jm + packaging   29

Share scripts that have dependencies with Nix
Nice approach to one-liner packaging invocations using nix-shell
nix  packaging  unix  linux  ops  shebang  #! 
7 weeks ago by jm
Malicious packages in npm
The node.js packaging system is being exploited by bad guys to steal auth tokens at build time. This is the best advice they can come up with:
Always check the name of packages you’re installing. You can look at the downloads number: if a package is popular but the downloads number is low, something is wrong.


:facepalm: What a mess. Security needs to become a priority....
javascript  security  npm  node  packaging  packages  fail 
august 2017 by jm
Kubernetes Best Practices // Speaker Deck
A lot of these are general Docker/containerisation best practices, too.

(via Devops Weekly)
k8s  kubernetes  devops  ops  containers  docker  best-practices  tips  packaging 
july 2017 by jm
Developer Experience Lessons Operating a Serverless-like Platform at Netflix
Very interesting writeup on how Netflix are finding operating a serverless scripting system; they offer scriptability in their backend and it's used heavily by devs to provide features. Lots of having to reinvent the wheel on packaging, deployment, versioning, and test/staging infrastructure
serverless  dependencies  packaging  deployment  versioning  devex  netflix  developer-experience  dev  testing  staging  scripting 
july 2017 by jm
Instead of containerization, give me strong config & deployment primitives
Reasonable list of things Docker does badly at the moment, and a call to fix them. I still think Docker/rkt are a solid approach, if not 100% there yet though
docker  containers  complaining  whinge  networking  swarm  deployment  architecture  build  packaging 
april 2017 by jm
Airflow/AMI/ASG nightly-packaging workflow
Some tantalising discussion on twitter of an Airflow + AMI + ASG workflow for ML packaging:

'We build models using Airflow. We deploy new models as AMIs where each AMI is model + scoring code. The AMI is hence a version of code + model at a point in time : #immutable_infrastructure. It's natural for Airflow to build & deploy the model+code with each Airflow DAG Run corresponding to a versioned AMI. if there's a problem, we can simply roll back to the previous AMI & identify the problematic model building Dag run. Since we use ASGs, Airflow can execute a rolling deploy of new AMIs. We could also have it do a validation & ASG rollback of the AMI if validation fails. Airflow is being used for reliable Model build+validation+deployment.'
ml  packaging  airflow  asg  ami  deployment  ops  infrastructure  rollback 
september 2016 by jm
Skyliner
Coda Hale's new gig on how they're using Docker, AWS, etc. I like this: "Use containers. Not too much. Mostly for packaging."
docker  aws  packaging  ops  devops  containers  skyliner 
september 2016 by jm
Some thoughts on operating containers
R.I.Pienaar talks about the conventions he uses when containerising; looks like a decent approach.
ops  containers  docker  ripienaar  packaging 
june 2016 by jm
JitPack
Publish JVM and Android libraries direct from github -- it'll build and package a lib on the fly, caching them via CDN
build  github  java  maven  gradle  dependencies  packaging  libraries 
april 2016 by jm
Javascript libraries and tools should bundle their code
If you have a million npm dependencies, distribute them in the dist package; aka. omnibus packages for JS
packaging  omnibus  npm  webpack  rollup  dependencies  coding  javascript 
march 2016 by jm
From Zero to Docker: Migrating to the Whale
nicely detailed writeup of how New Relic are dockerizing
docker  ops  deployment  packaging  new-relic 
july 2015 by jm
Docker at Shopify: From This-Looks-Fun to Production
Pragmatic evolution story, adding Docker as a packaging/deploy format for an existing production Capistrano/Rails fleet
docker  ops  deployment  packaging  shopify  slides 
june 2015 by jm
Red Hat on rkt vs Docker
This is like watching a train-wreck in slow motion on Groundhog Day. We, in the broader Linux and open source community, have been down this path multiple times over the past fifteen years, specifically with package formats. While there needs to be room for experimentation, having two incompatible specs driven by two startups trying to differentiate and in direct competition is *not* a good thing. It would be better for the community and for everyone who depends on our collective efforts if CoreOS and Docker collaborated on a standardized common spec, image format, and distribution protocol. To this end, we at Red Hat will continue to contribute to both initiatives with the goal of driving convergence.
rkt  docker  appc  coreos  red-hat  dpkg  rpm  linux  packaging  collaboration  open-source 
may 2015 by jm
Bazel
Google open sources a key part of their internal build system (internally called "Blaze" it seems for a while). Very nice indeed!
blaze  bazel  build-tools  building  open-source  google  coding  packaging 
march 2015 by jm
[Nix-dev] Pulling a programs source code from a git repo
Nix supports building from git sha. excellent
nix  packaging  build  dev  ci 
march 2015 by jm
OSTree
"git for operating system binaries".

OSTree is a tool for managing bootable, immutable, versioned filesystem trees. It is not a package system; nor is it a tool for managing full disk images. Instead, it sits between those levels, offering a blend of the advantages (and disadvantages) of both.

You can use any build system you like to place content into it on a build server, then export an OSTree repository via static HTTP. On each client system, "ostree admin upgrade" can incrementally replicate that content, creating a new root for the next reboot. This provides fully atomic upgrades. Any changes made to /etc are propagated forwards, and all local state in /var is shared.

A key goal of the project is to complement existing package systems like RPM and Debian packages, and help further their evolution. In particular for example, RPM-OSTree (linked below) has as a goal a hybrid tree/package model, where you replicate a base tree via OSTree, and then add packages on top.
os  gnome  git  linux  immutable  deployment  packaging  via:fanf 
december 2014 by jm
Announcing Snappy Ubuntu
Awesome! I was completely unaware this was coming down the pipeline.
A new, transactionally updated Ubuntu for the cloud. Ubuntu Core is a new rendition of Ubuntu for the cloud with transactional updates. Ubuntu Core is a minimal server image with the same libraries as today’s Ubuntu, but applications are provided through a simpler mechanism. The snappy approach is faster, more reliable, and lets us provide stronger security guarantees for apps and users — that’s why we call them “snappy” applications.

Snappy apps and Ubuntu Core itself can be upgraded atomically and rolled back if needed — a bulletproof approach to systems management that is perfect for container deployments. It’s called “transactional” or “image-based” systems management, and we’re delighted to make it available on every Ubuntu certified cloud.
ubuntu  linux  packaging  snappy  ubuntu-core  transactional-updates  apt  docker  ops 
december 2014 by jm
cAPTain
a simple, lightweight HTTP server for storing and distributing custom Debian packages around your organisation. It is designed to make it as easy as possible to use Debian packages for code deployments and to ease other system administration tasks.
debian  apt  sysadmin  linux  ops  packaging 
october 2014 by jm
Nix: The Purely Functional Package Manager
'a powerful package manager for Linux and other Unix systems that makes package management reliable and reproducible. It provides atomic upgrades and rollbacks, side-by-side installation of multiple versions of a package, multi-user package management and easy setup of build environments. '

Basically, this is a third-party open source reimplementation of Amazon's (excellent) internal packaging system, using symlinks to versioned package directories to ensure atomicity and the ability to roll back. This is definitely the *right* way to build packages -- I know what tool I'll be pushing for, next time this question comes up.

See also nixos.org for a Linux distro built on Nix.
ops  linux  devops  unix  packaging  distros  nix  nixos  atomic  upgrades  rollback  versioning 
september 2014 by jm
homebrew-cask
Install Mac apps using "brew". Nicely done (via Marc)
via:marc  mac  terminal  brew  packaging  apps  software  osx 
march 2014 by jm
Irish Law Society takes a stand for "brand owners IP rights"
The Law Society will attend a meeting of the Oireachtas Health Committee today to outline its strong opposition to the Government proposals to introduce legislation that will require tobacco products to use plain packaging. The society’s director general Ken Murphy will be its principal representative at the meeting today to discuss its submission on the legislation, and to discuss its concerns that a plain packaging regime will undermine registered trade mark, and design, systems and will amount to an “expropriation of brand owners intellectual property rights’.

Speaking ahead of the meeting, Mr Murphy told The Irish Times the views contained in it represent those of the Law Society as a whole, and its 10,000 members, and have been endorsed by the society as a whole, rather than the committee.

Mr Murphy also said the purpose of the Law Society submission was not to protect the tobacco industry, rather the wider effect and impact such a law would have on intellectual property rights, trade marks, in other areas.
“There is a real concern also that plain packaging in the tobacco industry is just the beginning of a trend that will severely undermine intellectual property owners’ rights in other sectors such as alcohol, soft drinks and fast foods.”


Judging by some reactions on Twitter, "endorsed by the society as a whole" may be over-egging it a little.
law-society  gubu  law  ireland  ip  packaging  branding  trademarks  cigarettes  health  tobacco 
february 2014 by jm
Good SSL for your website is absurdly difficult in practice
Yet again, security software fails on packaging and UI. via Tony Finch
security  ssl  tls  packaging  via:fanf 
september 2013 by jm
Silver Lining
'an application packaging format, a server configuration library, a cloud server management tool, a persistence management tool, and a tool to manage the application with respect to all these services over time.'  interesting, possibly too Pythonic
python  programming  dist  deployment  packaging  from delicious
april 2011 by jm
Mongrel2 Says, "Goodbye Python"
Linux distros ship ancient Python interpreters, hence it's impossible to rely on recent language features because they won't be there, making it useless to write code in Python. We have similar problems in perl-land, but it's easy enough to get by without the latest-and-greatest; maybe Python is different in that regard? ... or is it Zed?
zed-shaw  python  mongrel  distros  linux  sysadmin  packaging  from delicious
september 2010 by jm
Ubuntu's cron package silently ignores files
Ubuntu have hack-patched Vixie Cron to silently ignore cron files which contain a ".". omgwtf
omgwtfbbq  broken  ubuntu  patching  quality  bugs  software  stupid  packaging  from delicious
september 2010 by jm

related tags

#!  airflow  ami  apollo  appc  apps  apt  architecture  asg  atomic  aws  bazel  best-practices  blaze  branding  brazil  brew  broken  bugs  build  build-tools  building  cache  ci  cigarettes  coding  collaboration  complaining  containers  coreos  debian  dependencies  deployment  deterministic-builds  dev  developer-experience  devex  devops  dist  distros  docker  dpkg  fail  git  github  gnome  google  gradle  gubu  health  immutable  infrastructure  ip  ireland  java  javascript  k8s  kubernetes  law  law-society  libraries  linux  mac  maven  ml  mongrel  netflix  networking  new-relic  nix  nix-docker  nixos  nixpkgs  node  npm  omgwtfbbq  omnibus  open-source  ops  os  osx  packages  packaging  patching  programming  python  quality  red-hat  ripienaar  rkt  rocket  rollback  rollup  rpm  scripting  security  serverless  shebang  shopify  skyliner  slides  snappy  software  ssl  staging  stupid  swarm  sysadmin  terminal  testing  tips  tls  tobacco  trademarks  transactional-updates  ubuntu  ubuntu-core  unix  upgrades  versioning  via:fanf  via:marc  webpack  whinge  zed-shaw 

Copy this bookmark:



description:


tags: