Make pushing changes from Git dependency repositories easier #2226
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR mostly addresses issues raised in #2119 and changes the way Git dependencies are initialized to make pushing changes from the cloned repository easier. The following workflow will be now possible/easier with Paket:
paket.dependencies
, then runpaket update/install
to clone and checkout the repo.master
or create a feature branch in the cloned (downstream) repo, i.e. the repo underpaket-files
directory.origin
(upstream) repo, i.e. the repo specified inpaket.dependencies
.paket update
to updatepaket.lock
with SHA1 of the changes pushed to the upstream repo.I understand this PR may be controversial as it develops Paket in a way that may be currently served by Git submodules. However, Paket has some advantages over submodules:
The changes helped our company to move away from (very painful) Nuget source packages. Feel free to suggest changes or reject the PR entirely :-). However, if you choose to accept the proposed changes, a migration strategy has to be devised before merging the PR. Otherwise users would be required to clear Paket local temp directory and respective
paket-files
directories as this is a breaking change.The following changes were made to the implementation of Git dependencies:
Cache repository (i.e. the repo under
%USERPROFILE%\.paket\git\db
) is cloned as a bare mirrorBare clone saves disk space as it does not need a working directory. Mirror clone tracks the upstream remote more closely as it always recreates refs.
Downstream repository is configured with the
origin
remote pointing to the upstream repository (instead of the cache repository)Having the upstream repo configured as the
origin
makes pushing changes to the upstream more natural. We also want to prevent user from pushing the changes to the cache directly - the cache should be managed by Paket.Tracking branch for each downstream repo (
b<REPO_PATH_HASH>
) is no longer created in the cache repoThe branch IMO serves no practical purpose now, see next point.
paket/lock
tag is created and checked out in the downstream repository whenupdate
ing/restore
ing the dependencyThis allows user to see what the original checked out commit was when making changes. By checking out the tag - instead of resetting the downstream repo
--hard
to the tracking branch - the repo starts in the detached HEAD state which:paket/lock
tag againDownstream repository is checked for uncommitted changes before
update
ing/restore
ing the dependencyThis prevents hard-to-track bugs as well as non-repeatable builds that might occur by merging user's uncommitted changes into the new working directory.
Downstream repository is checked for commits made in the detached HEAD state before
update
ing/restore
ing the dependencyThis makes working in the downstream repository safer as it saves user from having to inspect reflog after "losing" her commits. It also forces the user to move the changes to a permanent branch when making meaningful changes.
No tests were impacted by the changes. However, there are currently few integration tests covering Git dependencies.