Hermeticity in programming languages and build systems refers to the concept of creating isolated and reproducible environments for building and running software. Here are the key aspects of hermetic builds and systems:
Isolation
Hermetic builds aim to isolate the build process from the host system:
- They use specific versions of build tools and dependencies, rather than relying on what's installed on the local machine[1].
- The build environment is self-contained and doesn't depend on external services or libraries outside the defined build context[1].
Reproducibility
A core principle of hermetic builds is reproducibility:
- Given the same input source code and configuration, a hermetic build system should always produce the same output[1].
- This makes builds more predictable and easier to debug across different environments.
Benefits
Hermetic builds offer several advantages:
- Speed: Outputs can be cached, avoiding unnecessary rebuilds[1].
- Parallel execution: The build system can efficiently parallelize tasks based on a well-defined action graph[1].
- Multiple builds: Different builds with varying tool versions can coexist on the same machine[1].
- Troubleshooting: Reproducibility aids in identifying and fixing issues[1].
Implementation
To achieve hermeticity, build systems often employ techniques such as:
- Treating tools as source code, managing their versions within the build environment[1].
- Using unique identifiers (like Git hashes) to ensure consistency of inputs[1].
- Sandboxing build actions to prevent interference between steps[1].
Challenges
Achieving perfect hermeticity can be difficult:
- Some common sources of non-hermeticity include arbitrary processing in build scripts, non-deterministic file creation, and reliance on system binaries[1].
- Developers may need to actively identify and eliminate sources of non-hermetic behavior in their build processes[1].
Tools and Languages
While hermeticity is a concept that can be applied to various programming languages and build systems, some tools are designed with hermeticity in mind:
- Bazel: A build system that emphasizes hermetic and reproducible builds[1].
- Buck: Another build system focused on hermetic builds, used by companies like Facebook[4].
By embracing hermetic principles, developers can create more reliable, reproducible, and maintainable build processes across different environments and team members.
Citations: [1] https://bazel.build/basics/hermeticity [2] https://subscription.packtpub.com/book/programming/9781783982707/3/ch03lvl1sec24/the-hermetic-test-pattern [3] https://www.reddit.com/r/java/comments/14hwust/hermetic_java_self_contained_executable_images/ [4] https://pepicrft.me/blog/2018/01/28/xcode-rigidity-hermeticism [5] https://en.wikipedia.org/wiki/Hermes_%28programming_language%29 [6] https://digitalambler.com/2012/03/02/hermetically-computeristic-computationally-hermetic/ [7] https://news.ycombinator.com/item?id=19610869