technofab/jsonnet-bundler
1
0
Fork 0
mirror of https://github.com/TECHNOFAB11/jsonnet-bundler.git synced 2025-12-11 23:50:05 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
jsonnet-bundler/pkg/packages.go

353 lines
8.7 KiB
Go
Raw Normal View History

Add ability to resolve and install transitive dependencies
2018-04-25 09:01:00 +01:00
// Copyright 2018 jsonnet-bundler authors
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package pkg
import (
"context"
feat: rewrite install procedure rewrites the installation of packages from scratch to solve several issues with the existing implementation: - does not need to choose between lockfile and jsonnetfile anymore. The jsonnetfile what to be installed, while the lockfile also has versions and checksums of all packages, even nested ones. - the lockfile is regenerated on every run, preserving the locked values - downloaded packages are hashed using sha256 to make sure we receive what we expect. If files on the local disk are modified, they are downloaded again.
2019-10-16 16:34:53 +02:00
"crypto/sha256"
"encoding/base64"
feat: check sum after download To see if we actually got what we expected
2019-10-16 16:48:44 +02:00
"fmt"
feat: rewrite install procedure rewrites the installation of packages from scratch to solve several issues with the existing implementation: - does not need to choose between lockfile and jsonnetfile anymore. The jsonnetfile what to be installed, while the lockfile also has versions and checksums of all packages, even nested ones. - the lockfile is regenerated on every run, preserving the locked values - downloaded packages are hashed using sha256 to make sure we receive what we expect. If files on the local disk are modified, they are downloaded again.
2019-10-16 16:34:53 +02:00
"io"
Add ability to resolve and install transitive dependencies
2018-04-25 09:01:00 +01:00
"os"
"path/filepath"
feat: absolute imports (#63) * feat: go-like import style jb now creates a directory structure inside of vendor/ that is similar to how go does (github.com/grafana/jsonnet-libs). This is reflected in the final import paths, which means they will be go-like * refactor(spec/deps): named regexs * feat: make goImportStyle configurable Defaults to off, can be enabled in `jsonnetfile.json` * fix: integration test * doc: license headers * fix(deps): remove GO_IMPORT_STYLE not an option anymore, will always do so and symlink * feat: symlink to legacy location * feat: allow to disable legacy links * fix(test): legacyImports in integration tests * fix(spec): test * fix: respect legacyName aliases It was possible to alias packages by changing `name` previously. While names are now absolute (and computed), legacy links should still respect old aliases to avoid breaking code. * fix(test): integration * fix(init): keep legacyImports enabled for now * feat: rewrite imports adds a command to automatically rewrite imports from legacy to absolute style * fix(tool): rewrite confused by prefixing packages When a package was a prefix of another one, it broke. Fixed that by using a proper regular expression. Added a test to make sure it works as expected * Update cmd/jb/init.go * fix: exclude local packages from legacy linking They actually still use the old style, which is fine. LegacyLinking messed them up, but from now on it just ignores symlinks that match a localPackage.
2020-01-24 08:02:34 +01:00
"strings"
Add ability to resolve and install transitive dependencies
2018-04-25 09:01:00 +01:00
feat: minor improvements - allow to install pkg that is already locked - clean unknown files from vendor - correctly handle checksums and locked versions (was accidentally ignoring - these before)
2019-10-16 20:38:00 +02:00
"github.com/fatih/color"
refactor: switch to `pkg/jsonnetfile` So far, `pkg` and `pkg/jsonnetfile` had overlapping functionality when it came to choosing and loading jsonnetfiles. This fully switches to the separate package `pkg/jsonnetfile` that seems to be created for exactly this purpose
2019-10-16 12:07:10 +02:00
"github.com/pkg/errors"
Make use of File and LockFile constants of jsonnetfile package
2019-07-22 17:32:53 +02:00
"github.com/jsonnet-bundler/jsonnet-bundler/pkg/jsonnetfile"
Add ability to resolve and install transitive dependencies
2018-04-25 09:01:00 +01:00
"github.com/jsonnet-bundler/jsonnet-bundler/spec"
feat: absolute imports (#63) * feat: go-like import style jb now creates a directory structure inside of vendor/ that is similar to how go does (github.com/grafana/jsonnet-libs). This is reflected in the final import paths, which means they will be go-like * refactor(spec/deps): named regexs * feat: make goImportStyle configurable Defaults to off, can be enabled in `jsonnetfile.json` * fix: integration test * doc: license headers * fix(deps): remove GO_IMPORT_STYLE not an option anymore, will always do so and symlink * feat: symlink to legacy location * feat: allow to disable legacy links * fix(test): legacyImports in integration tests * fix(spec): test * fix: respect legacyName aliases It was possible to alias packages by changing `name` previously. While names are now absolute (and computed), legacy links should still respect old aliases to avoid breaking code. * fix(test): integration * fix(init): keep legacyImports enabled for now * feat: rewrite imports adds a command to automatically rewrite imports from legacy to absolute style * fix(tool): rewrite confused by prefixing packages When a package was a prefix of another one, it broke. Fixed that by using a proper regular expression. Added a test to make sure it works as expected * Update cmd/jb/init.go * fix: exclude local packages from legacy linking They actually still use the old style, which is fine. LegacyLinking messed them up, but from now on it just ignores symlinks that match a localPackage.
2020-01-24 08:02:34 +01:00
"github.com/jsonnet-bundler/jsonnet-bundler/spec/deps"
Add ability to resolve and install transitive dependencies
2018-04-25 09:01:00 +01:00
)
var (
VersionMismatch = errors.New("multiple colliding versions specified")
)
feat: absolute imports (#63) * feat: go-like import style jb now creates a directory structure inside of vendor/ that is similar to how go does (github.com/grafana/jsonnet-libs). This is reflected in the final import paths, which means they will be go-like * refactor(spec/deps): named regexs * feat: make goImportStyle configurable Defaults to off, can be enabled in `jsonnetfile.json` * fix: integration test * doc: license headers * fix(deps): remove GO_IMPORT_STYLE not an option anymore, will always do so and symlink * feat: symlink to legacy location * feat: allow to disable legacy links * fix(test): legacyImports in integration tests * fix(spec): test * fix: respect legacyName aliases It was possible to alias packages by changing `name` previously. While names are now absolute (and computed), legacy links should still respect old aliases to avoid breaking code. * fix(test): integration * fix(init): keep legacyImports enabled for now * feat: rewrite imports adds a command to automatically rewrite imports from legacy to absolute style * fix(tool): rewrite confused by prefixing packages When a package was a prefix of another one, it broke. Fixed that by using a proper regular expression. Added a test to make sure it works as expected * Update cmd/jb/init.go * fix: exclude local packages from legacy linking They actually still use the old style, which is fine. LegacyLinking messed them up, but from now on it just ignores symlinks that match a localPackage.
2020-01-24 08:02:34 +01:00
// Ensure receives all direct packages, the directory to vendor into and all known locks.
feat: minor improvements - allow to install pkg that is already locked - clean unknown files from vendor - correctly handle checksums and locked versions (was accidentally ignoring - these before)
2019-10-16 20:38:00 +02:00
// It then makes sure all direct and nested dependencies are present in vendor at the correct version:
//
// If the package is locked and the files in vendor match the sha256 checksum,
// nothing needs to be done. Otherwise, the package is retrieved from the
// upstream source and added into vendor. If previously locked, the sums are
// checked as well.
// In case a (nested) package is already present in the lock,
// the one from the lock takes precedence. This allows the user to set the
// desired version in case by `jb install`ing it.
//
// Finally, all unknown files and directories are removed from vendor/
feat: absolute imports (#63) * feat: go-like import style jb now creates a directory structure inside of vendor/ that is similar to how go does (github.com/grafana/jsonnet-libs). This is reflected in the final import paths, which means they will be go-like * refactor(spec/deps): named regexs * feat: make goImportStyle configurable Defaults to off, can be enabled in `jsonnetfile.json` * fix: integration test * doc: license headers * fix(deps): remove GO_IMPORT_STYLE not an option anymore, will always do so and symlink * feat: symlink to legacy location * feat: allow to disable legacy links * fix(test): legacyImports in integration tests * fix(spec): test * fix: respect legacyName aliases It was possible to alias packages by changing `name` previously. While names are now absolute (and computed), legacy links should still respect old aliases to avoid breaking code. * fix(test): integration * fix(init): keep legacyImports enabled for now * feat: rewrite imports adds a command to automatically rewrite imports from legacy to absolute style * fix(tool): rewrite confused by prefixing packages When a package was a prefix of another one, it broke. Fixed that by using a proper regular expression. Added a test to make sure it works as expected * Update cmd/jb/init.go * fix: exclude local packages from legacy linking They actually still use the old style, which is fine. LegacyLinking messed them up, but from now on it just ignores symlinks that match a localPackage.
2020-01-24 08:02:34 +01:00
// The full list of locked depedencies is returned
func Ensure(direct spec.JsonnetFile, vendorDir string, oldLocks map[string]deps.Dependency) (map[string]deps.Dependency, error) {
feat: minor improvements - allow to install pkg that is already locked - clean unknown files from vendor - correctly handle checksums and locked versions (was accidentally ignoring - these before)
2019-10-16 20:38:00 +02:00
// ensure all required files are in vendor
feat: absolute imports (#63) * feat: go-like import style jb now creates a directory structure inside of vendor/ that is similar to how go does (github.com/grafana/jsonnet-libs). This is reflected in the final import paths, which means they will be go-like * refactor(spec/deps): named regexs * feat: make goImportStyle configurable Defaults to off, can be enabled in `jsonnetfile.json` * fix: integration test * doc: license headers * fix(deps): remove GO_IMPORT_STYLE not an option anymore, will always do so and symlink * feat: symlink to legacy location * feat: allow to disable legacy links * fix(test): legacyImports in integration tests * fix(spec): test * fix: respect legacyName aliases It was possible to alias packages by changing `name` previously. While names are now absolute (and computed), legacy links should still respect old aliases to avoid breaking code. * fix(test): integration * fix(init): keep legacyImports enabled for now * feat: rewrite imports adds a command to automatically rewrite imports from legacy to absolute style * fix(tool): rewrite confused by prefixing packages When a package was a prefix of another one, it broke. Fixed that by using a proper regular expression. Added a test to make sure it works as expected * Update cmd/jb/init.go * fix: exclude local packages from legacy linking They actually still use the old style, which is fine. LegacyLinking messed them up, but from now on it just ignores symlinks that match a localPackage.
2020-01-24 08:02:34 +01:00
// This is the actual installation
locks, err := ensure(direct.Dependencies, vendorDir, oldLocks)
feat: minor improvements - allow to install pkg that is already locked - clean unknown files from vendor - correctly handle checksums and locked versions (was accidentally ignoring - these before)
2019-10-16 20:38:00 +02:00
if err != nil {
return nil, err
}
feat: absolute imports (#63) * feat: go-like import style jb now creates a directory structure inside of vendor/ that is similar to how go does (github.com/grafana/jsonnet-libs). This is reflected in the final import paths, which means they will be go-like * refactor(spec/deps): named regexs * feat: make goImportStyle configurable Defaults to off, can be enabled in `jsonnetfile.json` * fix: integration test * doc: license headers * fix(deps): remove GO_IMPORT_STYLE not an option anymore, will always do so and symlink * feat: symlink to legacy location * feat: allow to disable legacy links * fix(test): legacyImports in integration tests * fix(spec): test * fix: respect legacyName aliases It was possible to alias packages by changing `name` previously. While names are now absolute (and computed), legacy links should still respect old aliases to avoid breaking code. * fix(test): integration * fix(init): keep legacyImports enabled for now * feat: rewrite imports adds a command to automatically rewrite imports from legacy to absolute style * fix(tool): rewrite confused by prefixing packages When a package was a prefix of another one, it broke. Fixed that by using a proper regular expression. Added a test to make sure it works as expected * Update cmd/jb/init.go * fix: exclude local packages from legacy linking They actually still use the old style, which is fine. LegacyLinking messed them up, but from now on it just ignores symlinks that match a localPackage.
2020-01-24 08:02:34 +01:00
// remove unchanged legacyNames
CleanLegacyName(locks)
// find unknown dirs in vendor/
names := []string{}
err = filepath.Walk(vendorDir, func(path string, i os.FileInfo, err error) error {
if path == vendorDir {
return nil
}
if !i.IsDir() {
return nil
}
names = append(names, path)
return nil
})
// remove them
for _, dir := range names {
fix: allow other dirs than vendor (#80)
2020-02-08 05:46:51 -08:00
name, err := filepath.Rel(vendorDir, dir)
if err != nil {
return nil, err
}
feat: absolute imports (#63) * feat: go-like import style jb now creates a directory structure inside of vendor/ that is similar to how go does (github.com/grafana/jsonnet-libs). This is reflected in the final import paths, which means they will be go-like * refactor(spec/deps): named regexs * feat: make goImportStyle configurable Defaults to off, can be enabled in `jsonnetfile.json` * fix: integration test * doc: license headers * fix(deps): remove GO_IMPORT_STYLE not an option anymore, will always do so and symlink * feat: symlink to legacy location * feat: allow to disable legacy links * fix(test): legacyImports in integration tests * fix(spec): test * fix: respect legacyName aliases It was possible to alias packages by changing `name` previously. While names are now absolute (and computed), legacy links should still respect old aliases to avoid breaking code. * fix(test): integration * fix(init): keep legacyImports enabled for now * feat: rewrite imports adds a command to automatically rewrite imports from legacy to absolute style * fix(tool): rewrite confused by prefixing packages When a package was a prefix of another one, it broke. Fixed that by using a proper regular expression. Added a test to make sure it works as expected * Update cmd/jb/init.go * fix: exclude local packages from legacy linking They actually still use the old style, which is fine. LegacyLinking messed them up, but from now on it just ignores symlinks that match a localPackage.
2020-01-24 08:02:34 +01:00
if !known(locks, name) {
feat: minor improvements - allow to install pkg that is already locked - clean unknown files from vendor - correctly handle checksums and locked versions (was accidentally ignoring - these before)
2019-10-16 20:38:00 +02:00
if err := os.RemoveAll(dir); err != nil {
return nil, err
}
feat: absolute imports (#63) * feat: go-like import style jb now creates a directory structure inside of vendor/ that is similar to how go does (github.com/grafana/jsonnet-libs). This is reflected in the final import paths, which means they will be go-like * refactor(spec/deps): named regexs * feat: make goImportStyle configurable Defaults to off, can be enabled in `jsonnetfile.json` * fix: integration test * doc: license headers * fix(deps): remove GO_IMPORT_STYLE not an option anymore, will always do so and symlink * feat: symlink to legacy location * feat: allow to disable legacy links * fix(test): legacyImports in integration tests * fix(spec): test * fix: respect legacyName aliases It was possible to alias packages by changing `name` previously. While names are now absolute (and computed), legacy links should still respect old aliases to avoid breaking code. * fix(test): integration * fix(init): keep legacyImports enabled for now * feat: rewrite imports adds a command to automatically rewrite imports from legacy to absolute style * fix(tool): rewrite confused by prefixing packages When a package was a prefix of another one, it broke. Fixed that by using a proper regular expression. Added a test to make sure it works as expected * Update cmd/jb/init.go * fix: exclude local packages from legacy linking They actually still use the old style, which is fine. LegacyLinking messed them up, but from now on it just ignores symlinks that match a localPackage.
2020-01-24 08:02:34 +01:00
if !strings.HasPrefix(name, ".tmp") {
feat: minor improvements - allow to install pkg that is already locked - clean unknown files from vendor - correctly handle checksums and locked versions (was accidentally ignoring - these before)
2019-10-16 20:38:00 +02:00
color.Magenta("CLEAN %s", dir)
}
}
}
feat: absolute imports (#63) * feat: go-like import style jb now creates a directory structure inside of vendor/ that is similar to how go does (github.com/grafana/jsonnet-libs). This is reflected in the final import paths, which means they will be go-like * refactor(spec/deps): named regexs * feat: make goImportStyle configurable Defaults to off, can be enabled in `jsonnetfile.json` * fix: integration test * doc: license headers * fix(deps): remove GO_IMPORT_STYLE not an option anymore, will always do so and symlink * feat: symlink to legacy location * feat: allow to disable legacy links * fix(test): legacyImports in integration tests * fix(spec): test * fix: respect legacyName aliases It was possible to alias packages by changing `name` previously. While names are now absolute (and computed), legacy links should still respect old aliases to avoid breaking code. * fix(test): integration * fix(init): keep legacyImports enabled for now * feat: rewrite imports adds a command to automatically rewrite imports from legacy to absolute style * fix(tool): rewrite confused by prefixing packages When a package was a prefix of another one, it broke. Fixed that by using a proper regular expression. Added a test to make sure it works as expected * Update cmd/jb/init.go * fix: exclude local packages from legacy linking They actually still use the old style, which is fine. LegacyLinking messed them up, but from now on it just ignores symlinks that match a localPackage.
2020-01-24 08:02:34 +01:00
// remove all symlinks, optionally adding known ones back later if wished
if err := cleanLegacySymlinks(vendorDir, locks); err != nil {
return nil, err
}
if !direct.LegacyImports {
return locks, nil
}
if err := linkLegacy(vendorDir, locks); err != nil {
return nil, err
}
feat: minor improvements - allow to install pkg that is already locked - clean unknown files from vendor - correctly handle checksums and locked versions (was accidentally ignoring - these before)
2019-10-16 20:38:00 +02:00
// return the final lockfile contents
feat: absolute imports (#63) * feat: go-like import style jb now creates a directory structure inside of vendor/ that is similar to how go does (github.com/grafana/jsonnet-libs). This is reflected in the final import paths, which means they will be go-like * refactor(spec/deps): named regexs * feat: make goImportStyle configurable Defaults to off, can be enabled in `jsonnetfile.json` * fix: integration test * doc: license headers * fix(deps): remove GO_IMPORT_STYLE not an option anymore, will always do so and symlink * feat: symlink to legacy location * feat: allow to disable legacy links * fix(test): legacyImports in integration tests * fix(spec): test * fix: respect legacyName aliases It was possible to alias packages by changing `name` previously. While names are now absolute (and computed), legacy links should still respect old aliases to avoid breaking code. * fix(test): integration * fix(init): keep legacyImports enabled for now * feat: rewrite imports adds a command to automatically rewrite imports from legacy to absolute style * fix(tool): rewrite confused by prefixing packages When a package was a prefix of another one, it broke. Fixed that by using a proper regular expression. Added a test to make sure it works as expected * Update cmd/jb/init.go * fix: exclude local packages from legacy linking They actually still use the old style, which is fine. LegacyLinking messed them up, but from now on it just ignores symlinks that match a localPackage.
2020-01-24 08:02:34 +01:00
return locks, nil
}
func CleanLegacyName(list map[string]deps.Dependency) {
for k, d := range list {
// unset if not changed by user
if d.LegacyNameCompat == d.Source.LegacyName() {
dep := list[k]
dep.LegacyNameCompat = ""
list[k] = dep
}
}
}
func cleanLegacySymlinks(vendorDir string, locks map[string]deps.Dependency) error {
// local packages need to be ignored
locals := map[string]bool{}
for _, d := range locks {
if d.Source.LocalSource == nil {
continue
}
locals[filepath.Join(vendorDir, d.Name())] = true
}
// remove all symlinks first
return filepath.Walk(vendorDir, func(path string, i os.FileInfo, err error) error {
if locals[path] {
return nil
}
if i.Mode()&os.ModeSymlink != 0 {
if err := os.Remove(path); err != nil {
return err
}
}
return nil
})
}
func linkLegacy(vendorDir string, locks map[string]deps.Dependency) error {
// create only the ones we want
for _, d := range locks {
// localSource still uses the relative style
if d.Source.LocalSource != nil {
continue
}
fix: allow other dirs than vendor (#80)
2020-02-08 05:46:51 -08:00
legacyName := filepath.Join(vendorDir, d.LegacyName())
feat: absolute imports (#63) * feat: go-like import style jb now creates a directory structure inside of vendor/ that is similar to how go does (github.com/grafana/jsonnet-libs). This is reflected in the final import paths, which means they will be go-like * refactor(spec/deps): named regexs * feat: make goImportStyle configurable Defaults to off, can be enabled in `jsonnetfile.json` * fix: integration test * doc: license headers * fix(deps): remove GO_IMPORT_STYLE not an option anymore, will always do so and symlink * feat: symlink to legacy location * feat: allow to disable legacy links * fix(test): legacyImports in integration tests * fix(spec): test * fix: respect legacyName aliases It was possible to alias packages by changing `name` previously. While names are now absolute (and computed), legacy links should still respect old aliases to avoid breaking code. * fix(test): integration * fix(init): keep legacyImports enabled for now * feat: rewrite imports adds a command to automatically rewrite imports from legacy to absolute style * fix(tool): rewrite confused by prefixing packages When a package was a prefix of another one, it broke. Fixed that by using a proper regular expression. Added a test to make sure it works as expected * Update cmd/jb/init.go * fix: exclude local packages from legacy linking They actually still use the old style, which is fine. LegacyLinking messed them up, but from now on it just ignores symlinks that match a localPackage.
2020-01-24 08:02:34 +01:00
pkgName := d.Name()
taken, err := checkLegacyNameTaken(legacyName, pkgName)
if err != nil {
fmt.Println(err)
continue
}
if taken {
continue
}
// create the symlink
if err := os.Symlink(
filepath.Join(pkgName),
filepath.Join(legacyName),
); err != nil {
return err
}
}
return nil
}
func checkLegacyNameTaken(legacyName string, pkgName string) (bool, error) {
fi, err := os.Lstat(legacyName)
if err != nil {
// does not exist: not taken
if os.IsNotExist(err) {
return false, nil
}
// a real error
return false, err
}
// is it a symlink?
if fi.Mode()&os.ModeSymlink != 0 {
s, err := os.Readlink(legacyName)
if err != nil {
return false, err
}
color.Yellow("WARN: cannot link '%s' to '%s', because package '%s' already uses that name. The absolute import still works\n", pkgName, legacyName, s)
return true, nil
}
// sth else
color.Yellow("WARN: cannot link '%s' to '%s', because the file/directory already exists. The absolute import still works.\n", pkgName, legacyName)
return true, nil
}
func known(deps map[string]deps.Dependency, p string) bool {
for _, d := range deps {
k := d.Name()
if strings.HasPrefix(p, k) || strings.HasPrefix(k, p) {
return true
}
}
return false
feat: minor improvements - allow to install pkg that is already locked - clean unknown files from vendor - correctly handle checksums and locked versions (was accidentally ignoring - these before)
2019-10-16 20:38:00 +02:00
}
feat: absolute imports (#63) * feat: go-like import style jb now creates a directory structure inside of vendor/ that is similar to how go does (github.com/grafana/jsonnet-libs). This is reflected in the final import paths, which means they will be go-like * refactor(spec/deps): named regexs * feat: make goImportStyle configurable Defaults to off, can be enabled in `jsonnetfile.json` * fix: integration test * doc: license headers * fix(deps): remove GO_IMPORT_STYLE not an option anymore, will always do so and symlink * feat: symlink to legacy location * feat: allow to disable legacy links * fix(test): legacyImports in integration tests * fix(spec): test * fix: respect legacyName aliases It was possible to alias packages by changing `name` previously. While names are now absolute (and computed), legacy links should still respect old aliases to avoid breaking code. * fix(test): integration * fix(init): keep legacyImports enabled for now * feat: rewrite imports adds a command to automatically rewrite imports from legacy to absolute style * fix(tool): rewrite confused by prefixing packages When a package was a prefix of another one, it broke. Fixed that by using a proper regular expression. Added a test to make sure it works as expected * Update cmd/jb/init.go * fix: exclude local packages from legacy linking They actually still use the old style, which is fine. LegacyLinking messed them up, but from now on it just ignores symlinks that match a localPackage.
2020-01-24 08:02:34 +01:00
func ensure(direct map[string]deps.Dependency, vendorDir string, locks map[string]deps.Dependency) (map[string]deps.Dependency, error) {
deps := make(map[string]deps.Dependency)
refactor: use a map instead of a slice Packages are unique anyways so it makes sense to use a map to avoid having duplicates. For compatibility reasons custom json (un)marshallers hide this change from the end user
2019-10-16 17:36:25 +02:00
feat: minor improvements - allow to install pkg that is already locked - clean unknown files from vendor - correctly handle checksums and locked versions (was accidentally ignoring - these before)
2019-10-16 20:38:00 +02:00
for _, d := range direct {
feat: absolute imports (#63) * feat: go-like import style jb now creates a directory structure inside of vendor/ that is similar to how go does (github.com/grafana/jsonnet-libs). This is reflected in the final import paths, which means they will be go-like * refactor(spec/deps): named regexs * feat: make goImportStyle configurable Defaults to off, can be enabled in `jsonnetfile.json` * fix: integration test * doc: license headers * fix(deps): remove GO_IMPORT_STYLE not an option anymore, will always do so and symlink * feat: symlink to legacy location * feat: allow to disable legacy links * fix(test): legacyImports in integration tests * fix(spec): test * fix: respect legacyName aliases It was possible to alias packages by changing `name` previously. While names are now absolute (and computed), legacy links should still respect old aliases to avoid breaking code. * fix(test): integration * fix(init): keep legacyImports enabled for now * feat: rewrite imports adds a command to automatically rewrite imports from legacy to absolute style * fix(tool): rewrite confused by prefixing packages When a package was a prefix of another one, it broke. Fixed that by using a proper regular expression. Added a test to make sure it works as expected * Update cmd/jb/init.go * fix: exclude local packages from legacy linking They actually still use the old style, which is fine. LegacyLinking messed them up, but from now on it just ignores symlinks that match a localPackage.
2020-01-24 08:02:34 +01:00
l, present := locks[d.Name()]
pkg: Write tests for TestInsertDependency, TestFileExists, TestLoadJsonnetfile
2019-04-24 18:20:16 +02:00
feat: rewrite install procedure rewrites the installation of packages from scratch to solve several issues with the existing implementation: - does not need to choose between lockfile and jsonnetfile anymore. The jsonnetfile what to be installed, while the lockfile also has versions and checksums of all packages, even nested ones. - the lockfile is regenerated on every run, preserving the locked values - downloaded packages are hashed using sha256 to make sure we receive what we expect. If files on the local disk are modified, they are downloaded again.
2019-10-16 16:34:53 +02:00
// already locked and the integrity is intact
feat: minor improvements - allow to install pkg that is already locked - clean unknown files from vendor - correctly handle checksums and locked versions (was accidentally ignoring - these before)
2019-10-16 20:38:00 +02:00
if present {
feat: absolute imports (#63) * feat: go-like import style jb now creates a directory structure inside of vendor/ that is similar to how go does (github.com/grafana/jsonnet-libs). This is reflected in the final import paths, which means they will be go-like * refactor(spec/deps): named regexs * feat: make goImportStyle configurable Defaults to off, can be enabled in `jsonnetfile.json` * fix: integration test * doc: license headers * fix(deps): remove GO_IMPORT_STYLE not an option anymore, will always do so and symlink * feat: symlink to legacy location * feat: allow to disable legacy links * fix(test): legacyImports in integration tests * fix(spec): test * fix: respect legacyName aliases It was possible to alias packages by changing `name` previously. While names are now absolute (and computed), legacy links should still respect old aliases to avoid breaking code. * fix(test): integration * fix(init): keep legacyImports enabled for now * feat: rewrite imports adds a command to automatically rewrite imports from legacy to absolute style * fix(tool): rewrite confused by prefixing packages When a package was a prefix of another one, it broke. Fixed that by using a proper regular expression. Added a test to make sure it works as expected * Update cmd/jb/init.go * fix: exclude local packages from legacy linking They actually still use the old style, which is fine. LegacyLinking messed them up, but from now on it just ignores symlinks that match a localPackage.
2020-01-24 08:02:34 +01:00
d.Version = locks[d.Name()].Version
feat: minor improvements - allow to install pkg that is already locked - clean unknown files from vendor - correctly handle checksums and locked versions (was accidentally ignoring - these before)
2019-10-16 20:38:00 +02:00
if check(l, vendorDir) {
feat: absolute imports (#63) * feat: go-like import style jb now creates a directory structure inside of vendor/ that is similar to how go does (github.com/grafana/jsonnet-libs). This is reflected in the final import paths, which means they will be go-like * refactor(spec/deps): named regexs * feat: make goImportStyle configurable Defaults to off, can be enabled in `jsonnetfile.json` * fix: integration test * doc: license headers * fix(deps): remove GO_IMPORT_STYLE not an option anymore, will always do so and symlink * feat: symlink to legacy location * feat: allow to disable legacy links * fix(test): legacyImports in integration tests * fix(spec): test * fix: respect legacyName aliases It was possible to alias packages by changing `name` previously. While names are now absolute (and computed), legacy links should still respect old aliases to avoid breaking code. * fix(test): integration * fix(init): keep legacyImports enabled for now * feat: rewrite imports adds a command to automatically rewrite imports from legacy to absolute style * fix(tool): rewrite confused by prefixing packages When a package was a prefix of another one, it broke. Fixed that by using a proper regular expression. Added a test to make sure it works as expected * Update cmd/jb/init.go * fix: exclude local packages from legacy linking They actually still use the old style, which is fine. LegacyLinking messed them up, but from now on it just ignores symlinks that match a localPackage.
2020-01-24 08:02:34 +01:00
deps[d.Name()] = l
feat: minor improvements - allow to install pkg that is already locked - clean unknown files from vendor - correctly handle checksums and locked versions (was accidentally ignoring - these before)
2019-10-16 20:38:00 +02:00
continue
}
Add ability to resolve and install transitive dependencies
2018-04-25 09:01:00 +01:00
}
feat: absolute imports (#63) * feat: go-like import style jb now creates a directory structure inside of vendor/ that is similar to how go does (github.com/grafana/jsonnet-libs). This is reflected in the final import paths, which means they will be go-like * refactor(spec/deps): named regexs * feat: make goImportStyle configurable Defaults to off, can be enabled in `jsonnetfile.json` * fix: integration test * doc: license headers * fix(deps): remove GO_IMPORT_STYLE not an option anymore, will always do so and symlink * feat: symlink to legacy location * feat: allow to disable legacy links * fix(test): legacyImports in integration tests * fix(spec): test * fix: respect legacyName aliases It was possible to alias packages by changing `name` previously. While names are now absolute (and computed), legacy links should still respect old aliases to avoid breaking code. * fix(test): integration * fix(init): keep legacyImports enabled for now * feat: rewrite imports adds a command to automatically rewrite imports from legacy to absolute style * fix(tool): rewrite confused by prefixing packages When a package was a prefix of another one, it broke. Fixed that by using a proper regular expression. Added a test to make sure it works as expected * Update cmd/jb/init.go * fix: exclude local packages from legacy linking They actually still use the old style, which is fine. LegacyLinking messed them up, but from now on it just ignores symlinks that match a localPackage.
2020-01-24 08:02:34 +01:00
expectedSum := locks[d.Name()].Sum
Fix install from lock-file Previously even when installing dependencies from a lockfile, jsonnet-bundler would attempt to resolve versions of transitive dependencies to their latest floating version. Instead when a lock-file is specified jsonnet-bundler should just install the specified versions.
2018-08-01 13:42:47 +02:00
feat: rewrite install procedure rewrites the installation of packages from scratch to solve several issues with the existing implementation: - does not need to choose between lockfile and jsonnetfile anymore. The jsonnetfile what to be installed, while the lockfile also has versions and checksums of all packages, even nested ones. - the lockfile is regenerated on every run, preserving the locked values - downloaded packages are hashed using sha256 to make sure we receive what we expect. If files on the local disk are modified, they are downloaded again.
2019-10-16 16:34:53 +02:00
// either not present or not intact: download again
feat: absolute imports (#63) * feat: go-like import style jb now creates a directory structure inside of vendor/ that is similar to how go does (github.com/grafana/jsonnet-libs). This is reflected in the final import paths, which means they will be go-like * refactor(spec/deps): named regexs * feat: make goImportStyle configurable Defaults to off, can be enabled in `jsonnetfile.json` * fix: integration test * doc: license headers * fix(deps): remove GO_IMPORT_STYLE not an option anymore, will always do so and symlink * feat: symlink to legacy location * feat: allow to disable legacy links * fix(test): legacyImports in integration tests * fix(spec): test * fix: respect legacyName aliases It was possible to alias packages by changing `name` previously. While names are now absolute (and computed), legacy links should still respect old aliases to avoid breaking code. * fix(test): integration * fix(init): keep legacyImports enabled for now * feat: rewrite imports adds a command to automatically rewrite imports from legacy to absolute style * fix(tool): rewrite confused by prefixing packages When a package was a prefix of another one, it broke. Fixed that by using a proper regular expression. Added a test to make sure it works as expected * Update cmd/jb/init.go * fix: exclude local packages from legacy linking They actually still use the old style, which is fine. LegacyLinking messed them up, but from now on it just ignores symlinks that match a localPackage.
2020-01-24 08:02:34 +01:00
dir := filepath.Join(vendorDir, d.Name())
feat: rewrite install procedure rewrites the installation of packages from scratch to solve several issues with the existing implementation: - does not need to choose between lockfile and jsonnetfile anymore. The jsonnetfile what to be installed, while the lockfile also has versions and checksums of all packages, even nested ones. - the lockfile is regenerated on every run, preserving the locked values - downloaded packages are hashed using sha256 to make sure we receive what we expect. If files on the local disk are modified, they are downloaded again.
2019-10-16 16:34:53 +02:00
os.RemoveAll(dir)
Print colored output for fetched package
2019-03-11 14:21:49 +01:00
feat: rewrite install procedure rewrites the installation of packages from scratch to solve several issues with the existing implementation: - does not need to choose between lockfile and jsonnetfile anymore. The jsonnetfile what to be installed, while the lockfile also has versions and checksums of all packages, even nested ones. - the lockfile is regenerated on every run, preserving the locked values - downloaded packages are hashed using sha256 to make sure we receive what we expect. If files on the local disk are modified, they are downloaded again.
2019-10-16 16:34:53 +02:00
locked, err := download(d, vendorDir)
pkg: Correctly move locked dependencies
2018-08-02 08:47:43 +02:00
if err != nil {
feat: rewrite install procedure rewrites the installation of packages from scratch to solve several issues with the existing implementation: - does not need to choose between lockfile and jsonnetfile anymore. The jsonnetfile what to be installed, while the lockfile also has versions and checksums of all packages, even nested ones. - the lockfile is regenerated on every run, preserving the locked values - downloaded packages are hashed using sha256 to make sure we receive what we expect. If files on the local disk are modified, they are downloaded again.
2019-10-16 16:34:53 +02:00
return nil, errors.Wrap(err, "downloading")
pkg: Correctly move locked dependencies
2018-08-02 08:47:43 +02:00
}
feat: minor improvements - allow to install pkg that is already locked - clean unknown files from vendor - correctly handle checksums and locked versions (was accidentally ignoring - these before)
2019-10-16 20:38:00 +02:00
if expectedSum != "" && locked.Sum != expectedSum {
feat: absolute imports (#63) * feat: go-like import style jb now creates a directory structure inside of vendor/ that is similar to how go does (github.com/grafana/jsonnet-libs). This is reflected in the final import paths, which means they will be go-like * refactor(spec/deps): named regexs * feat: make goImportStyle configurable Defaults to off, can be enabled in `jsonnetfile.json` * fix: integration test * doc: license headers * fix(deps): remove GO_IMPORT_STYLE not an option anymore, will always do so and symlink * feat: symlink to legacy location * feat: allow to disable legacy links * fix(test): legacyImports in integration tests * fix(spec): test * fix: respect legacyName aliases It was possible to alias packages by changing `name` previously. While names are now absolute (and computed), legacy links should still respect old aliases to avoid breaking code. * fix(test): integration * fix(init): keep legacyImports enabled for now * feat: rewrite imports adds a command to automatically rewrite imports from legacy to absolute style * fix(tool): rewrite confused by prefixing packages When a package was a prefix of another one, it broke. Fixed that by using a proper regular expression. Added a test to make sure it works as expected * Update cmd/jb/init.go * fix: exclude local packages from legacy linking They actually still use the old style, which is fine. LegacyLinking messed them up, but from now on it just ignores symlinks that match a localPackage.
2020-01-24 08:02:34 +01:00
return nil, fmt.Errorf("checksum mismatch for %s. Expected %s but got %s", d.Name(), expectedSum, locked.Sum)
feat: check sum after download To see if we actually got what we expected
2019-10-16 16:48:44 +02:00
}
feat: absolute imports (#63) * feat: go-like import style jb now creates a directory structure inside of vendor/ that is similar to how go does (github.com/grafana/jsonnet-libs). This is reflected in the final import paths, which means they will be go-like * refactor(spec/deps): named regexs * feat: make goImportStyle configurable Defaults to off, can be enabled in `jsonnetfile.json` * fix: integration test * doc: license headers * fix(deps): remove GO_IMPORT_STYLE not an option anymore, will always do so and symlink * feat: symlink to legacy location * feat: allow to disable legacy links * fix(test): legacyImports in integration tests * fix(spec): test * fix: respect legacyName aliases It was possible to alias packages by changing `name` previously. While names are now absolute (and computed), legacy links should still respect old aliases to avoid breaking code. * fix(test): integration * fix(init): keep legacyImports enabled for now * feat: rewrite imports adds a command to automatically rewrite imports from legacy to absolute style * fix(tool): rewrite confused by prefixing packages When a package was a prefix of another one, it broke. Fixed that by using a proper regular expression. Added a test to make sure it works as expected * Update cmd/jb/init.go * fix: exclude local packages from legacy linking They actually still use the old style, which is fine. LegacyLinking messed them up, but from now on it just ignores symlinks that match a localPackage.
2020-01-24 08:02:34 +01:00
deps[d.Name()] = *locked
feat: minor improvements - allow to install pkg that is already locked - clean unknown files from vendor - correctly handle checksums and locked versions (was accidentally ignoring - these before)
2019-10-16 20:38:00 +02:00
// we settled on a new version, add it to the locks for recursion
feat: absolute imports (#63) * feat: go-like import style jb now creates a directory structure inside of vendor/ that is similar to how go does (github.com/grafana/jsonnet-libs). This is reflected in the final import paths, which means they will be go-like * refactor(spec/deps): named regexs * feat: make goImportStyle configurable Defaults to off, can be enabled in `jsonnetfile.json` * fix: integration test * doc: license headers * fix(deps): remove GO_IMPORT_STYLE not an option anymore, will always do so and symlink * feat: symlink to legacy location * feat: allow to disable legacy links * fix(test): legacyImports in integration tests * fix(spec): test * fix: respect legacyName aliases It was possible to alias packages by changing `name` previously. While names are now absolute (and computed), legacy links should still respect old aliases to avoid breaking code. * fix(test): integration * fix(init): keep legacyImports enabled for now * feat: rewrite imports adds a command to automatically rewrite imports from legacy to absolute style * fix(tool): rewrite confused by prefixing packages When a package was a prefix of another one, it broke. Fixed that by using a proper regular expression. Added a test to make sure it works as expected * Update cmd/jb/init.go * fix: exclude local packages from legacy linking They actually still use the old style, which is fine. LegacyLinking messed them up, but from now on it just ignores symlinks that match a localPackage.
2020-01-24 08:02:34 +01:00
locks[d.Name()] = *locked
feat: rewrite install procedure rewrites the installation of packages from scratch to solve several issues with the existing implementation: - does not need to choose between lockfile and jsonnetfile anymore. The jsonnetfile what to be installed, while the lockfile also has versions and checksums of all packages, even nested ones. - the lockfile is regenerated on every run, preserving the locked values - downloaded packages are hashed using sha256 to make sure we receive what we expect. If files on the local disk are modified, they are downloaded again.
2019-10-16 16:34:53 +02:00
}
pkg: Correctly move locked dependencies
2018-08-02 08:47:43 +02:00
refactor: use a map instead of a slice Packages are unique anyways so it makes sense to use a map to avoid having duplicates. For compatibility reasons custom json (un)marshallers hide this change from the end user
2019-10-16 17:36:25 +02:00
for _, d := range deps {
feat: absolute imports (#63) * feat: go-like import style jb now creates a directory structure inside of vendor/ that is similar to how go does (github.com/grafana/jsonnet-libs). This is reflected in the final import paths, which means they will be go-like * refactor(spec/deps): named regexs * feat: make goImportStyle configurable Defaults to off, can be enabled in `jsonnetfile.json` * fix: integration test * doc: license headers * fix(deps): remove GO_IMPORT_STYLE not an option anymore, will always do so and symlink * feat: symlink to legacy location * feat: allow to disable legacy links * fix(test): legacyImports in integration tests * fix(spec): test * fix: respect legacyName aliases It was possible to alias packages by changing `name` previously. While names are now absolute (and computed), legacy links should still respect old aliases to avoid breaking code. * fix(test): integration * fix(init): keep legacyImports enabled for now * feat: rewrite imports adds a command to automatically rewrite imports from legacy to absolute style * fix(tool): rewrite confused by prefixing packages When a package was a prefix of another one, it broke. Fixed that by using a proper regular expression. Added a test to make sure it works as expected * Update cmd/jb/init.go * fix: exclude local packages from legacy linking They actually still use the old style, which is fine. LegacyLinking messed them up, but from now on it just ignores symlinks that match a localPackage.
2020-01-24 08:02:34 +01:00
f, err := jsonnetfile.Load(filepath.Join(vendorDir, d.Name(), jsonnetfile.File))
Add correct lockfile handling
2018-05-13 06:55:13 -07:00
if err != nil {
feat: rewrite install procedure rewrites the installation of packages from scratch to solve several issues with the existing implementation: - does not need to choose between lockfile and jsonnetfile anymore. The jsonnetfile what to be installed, while the lockfile also has versions and checksums of all packages, even nested ones. - the lockfile is regenerated on every run, preserving the locked values - downloaded packages are hashed using sha256 to make sure we receive what we expect. If files on the local disk are modified, they are downloaded again.
2019-10-16 16:34:53 +02:00
if os.IsNotExist(err) {
continue
}
Add correct lockfile handling
2018-05-13 06:55:13 -07:00
return nil, err
}
Add ability to resolve and install transitive dependencies
2018-04-25 09:01:00 +01:00
feat: minor improvements - allow to install pkg that is already locked - clean unknown files from vendor - correctly handle checksums and locked versions (was accidentally ignoring - these before)
2019-10-16 20:38:00 +02:00
nested, err := ensure(f.Dependencies, vendorDir, locks)
Add correct lockfile handling
2018-05-13 06:55:13 -07:00
if err != nil {
return nil, err
}
Add ability to resolve and install transitive dependencies
2018-04-25 09:01:00 +01:00
refactor: use a map instead of a slice Packages are unique anyways so it makes sense to use a map to avoid having duplicates. For compatibility reasons custom json (un)marshallers hide this change from the end user
2019-10-16 17:36:25 +02:00
for _, d := range nested {
feat: absolute imports (#63) * feat: go-like import style jb now creates a directory structure inside of vendor/ that is similar to how go does (github.com/grafana/jsonnet-libs). This is reflected in the final import paths, which means they will be go-like * refactor(spec/deps): named regexs * feat: make goImportStyle configurable Defaults to off, can be enabled in `jsonnetfile.json` * fix: integration test * doc: license headers * fix(deps): remove GO_IMPORT_STYLE not an option anymore, will always do so and symlink * feat: symlink to legacy location * feat: allow to disable legacy links * fix(test): legacyImports in integration tests * fix(spec): test * fix: respect legacyName aliases It was possible to alias packages by changing `name` previously. While names are now absolute (and computed), legacy links should still respect old aliases to avoid breaking code. * fix(test): integration * fix(init): keep legacyImports enabled for now * feat: rewrite imports adds a command to automatically rewrite imports from legacy to absolute style * fix(tool): rewrite confused by prefixing packages When a package was a prefix of another one, it broke. Fixed that by using a proper regular expression. Added a test to make sure it works as expected * Update cmd/jb/init.go * fix: exclude local packages from legacy linking They actually still use the old style, which is fine. LegacyLinking messed them up, but from now on it just ignores symlinks that match a localPackage.
2020-01-24 08:02:34 +01:00
if _, ok := deps[d.Name()]; !ok {
deps[d.Name()] = d
refactor: use a map instead of a slice Packages are unique anyways so it makes sense to use a map to avoid having duplicates. For compatibility reasons custom json (un)marshallers hide this change from the end user
2019-10-16 17:36:25 +02:00
}
}
Add ability to resolve and install transitive dependencies
2018-04-25 09:01:00 +01:00
}
refactor: use a map instead of a slice Packages are unique anyways so it makes sense to use a map to avoid having duplicates. For compatibility reasons custom json (un)marshallers hide this change from the end user
2019-10-16 17:36:25 +02:00
return deps, nil
Add ability to resolve and install transitive dependencies
2018-04-25 09:01:00 +01:00
}
feat: minor improvements - allow to install pkg that is already locked - clean unknown files from vendor - correctly handle checksums and locked versions (was accidentally ignoring - these before)
2019-10-16 20:38:00 +02:00
// download retrieves a package from a remote upstream. The checksum of the
// files is generated afterwards.
feat: absolute imports (#63) * feat: go-like import style jb now creates a directory structure inside of vendor/ that is similar to how go does (github.com/grafana/jsonnet-libs). This is reflected in the final import paths, which means they will be go-like * refactor(spec/deps): named regexs * feat: make goImportStyle configurable Defaults to off, can be enabled in `jsonnetfile.json` * fix: integration test * doc: license headers * fix(deps): remove GO_IMPORT_STYLE not an option anymore, will always do so and symlink * feat: symlink to legacy location * feat: allow to disable legacy links * fix(test): legacyImports in integration tests * fix(spec): test * fix: respect legacyName aliases It was possible to alias packages by changing `name` previously. While names are now absolute (and computed), legacy links should still respect old aliases to avoid breaking code. * fix(test): integration * fix(init): keep legacyImports enabled for now * feat: rewrite imports adds a command to automatically rewrite imports from legacy to absolute style * fix(tool): rewrite confused by prefixing packages When a package was a prefix of another one, it broke. Fixed that by using a proper regular expression. Added a test to make sure it works as expected * Update cmd/jb/init.go * fix: exclude local packages from legacy linking They actually still use the old style, which is fine. LegacyLinking messed them up, but from now on it just ignores symlinks that match a localPackage.
2020-01-24 08:02:34 +01:00
func download(d deps.Dependency, vendorDir string) (*deps.Dependency, error) {
feat: rewrite install procedure rewrites the installation of packages from scratch to solve several issues with the existing implementation: - does not need to choose between lockfile and jsonnetfile anymore. The jsonnetfile what to be installed, while the lockfile also has versions and checksums of all packages, even nested ones. - the lockfile is regenerated on every run, preserving the locked values - downloaded packages are hashed using sha256 to make sure we receive what we expect. If files on the local disk are modified, they are downloaded again.
2019-10-16 16:34:53 +02:00
var p Interface
switch {
case d.Source.GitSource != nil:
p = NewGitPackage(d.Source.GitSource)
case d.Source.LocalSource != nil:
p = NewLocalPackage(d.Source.LocalSource)
Fix no dependency inserted when previous array is empty
2018-04-25 09:22:17 +01:00
}
feat: rewrite install procedure rewrites the installation of packages from scratch to solve several issues with the existing implementation: - does not need to choose between lockfile and jsonnetfile anymore. The jsonnetfile what to be installed, while the lockfile also has versions and checksums of all packages, even nested ones. - the lockfile is regenerated on every run, preserving the locked values - downloaded packages are hashed using sha256 to make sure we receive what we expect. If files on the local disk are modified, they are downloaded again.
2019-10-16 16:34:53 +02:00
if p == nil {
return nil, errors.New("either git or local source is required")
Add ability to resolve and install transitive dependencies
2018-04-25 09:01:00 +01:00
}
feat: rewrite install procedure rewrites the installation of packages from scratch to solve several issues with the existing implementation: - does not need to choose between lockfile and jsonnetfile anymore. The jsonnetfile what to be installed, while the lockfile also has versions and checksums of all packages, even nested ones. - the lockfile is regenerated on every run, preserving the locked values - downloaded packages are hashed using sha256 to make sure we receive what we expect. If files on the local disk are modified, they are downloaded again.
2019-10-16 16:34:53 +02:00
feat: absolute imports (#63) * feat: go-like import style jb now creates a directory structure inside of vendor/ that is similar to how go does (github.com/grafana/jsonnet-libs). This is reflected in the final import paths, which means they will be go-like * refactor(spec/deps): named regexs * feat: make goImportStyle configurable Defaults to off, can be enabled in `jsonnetfile.json` * fix: integration test * doc: license headers * fix(deps): remove GO_IMPORT_STYLE not an option anymore, will always do so and symlink * feat: symlink to legacy location * feat: allow to disable legacy links * fix(test): legacyImports in integration tests * fix(spec): test * fix: respect legacyName aliases It was possible to alias packages by changing `name` previously. While names are now absolute (and computed), legacy links should still respect old aliases to avoid breaking code. * fix(test): integration * fix(init): keep legacyImports enabled for now * feat: rewrite imports adds a command to automatically rewrite imports from legacy to absolute style * fix(tool): rewrite confused by prefixing packages When a package was a prefix of another one, it broke. Fixed that by using a proper regular expression. Added a test to make sure it works as expected * Update cmd/jb/init.go * fix: exclude local packages from legacy linking They actually still use the old style, which is fine. LegacyLinking messed them up, but from now on it just ignores symlinks that match a localPackage.
2020-01-24 08:02:34 +01:00
version, err := p.Install(context.TODO(), d.Name(), vendorDir, d.Version)
feat: rewrite install procedure rewrites the installation of packages from scratch to solve several issues with the existing implementation: - does not need to choose between lockfile and jsonnetfile anymore. The jsonnetfile what to be installed, while the lockfile also has versions and checksums of all packages, even nested ones. - the lockfile is regenerated on every run, preserving the locked values - downloaded packages are hashed using sha256 to make sure we receive what we expect. If files on the local disk are modified, they are downloaded again.
2019-10-16 16:34:53 +02:00
if err != nil {
return nil, err
}
fix: disable sha256 for local packages
2019-10-30 17:38:26 +01:00
var sum string
if d.Source.LocalSource == nil {
feat: absolute imports (#63) * feat: go-like import style jb now creates a directory structure inside of vendor/ that is similar to how go does (github.com/grafana/jsonnet-libs). This is reflected in the final import paths, which means they will be go-like * refactor(spec/deps): named regexs * feat: make goImportStyle configurable Defaults to off, can be enabled in `jsonnetfile.json` * fix: integration test * doc: license headers * fix(deps): remove GO_IMPORT_STYLE not an option anymore, will always do so and symlink * feat: symlink to legacy location * feat: allow to disable legacy links * fix(test): legacyImports in integration tests * fix(spec): test * fix: respect legacyName aliases It was possible to alias packages by changing `name` previously. While names are now absolute (and computed), legacy links should still respect old aliases to avoid breaking code. * fix(test): integration * fix(init): keep legacyImports enabled for now * feat: rewrite imports adds a command to automatically rewrite imports from legacy to absolute style * fix(tool): rewrite confused by prefixing packages When a package was a prefix of another one, it broke. Fixed that by using a proper regular expression. Added a test to make sure it works as expected * Update cmd/jb/init.go * fix: exclude local packages from legacy linking They actually still use the old style, which is fine. LegacyLinking messed them up, but from now on it just ignores symlinks that match a localPackage.
2020-01-24 08:02:34 +01:00
sum = hashDir(filepath.Join(vendorDir, d.Name()))
fix: disable sha256 for local packages
2019-10-30 17:38:26 +01:00
}
feat: rewrite install procedure rewrites the installation of packages from scratch to solve several issues with the existing implementation: - does not need to choose between lockfile and jsonnetfile anymore. The jsonnetfile what to be installed, while the lockfile also has versions and checksums of all packages, even nested ones. - the lockfile is regenerated on every run, preserving the locked values - downloaded packages are hashed using sha256 to make sure we receive what we expect. If files on the local disk are modified, they are downloaded again.
2019-10-16 16:34:53 +02:00
feat: absolute imports (#63) * feat: go-like import style jb now creates a directory structure inside of vendor/ that is similar to how go does (github.com/grafana/jsonnet-libs). This is reflected in the final import paths, which means they will be go-like * refactor(spec/deps): named regexs * feat: make goImportStyle configurable Defaults to off, can be enabled in `jsonnetfile.json` * fix: integration test * doc: license headers * fix(deps): remove GO_IMPORT_STYLE not an option anymore, will always do so and symlink * feat: symlink to legacy location * feat: allow to disable legacy links * fix(test): legacyImports in integration tests * fix(spec): test * fix: respect legacyName aliases It was possible to alias packages by changing `name` previously. While names are now absolute (and computed), legacy links should still respect old aliases to avoid breaking code. * fix(test): integration * fix(init): keep legacyImports enabled for now * feat: rewrite imports adds a command to automatically rewrite imports from legacy to absolute style * fix(tool): rewrite confused by prefixing packages When a package was a prefix of another one, it broke. Fixed that by using a proper regular expression. Added a test to make sure it works as expected * Update cmd/jb/init.go * fix: exclude local packages from legacy linking They actually still use the old style, which is fine. LegacyLinking messed them up, but from now on it just ignores symlinks that match a localPackage.
2020-01-24 08:02:34 +01:00
d.Version = version
d.Sum = sum
return &d, nil
feat: rewrite install procedure rewrites the installation of packages from scratch to solve several issues with the existing implementation: - does not need to choose between lockfile and jsonnetfile anymore. The jsonnetfile what to be installed, while the lockfile also has versions and checksums of all packages, even nested ones. - the lockfile is regenerated on every run, preserving the locked values - downloaded packages are hashed using sha256 to make sure we receive what we expect. If files on the local disk are modified, they are downloaded again.
2019-10-16 16:34:53 +02:00
}
feat: minor improvements - allow to install pkg that is already locked - clean unknown files from vendor - correctly handle checksums and locked versions (was accidentally ignoring - these before)
2019-10-16 20:38:00 +02:00
// check returns whether the files present at the vendor/ folder match the
fix: disable sha256 for local packages
2019-10-30 17:38:26 +01:00
// sha256 sum of the package. local-directory dependencies are not checked as
// their purpose is to change during development where integrity checking would
// be a hindrance.
feat: absolute imports (#63) * feat: go-like import style jb now creates a directory structure inside of vendor/ that is similar to how go does (github.com/grafana/jsonnet-libs). This is reflected in the final import paths, which means they will be go-like * refactor(spec/deps): named regexs * feat: make goImportStyle configurable Defaults to off, can be enabled in `jsonnetfile.json` * fix: integration test * doc: license headers * fix(deps): remove GO_IMPORT_STYLE not an option anymore, will always do so and symlink * feat: symlink to legacy location * feat: allow to disable legacy links * fix(test): legacyImports in integration tests * fix(spec): test * fix: respect legacyName aliases It was possible to alias packages by changing `name` previously. While names are now absolute (and computed), legacy links should still respect old aliases to avoid breaking code. * fix(test): integration * fix(init): keep legacyImports enabled for now * feat: rewrite imports adds a command to automatically rewrite imports from legacy to absolute style * fix(tool): rewrite confused by prefixing packages When a package was a prefix of another one, it broke. Fixed that by using a proper regular expression. Added a test to make sure it works as expected * Update cmd/jb/init.go * fix: exclude local packages from legacy linking They actually still use the old style, which is fine. LegacyLinking messed them up, but from now on it just ignores symlinks that match a localPackage.
2020-01-24 08:02:34 +01:00
func check(d deps.Dependency, vendorDir string) bool {
fix: disable sha256 for local packages
2019-10-30 17:38:26 +01:00
// assume a local dependency is intact as long as it exists
if d.Source.LocalSource != nil {
feat: absolute imports (#63) * feat: go-like import style jb now creates a directory structure inside of vendor/ that is similar to how go does (github.com/grafana/jsonnet-libs). This is reflected in the final import paths, which means they will be go-like * refactor(spec/deps): named regexs * feat: make goImportStyle configurable Defaults to off, can be enabled in `jsonnetfile.json` * fix: integration test * doc: license headers * fix(deps): remove GO_IMPORT_STYLE not an option anymore, will always do so and symlink * feat: symlink to legacy location * feat: allow to disable legacy links * fix(test): legacyImports in integration tests * fix(spec): test * fix: respect legacyName aliases It was possible to alias packages by changing `name` previously. While names are now absolute (and computed), legacy links should still respect old aliases to avoid breaking code. * fix(test): integration * fix(init): keep legacyImports enabled for now * feat: rewrite imports adds a command to automatically rewrite imports from legacy to absolute style * fix(tool): rewrite confused by prefixing packages When a package was a prefix of another one, it broke. Fixed that by using a proper regular expression. Added a test to make sure it works as expected * Update cmd/jb/init.go * fix: exclude local packages from legacy linking They actually still use the old style, which is fine. LegacyLinking messed them up, but from now on it just ignores symlinks that match a localPackage.
2020-01-24 08:02:34 +01:00
x, err := jsonnetfile.Exists(filepath.Join(vendorDir, d.Name()))
fix: disable sha256 for local packages
2019-10-30 17:38:26 +01:00
if err != nil {
return false
}
return x
}
feat: rewrite install procedure rewrites the installation of packages from scratch to solve several issues with the existing implementation: - does not need to choose between lockfile and jsonnetfile anymore. The jsonnetfile what to be installed, while the lockfile also has versions and checksums of all packages, even nested ones. - the lockfile is regenerated on every run, preserving the locked values - downloaded packages are hashed using sha256 to make sure we receive what we expect. If files on the local disk are modified, they are downloaded again.
2019-10-16 16:34:53 +02:00
if d.Sum == "" {
// no sum available, need to download
return false
Add correct lockfile handling
2018-05-13 06:55:13 -07:00
}
Add ability to resolve and install transitive dependencies
2018-04-25 09:01:00 +01:00
feat: absolute imports (#63) * feat: go-like import style jb now creates a directory structure inside of vendor/ that is similar to how go does (github.com/grafana/jsonnet-libs). This is reflected in the final import paths, which means they will be go-like * refactor(spec/deps): named regexs * feat: make goImportStyle configurable Defaults to off, can be enabled in `jsonnetfile.json` * fix: integration test * doc: license headers * fix(deps): remove GO_IMPORT_STYLE not an option anymore, will always do so and symlink * feat: symlink to legacy location * feat: allow to disable legacy links * fix(test): legacyImports in integration tests * fix(spec): test * fix: respect legacyName aliases It was possible to alias packages by changing `name` previously. While names are now absolute (and computed), legacy links should still respect old aliases to avoid breaking code. * fix(test): integration * fix(init): keep legacyImports enabled for now * feat: rewrite imports adds a command to automatically rewrite imports from legacy to absolute style * fix(tool): rewrite confused by prefixing packages When a package was a prefix of another one, it broke. Fixed that by using a proper regular expression. Added a test to make sure it works as expected * Update cmd/jb/init.go * fix: exclude local packages from legacy linking They actually still use the old style, which is fine. LegacyLinking messed them up, but from now on it just ignores symlinks that match a localPackage.
2020-01-24 08:02:34 +01:00
dir := filepath.Join(vendorDir, d.Name())
feat: rewrite install procedure rewrites the installation of packages from scratch to solve several issues with the existing implementation: - does not need to choose between lockfile and jsonnetfile anymore. The jsonnetfile what to be installed, while the lockfile also has versions and checksums of all packages, even nested ones. - the lockfile is regenerated on every run, preserving the locked values - downloaded packages are hashed using sha256 to make sure we receive what we expect. If files on the local disk are modified, they are downloaded again.
2019-10-16 16:34:53 +02:00
sum := hashDir(dir)
return d.Sum == sum
}
feat: minor improvements - allow to install pkg that is already locked - clean unknown files from vendor - correctly handle checksums and locked versions (was accidentally ignoring - these before)
2019-10-16 20:38:00 +02:00
// hashDir computes the checksum of a directory by concatenating all files and
// hashing this data using sha256. This can be memory heavy with lots of data,
// but jsonnet files should be fairly small
feat: rewrite install procedure rewrites the installation of packages from scratch to solve several issues with the existing implementation: - does not need to choose between lockfile and jsonnetfile anymore. The jsonnetfile what to be installed, while the lockfile also has versions and checksums of all packages, even nested ones. - the lockfile is regenerated on every run, preserving the locked values - downloaded packages are hashed using sha256 to make sure we receive what we expect. If files on the local disk are modified, they are downloaded again.
2019-10-16 16:34:53 +02:00
func hashDir(dir string) string {
hasher := sha256.New()
filepath.Walk(dir, func(path string, info os.FileInfo, err error) error {
if err != nil {
return err
}
if info.IsDir() {
return nil
}
f, err := os.Open(path)
if err != nil {
return err
}
defer f.Close()
if _, err := io.Copy(hasher, f); err != nil {
return err
}
return nil
})
return base64.StdEncoding.EncodeToString(hasher.Sum(nil))
Add ability to resolve and install transitive dependencies
2018-04-25 09:01:00 +01:00
}
Reference in a new issue Copy permalink