Issue #1 resolved

Handling build-depends

Yuriy Syrovetskiy
repo owner created an issue

What the Transpacker should do if building package A requires package B to be installed?

I have some options, and all are bad, more or less:

To install everything to the real system.

Buggy packages may break the build system. A1 and A2 may depend on different versions of B. ** A1 and A2 may depend on conflicting B1 and B2.

To install everything to a virtualenv.

Suitable only for Python and Ruby. Security issues. ** Given a sowtware works fine in virtualenv, will it work being installed as deb-package?

To clone a clean VM on every build, install there anything without fear.

** Too expensive.

To have a pool of lightweight VMs (chroot, lxc, openvz) with easy rollbacking (unionfs).

More lightweight => less secure. More security => less performance.

/d/

Comments (10)

  1. bessarabov

    From my point of view the best solution for this problem is to use virtual machines. This is the simplest possible solution. It is easy to implement and to use. I recommend using [vagrant][1].

    When (and if) using virtual machines became a bottle neck in the project it can be changed to somtheing less expensive. Frankly speaking, I think that the VM is the best solution for creating manageble and widly expaning package building system and it should not be changed.

    [1]: http://vagrantup.com/

  2. Yuriy Syrovetskiy reporter

    bessarabov Vagrant is just an automation tool, and the real technology thing behind it is VirtualBox, a full-virtualization appliance. Why do you consider full-virtualization being better solution than OS-level paravirtualization like OpenVZ?

  3. Log in to comment