Comments (5)
- What format is the lockfile? Is it intended to be parsed by 3rd party tooling, or should read operations run through the HLB tool?
The lockfile for hlb is more like vendoring directories but I wasn't sure if the term vendoring
only exists in golang? When you lock your modules down, you are basically creating a vendored copy into your repository which you will check in. Since HLB dependencies can only be retrieved by solving, you can't regenerate an identical vendor directory unless you control all the remote sources (docker registries, http servers, git repositories, etc).
When vendored, it may look something like:
❯ tree .hlb
.hlb
└── modules
└── sha256
└── 9f
└── 9ff8d8578c06000a3aa7027e00129524bd3460df2bb6ea3dde0f3bbfd90e4ecc
└── module.hlb
- If a single module locks its dependencies, how can that lock be shared? Should it be committed alongside the
.hlb
file?
The .hlb/modules
directory is rooted in the same working directory as the .hlb
file it was locked for. If that .hlb
file has siblings, and they have an import with the same fs
function literal (the vertex hashes to the same digest) then the locked import will be shared.
Yes, the .hlb/modules
directory should be committed alongside.
- Given
import foo from fs { image "myimage"; }
use themodule.hlb
file from myimage; would locks also be shipped in that image and used for second-level dependencies?
Good point to discuss. In languages like go
or node
, the common practice is to not lock library dependencies, but it is an option to the library author. Perhaps the convention here should be the same; i.e. HLB libraries should try not to ship with the .hlb/modules
directory so that the end-user can decide how to lock them but if they did, their dependencies will be using their own locked modules.
from hlb.
A few questions about the lockfile:
- What format is the lockfile? Is it intended to be parsed by 3rd party tooling, or should read operations run through the HLB tool?
- If a single module locks its dependencies, how can that lock be shared? Should it be committed alongside the
.hlb
file? - Given
import foo from fs { image "myimage"; }
use themodule.hlb
file from myimage; would locks also be shipped in that image and used for second-level dependencies?
from hlb.
I think vendoring is a generic enough term. And I think I conflated the "lock" concept with "lock files" in my mind -- it makes much more sense to me to think of it as a vendor directory.
Is it possible to store metadata about the actual source for each locked module? In other words, if I later run hlb module tree
would it show me eg, import foo from fs { image "bar"; }
as the source of some particular digest hash? Will it also include eg, resolved image "bar:latest" to "bar@sha256:deadbeef"
?
from hlb.
I think vendoring is a generic enough term. And I think I conflated the "lock" concept with "lock files" in my mind -- it makes much more sense to me to think of it as a vendor directory.
How about hlb module vendor
then?
Is it possible to store metadata about the actual source for each locked module? In other words, if I later run
hlb module tree
would it show me eg,import foo from fs { image "bar"; }
as the source of some particular digest hash? Will it also include eg,resolved image "bar:latest" to "bar@sha256:deadbeef"
?
We could show the whole inlined import but it may get pretty long. The current idea is to just show the import name go
and the digest of the vertex:
.
└── [go] sha256:9ff8d8578c06000a3aa7027e00129524bd3460df2bb6ea3dde0f3bbfd90e4ecc
Unfortunately, the function literal is opaque so unless I start introspecting the LLB, I wouldn't know what the source is, be it image
or git
, etc. Also I'm not sure how to extract cache keys of specific vertices atm.
from hlb.
Changed hlb mod lock
to hlb mod vendor
. I think its more intuitive.
from hlb.
Related Issues (20)
- Add Type Reference Documentation HOT 1
- Build Method Should Be Updated in the Installation Docs
- What is the replacement for deprecated import syntax? HOT 5
- Should aliases be part of the function signature? HOT 3
- Incorrect Syntax Highlighting for Snake Case Function Name in vscode HOT 3
- Consider 2 pass codegen for precomputations
- Add tests for history commits
- add infinite loop detection
- Yet another proposal to fix binding signatures HOT 15
- "forward" option does not support multiple connections over TCP HOT 2
- Running nonexistent command with readonly root FS does not fail HOT 3
- building/pushing multi-platform images HOT 1
- platform confused when using multiple archs in same build graph HOT 2
- Array proposal HOT 5
- Arg(...).WithError prints erroneous diagonistic
- Source defined breakpoints within option::run are ignored
- ModuleDir function returns incorrect result HOT 10
- `--cache-from` alternative? HOT 2
- hlb panic in `ast.(*Type).Spanf` HOT 2
- ForceNoOutput causing graph duplication HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from hlb.