22786

09/23/2022, 8:29 PM
so, i think that the theory in this case is that this might still be useful to provide via an environment, because it might be in a different location on Linux vs macOS for example
and then the answer would be that rather than being hardcoded in the scheduler, it might come from an intrinsic …?
a

ancient-vegetable-10556

09/23/2022, 8:31 PM
Well it’s more that you need to provide a value to construct the scheduler, which by definition is a bootstrap options
w

witty-crayon-22786

09/23/2022, 8:32 PM
that’s my second point. i think that the ca_certs are only used for downloading artifacts… so I think that we can bootstrap without it? maybe not though.
a

ancient-vegetable-10556

09/23/2022, 8:33 PM
it’s provided as an argument to the scheduler, and then for other uses a value from an environment would make sense
Oh I see, it’s used to set up the remote execution client
yeah, so it needs the CA path for things that are intrinsic to getting Pants to run
w

witty-crayon-22786

09/23/2022, 8:36 PM
yea. @hundreds-father-404: so… more generally, i think that we should whack moles that we have identified along the path to particular use cases. so it would be good to spend some time mapping those out soon. while we can definitely identify potentially problematic options purely by inspection, we won’t really be able to prioritize them without those use cases in play
👍 1
a

ancient-vegetable-10556

09/23/2022, 8:37 PM
I think I’m getting a feel for what things make sense to migrate on a per-subsystem level, it’s really the blurring between bootstrap options and global options that’s getting me
👍 1
h

hundreds-father-404

09/23/2022, 10:38 PM
yeah, ca_certs path is the trickiest one we have because of bootstrap options. If helpful, I could try taking that one
@ancient-vegetable-10556 generally, it's probably fruitful to redo my audit. I think I caught most the options, but I certainly will have missed at least one
a

ancient-vegetable-10556

09/23/2022, 10:39 PM
I think ca_certs just needs a design. I think having a second option for process-level certs would be a good start
👍 1