__package_apt to accept .dpk files directly #340

Open
fancsali wants to merge 1 commits from fancsali/cdist:package-apt-dpkg into master
Contributor

Background

To install software that is either custom or not yet available in any official repos, one would go do something like this:

  • As having a compiler on a production machine has some security implications, the software would be built as a .dpkg package
  • Then uploaded and installed it with __package_dpkg.

But this would not take care of the dependencies, so one would either need to install every dependency "by hand" or perhaps run apt-get install --fix-missing to make sure things work out.

However, a perhaps less well-known feautre of apt is that it'd happily accept a package in a file and install that, satisfying the dependencies through the normal sources and repos. Unfortunately this is not exposed via __package_apt at the moment.

Solution approach

As both __package_apt and __package_dpkg are wrappers there are two obvious ways to make this more convenient:

  • Either Update __package_dpkg to run apt-get install --fix-missing after installing a package;
  • or extend __package_apt with the capability to accept package files.

As the first one seems to be somewhat of a hack and would also introduce a new dependency on apt into __package_dpkg (if a machine has apt it is guaranteed to have dpkg as well - but the reverse is not necessarily true), the second one seems to be favourable.

This change exposes that already present functionality of apt to the users of cdist.

NOTE: This PR would also seem to essentially deprecate __package_dpkg, but that's not the intent here: for completeness sake, for sake of backwards compatiblity and to keep allowing users full control I'd definitely keep that around too.

# Background To install software that is either custom or not yet available in any official repos, one would go do something like this: * As having a compiler on a production machine has some security implications, the software would be built as a `.dpkg` package * Then uploaded and installed it with `__package_dpkg`. But this would **not** take care of the **dependencies**, so one would either need to install every dependency "by hand" or perhaps run `apt-get install --fix-missing` to make sure things work out. However, a perhaps less well-known feautre of `apt` is that it'd happily accept a package in a file and install that, satisfying the dependencies through the normal sources and repos. Unfortunately this is not exposed via `__package_apt` at the moment. # Solution approach As both `__package_apt` and `__package_dpkg` are wrappers there are two obvious ways to make this more convenient: * Either Update `__package_dpkg` to run `apt-get install --fix-missing` after installing a package; * or extend `__package_apt` with the capability to accept package files. As the first one seems to be somewhat of a hack and would also introduce a new dependency on `apt` into `__package_dpkg` (if a machine has `apt` it is guaranteed to have `dpkg` as well - but the reverse is not necessarily true), the second one seems to be favourable. This change exposes that already present functionality of apt to the users of `cdist`. **NOTE**: This PR would also seem to essentially deprecate `__package_dpkg`, but that's not the intent here: for completeness sake, for sake of backwards compatiblity and to keep allowing users full control I'd definitely keep that around too.
fancsali added 1 commit 2022-07-14 19:35:31 +00:00
fancsali changed title from WIP: __package_apt to accept .dpk files directly to __package_apt to accept .dpk files directly 2022-07-14 22:16:21 +00:00
nico reviewed 2022-07-29 08:59:22 +00:00
@ -106,0 +114,4 @@
fi
$__remote_copy "$source_path" "${my_target_host}:$tempfile"
echo "$aptget $recommendsparam install $tempfile"
Owner

Interesting. And how is the tempfile removed eventually?

Interesting. And how is the tempfile removed eventually?
Author
Contributor

Well, I reckon, the OS will remove it eventually; wouldn't it?

Well, I reckon, the OS will remove it eventually; wouldn't it?
Owner

No, why would it? It's a file we copied and in case we use this type a lot, we will have a lot of leftovers. I don't think this is a clean implementation, TBH.

No, why would it? It's a file we copied and in case we use this type a lot, we will have a lot of leftovers. I don't think this is a clean implementation, TBH.
Author
Contributor

Well, according to the FHS, it sortof does: "Programs must not assume that any files or directories in /tmp are preserved between invocations of the program." (https://refspecs.linuxfoundation.org/FHS_3.0/fhs-3.0.html#tmpTemporaryFiles)

Of course, the ones stored in /var/tmp are removed less frequently, as per "5.15. /var/tmp : Temporary files preserved between system reboots" (https://refspecs.linuxfoundation.org/FHS_3.0/fhs-3.0.html#vartmpTemporaryFilesPreservedBetwee).

I do recall, there was lots of debate around how cdist should clean up after itself, but I can't remember the outcome of that discussion - if it's been decided that this is the official policy now, I am happy to add that. It's just, looking at the other types, it didn't seem so...

Well, according to the FHS, it sortof does: "Programs must not assume that any files or directories in /tmp are preserved between invocations of the program." (https://refspecs.linuxfoundation.org/FHS_3.0/fhs-3.0.html#tmpTemporaryFiles) Of course, the ones stored in `/var/tmp` are removed less frequently, as per "5.15. /var/tmp : Temporary files preserved between system reboots" (https://refspecs.linuxfoundation.org/FHS_3.0/fhs-3.0.html#vartmpTemporaryFilesPreservedBetwee). I do recall, there was lots of debate around how `cdist` should clean up after itself, but I can't remember the outcome of that discussion - if it's been decided that this is the official policy now, I am happy to add that. It's just, looking at the other types, it didn't seem so...
First-time contributor

I would like to see this feature added.

If all it takes for @nico to accept it is to rm the tmp file, @fancsali, shall I add that?

I would like to see this feature added. If all it takes for @nico to accept it is to rm the tmp file, @fancsali, shall I add that?
Collaborator

Go ahead, the pull request is already 2 years old. I'd also like to see a better comment than 'Fix IPv6' on line 108 - there's no bug, we just (re)format IPv6 addresses as needed.

Go ahead, the pull request is already 2 years old. I'd also like to see a better comment than 'Fix IPv6' on line 108 - there's no bug, we just (re)format IPv6 addresses as needed.
Author
Contributor

I am somewhat snowed under atm, so feel free to adjust the code, ladies and gents...

I am somewhat snowed under atm, so feel free to adjust the code, ladies and gents...
This pull request can be merged automatically.
This branch is out-of-date with the base branch
You are not authorized to merge this pull request.
You can also view command line instructions.

Step 1:

From your project repository, check out a new branch and test the changes.
git checkout -b fancsali-package-apt-dpkg master
git pull package-apt-dpkg

Step 2:

Merge the changes and update on Gitea.
git checkout master
git merge --no-ff fancsali-package-apt-dpkg
git push origin master
Sign in to join this conversation.
No reviewers
No Milestone
No project
No Assignees
4 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: ungleich-public/cdist#340
No description provided.