lal 3.7.0

A language-agnostic build system and dependency manager
Documentation

lal dependency manager

A dependency manager built around artifactory and docker. Intended for C++ projects that lack a good module system, by making it easy to set up a system of versioned, pre-compiled releases that are all built in the same docker environment.

See the spec for background information.

Prerequisites (devs)

You need docker (minimum version 1.12), logged into the group with access to your docker images in the relevant config file.

Prerequisites (ops)

A set of docker images as outlined in the relevant config file, all built to include a lal user and available to docker logged in devs (see below)

CI setup to build and upload releases of master as outlined further below.

A configured backend in same config file, distrubuted with lal to your devs.

Building

Get rust (inlined below), clone, build, install, and make it available:

curl https://sh.rustup.rs -sSf | sh
# `rustup update stable` - to upgrade rust later
cargo build --release
ln -sf $PWD/target/release/lal /usr/local/bin/lal
echo "source $PWD/lal.complete.sh" >> ~/.bash_completion
source ~/.bash_completion # or open new shell
lal configure <site-config> # use autocomplete to select config

If you want to release static binaries of these to developers, you can build lal on CI via clux/muslrust. This takes away the need to install rust for developers, and if you use the upgrade feature, you can set up automatic upgrades.

Usage

Illustrated via common workflow examples below:

Creating a new component

Create a git repo, lal init it, then update deps and verify it builds.

lal init xenial # create manifest for a xenial component
git add .lal/
git commit -m "init newcomponent"
# add some dependencies to manifest
lal update gtest --save-dev
lal update libwebsockets --save
# create source and iterate until `lal build` passes

# later..
git commit -a -m "inital working version"
git push -u origin master

The last changeset should be tagged by CI, and lal publish'd if it succeeds.

Creating a new version

Designed to be handled by CI on each push to master (ideally through validated merge). CI should create your numeric tag and upload the build output to artifactory. See the spec for full info.

Docker Image

The build and shell commands will use docker run on a configured image. The only condition we require of docker images is that they have a lal user added.

Normally, this is sufficient in a docker image to satisfy constraints:

RUN useradd -ms /bin/bash lal -G sudo && \
    echo "%sudo ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers

VOLUME ["/home/lal/volume"]

Note that sudo is not necessary, but sometimes convenient.

We will use this user inside the container to run build scripts. By default this works best if the id of the host user is 1000:1000, but if it is not, then lal will create a slightly modified version of the image that matches the user id and group id for your host system.

This is a one time operation, and it is a more general solution for use than docker usernamespaces (which is currently incompatible with features like host networking).

Developing

To hack on lal, follow normal install procedure, but build non-release builds iteratively. When developing we do not do --release. Thus you should for convenience link lal via ln -sf $PWD/target/debug/lal /usr/local/bin/lal.

When making changes:

cargo build
lal subcommand ..args # check that your thing is good
cargo test # write tests

Good practices before comitting (not mandatory):

cargo fmt # requires `cargo install rustfmt` and $HOME/.cargo/bin on $PATH
rustup run nighthly cargo clippy # requires nightly install of clippy

Note that if you have a rust environment set up in your lal config, you can actually lal build lal (which will use the provided manifest.json and BUILD file).

Build issues

If libraries cannot be built, then upgrade rustc by running rustup update stable.

  • missing ssl: install distro equivalent of libssl-dev then cargo clean
  • fatal error: 'openssl/hmac.h' file not found If you are on a GNU/Linux distribution (like Ubuntu), please install libssl-dev. If you are on OSX, please install openssl and check your OpenSSL configuration:
brew install openssl
export OPENSSL_INCLUDE_DIR=`brew --prefix openssl`/include
export OPENSSL_LIB_DIR=`brew --prefix openssl`/lib
export DEP_OPENSSL_INCLUDE=`brew --prefix openssl`/include

Runtime issues

SSL Certificates

The lookup of SSL certificates to do peer verification can fail if they are missing or in a non-standard location. The search is done via the openssl-probe crate.

Although this shouldn't be necessary anymore; you can also override the search yourself by pointing to the certificates explicitly:

# OSX
export SSL_CERT_FILE=/usr/local/etc/openssl/cert.pem
# CentOS
export SSL_CERT_FILE=/etc/ssl/certs/ca-bundle.crt

This should be put in your ~/.bashrc or ~/.bash_profile as lal reads it on every run. Note that the normal location is /etc/ssl/certs/ca-certificates.crt for most modern linux distros.

Docker permission denieds

You need to have performed docker login, and your user must have been added to the correct group on dockerhub by someone in charge before you can pull build environments.

Logging

Configurable via flags before the subcommand:

lal fetch # normal output
lal -v fetch # debug output
lal -vv fetch # all output

Influences

Main inspirations were cargo and npm. A useful reference for the terms used throughout: so you want to write a package manager (long read).