Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fully hermetic component downloads #30

Closed
Tracked by #24
sgammon opened this issue Aug 15, 2023 · 1 comment · Fixed by #35
Closed
Tracked by #24

Fully hermetic component downloads #30

sgammon opened this issue Aug 15, 2023 · 1 comment · Fixed by #35
Labels
bug Something isn't working
Milestone
1.0.0

Comments

@sgammon
Copy link
Owner

sgammon commented Aug 15, 2023

At the moment, we register SHAs for GraalVM itself, but as of the latest GVM releases, not for individual components. Instead, we rely on gu to download those components.

This may introduce hermeticity issues, so we should figure out a better way.

Alternatives under consideration:

1) Download installable JARs and install them manually with gu
This is the approach taken before. It's safe/hermetic and rather optimal for downloads because there's nothing to figure out. On the other hand, when this was one component it was cumbersome, and now that there are like 5 components, it would grow to a point of being unmanageable. Plus, with GVM releases accelerating and users authoring their own components, we'll need to provide a mechanism later anyway with better APIs.

It's also worth noting that gu is under deprecation, further mitigating any benefits to this approach.

2) Offer custom components attr, and wait for Maven transition
Offer an attribute like custom_components, which pulls JAR components or something from other repositories. This way, users could provide their own custom components if needed; how this would work mechanically is unclear. In the transition to deprecate gu, the equivalent assets will mostly be hosted on Maven Central, so we can provide hermetic access via rules_jvm_external.
@sgammon sgammon added the bug Something isn't working label Aug 15, 2023
@sgammon sgammon added this to the 1.0.0 milestone Aug 15, 2023
@sgammon sgammon mentioned this issue Aug 15, 2023
Open
22 tasks
@sgammon sgammon linked a pull request Aug 18, 2023 that will close this issue
Feature: Hermetic GraalVM #35
Merged
17 tasks
@sgammon
Copy link
Owner Author

sgammon commented Aug 23, 2023

went with option 1

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
GraalVM Rules for Bazel
Status: Done
Milestone
1.0.0
Development

Successfully merging a pull request may close this issue.

Feature: Hermetic GraalVM sgammon/rules_graalvm
1 participant
@sgammon