Long term effort for getting off Environment variables (for reproducible builds)

[KirillOsenkov]

The fact that MSBuild initializes properties with environment variables is very bad for reproducible builds. CI servers often have different sets of environment variables set, and investigating on the CI server is usually hard.

For compatibility reasons, I doubt we'll ever get rid of reading environment, but I hope there can be "Strict Mode" where environment is not read at all. Builds could opt in to strict mode and use other means of initializing global state.

Example:
https://github.com/NuGet/NuGet.Client/blob/2aad8d25e66e9c3737b220631f3661bb6235d14b/src/NuGet.Core/NuGet.Build.Tasks/NuGet.targets#L555-L565

Imagine if the CI Server defines the VERSION environment variable and sets it to something like a Git SHA.

You get a build failure like this:

/Library/Frameworks/Mono.framework/Versions/5.8.0/lib/mono/xbuild/NuGet.targets(102,5): error : 'fbc5117dcb21f0d180c4b199d828d4f4b9d6f4a8' is not a valid version string. [/Users/builder/data/lanes/5668/fbc5117d/source/md-addins/MacSetup/build/BinaryChecker.proj]
/Library/Frameworks/Mono.framework/Versions/5.8.0/lib/mono/xbuild/NuGet.targets(102,5): error : Parameter name: value [/Users/builder/data/lanes/5668/fbc5117d/source/md-addins/MacSetup/build/BinaryChecker.proj]

Tracking it down from that failure to that line to NuGet.targets is highly non-trivial.

[KirillOsenkov]

Example issue: NuGet/Home#6154

[nguerrera]

#1144

[david-driscoll]

Years ago when I got a new PC at work (an hp), as part of the default install of windows (from hp or internally not sure) there were a few environment variables that were set, one was PLATFORM which completely hosed visual studio until I figured it out.

[dasMulli]

Related: dotnet/sdk#481

Also looks like some folks are using VERSION env vars on docker images that throw off builds. Was diagnosing the impact and workarounds with @niemyjski - e.g. TreatAsLocalProperty.

[kzu]

Just like /noautoresponse, I'd name this something like /noenvironment or /novars or (uglier?) /noenvvars

[nguerrera]

Opting out of the specific behavior was what I was suggesting in #1144

[sandyarmstrong]

Another example issue: NuGet/Home#5614

[jaredpar]

Want to add my most recent pain point here. I've been working on moving the Roslyn infrastructure from Jenkins to VSTS. When defining my initial YAML file I made the fateful decision to name on of the YAML matrix variables "configuration".

As a result this ended up adding an environment variable called "configuration" which was then present for our build and subsequent running of unit tests. The unit tests included a set of MSBuild integration tests which happily inherited this environment variable, set some defaults and ended up breaking our tests in a really subtle way. Took three days of digging to get to the bottom of this one.