-
-
Notifications
You must be signed in to change notification settings - Fork 540
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
De-vendor prebuilt binaries to ease packaging for Linux distros #469
Comments
Generally, I suggest a good way to replace embedded code copies is to
create binary packages for Windows/macOS/etc and only embed deps in the
binary packages that can't be installed via binary package deps.
I think Python has some sort of system for binary packages too.
To satisfy the the folks who want to install from source with one
command you can make the setup.py install all dependencies, either via
their distro or via the relevant language package managers.
|
@pabs3 wrote
I agree this is the way to go. Python has a system for binary packages alright and I should be able to use that to include plain binaries for the few pure native exe and libs (such as And I can make these such that we have variants for Windows, Mac and Linux32 and 64 instead of the vendored directories at https://github.com/nexB/scancode-toolkit/tree/develop/src/typecode/bin or https://github.com/nexB/scancode-toolkit/tree/develop/src/extractcode/bin ... I still want to keep the experience to download and run without having anything other dep needed beside Python proper and that on all three OSes and this should work alright: I wish that dealing with installing dependent packages from sources or prebuilt binaries on Windows and Mac would be a well solved problem, but this is not the case. So the way could be to break these binaries apart such that:
One difficulty is that the available Debian versions of these deps may not match the exact version that ScanCode expects... but that should not be a major issue to deal with (though it will need testing for sure) |
@roscopecoltran for your issue #636 related to the pre-built binaries it is best to do this here |
This is also needed for the work of @maxyz |
@pombredanne So is this done now, (I mean a PyPI package containing all binaries)...I would like to work on this packaging problem,( and eventually #487 ). |
@bhavishyagopesh Thanks! No this is not done. Ideally, we want a plugin system using the same approach as the |
@bhavishyagopesh any progress on your side? I just got a new report on a related issue in #834 by @spbkelt so since you want to work on this issue, I'd need to know what's up and what could be an ETA? |
@pombredanne I went through ur suggestion, I need to confirm a few things :
Thanks for your patience. |
In plugins, one for each os/arch and binary with fallback to PATH env var if not provided.
Plugins can go a in module for now, but they should be using the same approach with pluggy designed by @yashdsaraf : they should provide a path to a binary for an os/arch. Eventually they will be in separate repos in the future. |
@pombredanne I'm not quite sure of this but would something like this work: and now for eg. I think everything like finding the os/arch and load_lib() is being done by Thanks. |
@bhavishyagopesh yes something along these line would likely work.... a PR is welcomed and is best to discuss and review! |
Since Scancode binaries are built on Debian based machines, and the prebuilt dependencies are named differently on RedHat based machines py.test will not be able to find the libbz2.so library on those machines. See https://github.com/nexB/scancode-toolkit/issues/443 Added a note about how to work around this issue by symbolically linking the existing libbz2.so on the filesystem to the expected name. This should be removed once aboutcode-org#469 is solved Signed-off-by: Nisha K <nishak@vmware.com>
Since Scancode binaries are built on Debian based machines, and the prebuilt dependencies are named differently on RedHat based machines py.test will not be able to find the libbz2.so library on those machines. See https://github.com/nexB/scancode-toolkit/issues/443 Added a note about how to work around this issue by symbolically linking the existing libbz2.so on the filesystem to the expected name. This should be removed once #469 is solved Signed-off-by: Nisha K <nishak@vmware.com>
Since Scancode binaries are built on Debian based machines, and the prebuilt dependencies are named differently on RedHat based machines py.test will not be able to find the libbz2.so library on those machines. See https://github.com/nexB/scancode-toolkit/issues/443 Added a note about how to work around this issue by symbolically linking the existing libbz2.so on the filesystem to the expected name. This should be removed once aboutcode-org#469 is solved Signed-off-by: Nisha K <nishak@vmware.com>
Just for reference, the gist is that we are using pre-built libmagic, libarchive and 7z and a few other as a convenience, with some commoncode.command code to pick the right path on each OS. This makes it hard to use system libs instead when scancode is packaged as a Linux distro package. So we need to find a way to still have this option (e.g. by using one or more wheel with these natives that is optional) and otherwise use a system provided lib (e.g. a distro provided native) This is part about de-bundling and packaging the natives as wheel and part about having some pluggable way to use that or fallback to a system lib if available and the wheels with native are not |
@bhavishyagopesh You never submitted a PR for this, are you still interested? |
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
Implement this in extractcode and typecode to provide 7zip, libarchive and libmagic through plugins instead of using vendored binaries in the core scancode Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
- Some binaries initially committed were not correct for a given architecture. Also several provide location were not correct and have been updated. - All location keys are also inlined in plugins code to avoid recursive imports - Extra consistency checks are done on provided locations (they must exist) The version reported in p7zip plugins and ABOUT files was 9.20.1 but it is 9.38.1: this has been fixed. In sevenzip CLI calls, the empty password arg is now last on the CLI args to avoid any ambiguity with the file being extracted. The overall command execute2 logging has been aslo updated. Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
Using plugins for third-parties is now merged in develop and has been released since v2.9.3 |
@dankegel you wrote :
Originally posted by @dankegel in https://github.com/nexB/scancode-toolkit/pull/1437/files/e3c4bd64d7587b2d55f1432c3828a5bf066f212b This a tad of a wart... but this is the easy I found to be able to create wheels on one OS for all OSes where these wheels do not need any native compilation since they embed only prebuilt and each of them has a shared object and binaries for a specific OS. The whole story is in this ticket though ping me there if this not clear. The purpose of these
The main driver has been to help distros. And effectively changing build flags is not something that should be done lightly as these have been selected very carefully after a lot of trial and errors and tests |
Is this project open for GSoC 2019, I am late but I am familiar with linux and package managers used in ubuntu, fedora, git, python, C, and C++. Can I work on some task and create a proposal for this project @pombredanne can you orient me? |
@dexter816 welcome! the devendoring is mostly done and you can see the resulting plugins in https://github.com/nexB/scancode-toolkit/tree/develop/plugins The thing that is missing to complete this story would be one or more small plugins using the same kind of code... but bundling no binary and instead providing access to system-installed packages binaries (for instance access to the libarchive .so installed though a standard system package on Debian, or Ubuntu or ... etc instead of the one vendored in https://github.com/nexB/scancode-toolkit/blob/develop/plugins/extractcode-libarchive-manylinux1_x86_64/src/extractcode_libarchive/__init__.py Such a plugin could for instance detect the distro with https://pypi.org/project/distro/ |
@aj4ayushjain at this stage I think this is all completed and working, correct? |
@pombredanne Naming of the plugins is still an issue which need to be resolved in case of use with the debian package.
|
@aj4ayushjain I copied the trace here... it is better to have it self contained. |
At this stage all pre-built binaries have been "devendored" and are buildable (eventually from sources) from here https://github.com/nexB/scancode-plugins and we have variants that can be used to rely on system-provided binaries instead. |
@pabs3 and @matthieucan suggested to me on the OFTC #debian-qa IRC channel that ScanCode could be packaged as a Debian Linux package.
@dvc94ch in #288 looks for help on packaging ScanCode for the Guix Linux distro.
Packaging in a distro should be a non-event but it would be a tad involved today.
ScanCode is already buildable as a wheel which is a first good step towards this.
As a second step, any pre-built binaries that are vendored as a user convenience in the
src/*/bin
directories should be de-vendored from main source tree and provided instead either:This way a distro packaging would be vastly simplified
The text was updated successfully, but these errors were encountered: