Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Is there a way to freeze the version of the plugins themselves? #588

Closed
thbar opened this issue Oct 24, 2019 · 4 comments
Closed

Is there a way to freeze the version of the plugins themselves? #588

thbar opened this issue Oct 24, 2019 · 4 comments

Comments

@thbar
Copy link

thbar commented Oct 24, 2019

First, thanks for asdf! Great tool!

I'm typically using asdf inside automated build tools (e.g. docker build chains), like this:

RUN asdf plugin-add erlang https://github.com/asdf-vm/asdf-erlang.git
RUN asdf plugin-add elixir https://github.com/asdf-vm/asdf-elixir.git
RUN asdf plugin-add nodejs https://github.com/asdf-vm/asdf-nodejs.git

I would like to be able to freeze the version (as a commit) of each plugin, in order to 1) make builds more deterministic and 2) allow for security reviews before upgrading (like this can be done for other tooling, e.g. bundler in Ruby, hex in Elixir, or even ansible).

I'm only discovered the code of asdf and I believe the plugin-add command won't be able to clone a specific commit of each plugin.

Is that a feature that would be valued by other users of the asdf project?

Alternatively, is just cloning myself at the right place the way to go to support that, if I don't modify asdf?

Thanks for your insights!
@Stratus3D
Copy link
Member

Stratus3D commented Oct 24, 2019
edited
Loading

I'm only discovered the code of asdf and I believe the plugin-add command won't be able to clone a specific commit of each plugin.

You are correct. We don't currently support this. We just clone the plugin and checkout the latest commit on the master branch.

Is that a feature that would be valued by other users of the asdf project?

Possibly. Most of the time it is not that important as plugin changes are seldom backwards compatible, so for everyday local development it's just not needed. For builds and other automated tools I can see how something like this could be useful. I'd be in favor of adding support for this, though it should probably be optional so as to not introduce any additional friction to the plugin-adding process. Note that the core team doesn't have time for this, so the best way to make this happen is to implement it yourself (PRs welcome).

Alternatively, is just cloning myself at the right place the way to go to support that, if I don't modify asdf?

Yes you could do that. I can't promise the internals won't change at some point though. Plugins are simply git repositories in specific directories so it easy enough to do and shouldn't cause any problems for asdf.

@Stratus3D
Copy link
Member

#166 is very similar to this issue.

@thbar
Copy link
Author

thbar commented Oct 28, 2019

@Stratus3D thanks for the feedback. Feel free to close for now - if I find the time later this year, I will work on an optional "branch/commit" option!

@Stratus3D
Copy link
Member

Closing this issue. Any future discussion should take place on #166.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@thbar @Stratus3D