apt2ostree
tup
Our great sponsors
apt2ostree | tup | |
---|---|---|
6 | 23 | |
93 | 1,139 | |
- | - | |
0.0 | 7.7 | |
over 1 year ago | 25 days ago | |
Python | C | |
- | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
apt2ostree
-
Why Use Make
Hm yes now I remember that point about how the data is anonymous Python objects that you can pass around to functions.
Are there any open source examples? I looked around the github account, but I mostly remember this tool
https://github.com/stb-tester/apt2ostree
I'd be interested in seeing the Python config and Ninja output, to see how it works. Right now it looks to me like the dependencies are more implicit than explicit, e.g. with your copen example
---
The system I ended up with is more like Bazel, but it's not building containers, so it's a slightly different problem. But I'm interested in building containers incrementally without 'docker build'.
I like the apt lockfile idea definitely ... However I also have a bunch of other blobs and tarballs, that I might not want to check into git. I guess you just put those in OSTree?
Our config looks like this
https://github.com/oilshell/oil/blob/master/core/NINJA_subgr...
And all the code is in build/ninja* of the same repo
-
An ode to Flatpak (and Fedora Silverblue)
However, you can get pretty close yourself with a tool like this https://github.com/stb-tester/apt2ostree
-
Docker containers usually still reachable even if bound to 127.0.0.1
With apt2ostree[1] we use lockfiles to allow us to version control the exact versions that were used to build a container. This makes updating the versions explicit and controlled, and building the containers functionally reproducible - albeit not byte-for-byte reproducible.
[1]: https://github.com/stb-tester/apt2ostree#lockfiles
-
Any plans for an immutable Debian desktop?
If you have time to test things, you can try to use ostree to manage a Debian installation. This is what Silverblue uses. Their is already a tool to create APT-based ostree images.
- Lockfiles for packages in a Debian/Ubuntu rootfs
-
Reproducible builds for Debian: a big step forward
On the subject of reproducible debian-based environments I wrote apt2ostree[1]. It applies the cargo/npm lockfile idea to debian rootfs images. From a list of packages we perform dependency resolution and generate a "lockfile" that contains the complete list of all packages, their versions and their SHAs. You can commit this lockfile to git.
You can then install Debian or Ubuntu into a chroot just based on this lockfile and end up with a functionally reproducible result. It won't be completely byte identical as your SSH keys, machine-id, etc. will be different between installations, but you'll always end up with the same packages and package versions installed for a given lockfile.
This has saved us on a few occasions where an apt upgrade had broken the workflow of some of our customers. We could see exactly which package versions changed in git history and roll-back the problematic package before working on fixing it properly. This is vastly better than the traditional `RUN apt-get install -y blah blah` you see in `Dockerfile`s.
IMO it's also more convenient than debootstrap as you don't need to worry about gpg keys, etc. when building the image. Dependency resolution and gpg key stuff is done at lockfile generation time, so the installation process can be much simpler. In theory it could be made such that only dpkg is required to do the install, rather than the whole of apt, but that's by-the-by.
apt2ostree itself is probably not interesting to most people as it depends on ostree and ninja but I think the lockfile concept as applied to debian repos could be of much broader interest.
[1]: https://github.com/stb-tester/apt2ostree#lockfiles
[2]: https://ostreedev.github.io/ostree/
tup
-
Show HN: Hancho – A simple and pleasant build system in ~500 lines of Python
Whenever looking at one these, I think back to the obscure but interesting "tup":
“How is it so awesome? In a typical build system, the dependency arrows go down. Although this is the way they would naturally go due to gravity, it is unfortunately also where the enemy's gate is. This makes it very inefficient and unfriendly. In tup, the arrows go up.”
https://gittup.org/tup/
-
Mazzle – A Pipelines as Code Tool
Once upon a time, you could roll your own of this using `tup` which might have my favorite "how it works" in the readme:
How is it so awesome?
In a typical build system, the dependency arrows go down. Although this is the way they would naturally go due to gravity, it is unfortunately also where the enemy's gate is. This makes it very inefficient and unfriendly. In tup, the arrows go up. This is obviously true because it rhymes. See how the dependencies differ in make and tup:
[ Make vs. Tup ]
See the difference? The arrows go up. This makes it very fast.
https://gittup.org/tup/
Also has a whitepaper: https://gittup.org/tup/build_system_rules_and_algorithms.pdf
- Using LD_PRELOAD to cheat, inject features and investigate programs
- Mk: A Successor to Make [pdf]
-
What should I use to take notes in college?
Ten years ago, I used reStructuredText and its support for LaTeX math and syntax highlighting. I used tup (tup monitor -a -f) to take care of running rst2html on save.
- Knit: Making a Better Make
-
Buck2: Our open source build system
I might be showing my ignorance here, but this just sounds like Tup? https://gittup.org/tup/
-
Small Project Build Systems (2021)
I agree. While I like the idea of tup (https://gittup.org/tup/ -- the first "forward" build system I remember hearing of), writing a makefile is easy enough that thinking about the problem upside-down doesn't offer a compelling reason to switch.
Ptrace is one option for tracing dependencies, but it comes with a performance hit. A low-level alternative would be ftrace (https://lwn.net/Articles/608497/) or dtrace (https://en.wikipedia.org/wiki/DTrace).
Tup uses LD_PRELOAD (or equivalent) to intercept calls to C file i/o functions. On OSX it looks DYLD_INSERT_LIBRARIES would be the equivalent.
-
Why Use Make
* order-only prerequisites - X must happen before Y if it's happening but a change in X doesn't trigger Y
This is just a small selection and there are missing things (like how to handle rules that affect multiple targets).
It's all horrible and complex because like a lot of languages there's a manual listing the features but not much in the way of motivations for how or why you'd use them so you have to find that out by painful experience.
It's also very difficult to address the warts and problems in (GNU) make because it's so critical to the build systems of so many packages that any breaking change could end up being a disaster for 1000s of packages used in your favorite linux distribution or even bits of Android and so on.
So it's in a very constrained situation BECAUSE of it's "popularity".
Make is also not a good way to logically describe your build/work - something like Meson would be better - where you can describe on the one hand what a "program" model was as a kind of class or interface and on the other an implementation of the many nasty operating system specific details of how to build an item of that class or type.
Make has so many complex possible ways of operating (sometimes not all needed) that it can be hard to think about.
The things that Make can do end up slowing it down as a parser such that for large builds the time to parse the makefile becomes significant.
Make uses a dependency tree - when builds get large one starts to want an Inverted Dependency Tree. i.e. instead of working out what the aim of the build is and therefore what subcomponents need to be checked for changes we start with what changed and that gives us a list of actions that have to be taken. This sidesteps parsing of a huge makefile with a lot of build information in it that is mostly not relevant at all to the things that have changed. TUP is the first tool I know about that used this approach and having been burned hard by make and ninja when it comes to parsing huge makefiles (ninja is better but still slow) I think TUP's answer is the best https://gittup.org/tup/
-
Content based change detection with Make
You might enjoy Tup[1] if you've not checked it out before.
[1]: https://gittup.org/tup/
What are some alternatives?
ostree - Operating system and container binary deployment and upgrades
please - High-performance extensible build system for reproducible multi-language builds.
chromium - The official GitHub mirror of the Chromium source
Taskfile - Repository for the Taskfile template.
rkt
magma-nvim - Interact with Jupyter from NeoVim.
eget - Easily install prebuilt binaries from GitHub.
just - 🤖 Just a command runner
singularity - SingularityCE is the Community Edition of Singularity, an open source container platform designed to be simple, fast, and secure.
gnumake-windows - Instructions for building gnumake.exe as a native windows application
knit - A simple and flexible build tool using Lua, similar to make/mk.
doit - task management & automation tool