lal dependency manager
A dependency manager built around artifactory and docker. Intended for C++ projects that lack a good module system, by making it easy to set up a system of versioned, pre-compiled releases that are all built in the same docker environment.
See the spec for background information.
Prerequisites (devs)
You need docker (minimum version 1.12), logged into the group with access to your docker images in the relevant config file.
Prerequisites (ops)
A set of docker images as outlined in the relevant config file, all built to include a lal
user and available to docker logged in devs (see below)
CI setup to build and upload releases of master as outlined further below.
A configured backend in same config file, distrubuted with lal to your devs.
Building
Get rust (inlined below), clone, build, install, and make it available:
|
# `rustup update stable` - to upgrade rust later
If you want to release static binaries of these to developers, you can build lal on CI via clux/muslrust. This takes away the need to install rust for developers, and if you use the upgrade
feature, you can set up automatic upgrades.
Usage
Illustrated via common workflow examples below:
Creating a new component
Create a git repo, lal init it, then update deps and verify it builds.
# add some dependencies to manifest
# create source and iterate until `lal build` passes
# later..
The last changeset should be tagged by CI, and lal publish
'd if it succeeds.
Creating a new version
Designed to be handled by CI on each push to master (ideally through validated merge). CI should create your numeric tag and upload the build output to artifactory. See the spec for full info.
Docker Image
The build
and shell
commands will use docker run
on a configured image. The only condition we require of docker images is that they have a lal
user added.
Normally, this is sufficient in a docker image to satisfy constraints:
RUN useradd -ms /bin/bash lal -G sudo && \
echo "%sudo ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers
VOLUME ["/home/lal/volume"]
Note that sudo
is not necessary, but sometimes convenient.
We will use this user inside the container to run build scripts. By default this works best if the id
of the host user is 1000:1000, but if it is not, then lal will create a slightly modified version of the image that matches the user id and group id for your host system.
This is a one time operation, and it is a more general solution for use than docker usernamespaces (which is currently incompatible with features like host networking).
Developing
To hack on lal
, follow normal install procedure, but build non-release builds iteratively.
When developing we do not do --release
. Thus you should for convenience link lal
via ln -sf $PWD/target/debug/lal /usr/local/bin/lal
.
When making changes:
Good practices before comitting (not mandatory):
Note that if you have a rust environment set up in your lal config, you can actually lal build lal
(which will use the provided manifest.json
and BUILD
file).
Build issues
If libraries cannot be built, then upgrade rustc
by running rustup update stable
.
- missing ssl: install distro equivalent of
libssl-dev
thencargo clean
- fatal error: 'openssl/hmac.h' file not found If you are on a GNU/Linux distribution (like Ubuntu), please install
libssl-dev
. If you are on OSX, please install openssl and check your OpenSSL configuration:
Runtime issues
SSL Certificates
The lookup of SSL certificates to do peer verification can fail if they are missing or in a non-standard location. The search is done via the openssl-probe crate.
Although this shouldn't be necessary anymore; you can also override the search yourself by pointing to the certificates explicitly:
# OSX
export SSL_CERT_FILE=/usr/local/etc/openssl/cert.pem
# CentOS
export SSL_CERT_FILE=/etc/ssl/certs/ca-bundle.crt
This should be put in your ~/.bashrc
or ~/.bash_profile
as lal
reads it on every run. Note that the normal location is /etc/ssl/certs/ca-certificates.crt
for most modern linux distros.
Docker permission denieds
You need to have performed docker login
, and your user must have been added to the correct group on dockerhub by someone in charge before you can pull build environments.
Logging
Configurable via flags before the subcommand:
Influences
Main inspirations were cargo and npm. A useful reference for the terms used throughout: so you want to write a package manager (long read).