Running DAZL tests in Github Presubmit (Also with bazel)

Expanding to a new question from:

Currently we have a test that runs locally ok. (I manually executed the lines in Setup.daml as conn.upload_package does not seem to execute the init-script.) However, when I try to run it in github as a presubmit action, it runs into an error like this:

    with testing.sandbox(project_root=None, version='2.0.0') as sb:
  File "BAZEL_DIRECTORYSTUFF/test.runfiles/pip_pypi__dazl/dazl/testing/", line 126, in __enter__
  File "BAZEL_DIRECTORYSTUFF/test.runfiles/pip_pypi__dazl/dazl/testing/", line 94, in start
    self._process = subprocess.Popen(
  File "BAZEL_DIRECTORYSTUFF/external/hermetic_python_install/bazel_install/python-3.8.13/lib/python3.8/", line 858, in __init__
    self._execute_child(args, executable, preexec_fn, close_fds,
  File "BAZEL_DIRECTORYSTUFF/hermetic_python_install/bazel_install/python-3.8.13/lib/python3.8/", line 1704, in _execute_child
    raise child_exception_type(errno_num, err_msg, err_filename)
FileNotFoundError: [Errno 2] No such file or directory: 'daml'

Is there a recommended way to set it up properly so that it would succeed?

We ideally don’t need to install daml installed on the machine, but is there no alternative? If nothing else, can we make sure that our presubmit tests are hermetic?

You’ll need to install daml on the machine in order to actually run the sandbox, unfortunately, as dazl relies on the sandbox in the Daml SDK’s installation.

I see, thank you. There is no way to make daml hermetic for a github presubmit test then?

Can you define more precisely what you mean by “hermetic” in this context? You do need your build tools installed in order to run a build.

We were trying to make our presubmit fully self-sufficient, so that the build on the machine doesn’t necessarily affect the result of the test.

What is preventing you from including the Daml SDK as part of that presubmit configuration? Apologies if that’s a dumb question, I have zero experience with GitHub Actions and am thus not aware of their specific limitations.

In principle, it doesn’t seem like having one extra dependency to preinstall voids hermeticity.

We want to mainly be immune to any updates to other systems that may cause our system to fail. We want to update the builds on our side on demand or set it to the desired version as we test so that we have a guarantee on knowing what caused a regression / breakage if there are any.

We do not change published artifacts, so you can count on

curl | sh -s $VERSION

always installing the same SDK (for the same value of $VERSION). Does that help?

Yes we incorporated that into our github action. Thank you.