-
Notifications
You must be signed in to change notification settings - Fork 283
Plugin Support #24
Comments
I think we should have a 'pod plugins install cvs' command which runs 'gem install cocoapods-cvs and bundle that with the app bundle. Care to add that to the plugins plugin? :) |
Regarding SCM, we should bundle all that cocoapods-downloader supports. This is unrelated to hosting your spec repo in another SCM. It should just work out of the box, that's the point of the app bundle. |
As far as exposing more things in the UI goes, that's outside of the scope of the first release. The first release is about a full featured CLI installation of CP. |
I may add a Besides, I haven't had time to look on CocoaPods.app yet so not sure how one would "bundle a gem into the app bundle" or what is meant by that (app bundles being code-signed on OSX, we can't add stuff to the bundle afterwards) |
The issue with a plugins command to install a plugin is what if the gem is coming from a Gemfile? |
I don’t think we need to expose the The reason we need it for CocoaPods.app is because we have only 1 bin that we expose outside of the application bundle, which is |
Hmm, this is a good question. Does it really not allow addition of files to the bundle? |
Ah, I was thinking of exposing a GUI inside the app for plugin installation, ala Alcatraz. -Samuel E. Giddins On Nov 23, 2014, at 12:24 PM, Eloy Durán notifications@github.com wrote: I don’t think we need to expose the pod plugins install NAME command outside of the context of the CocoaPods.app context. It would make little sense, because the user is clearly already familiar with gem install. The reason we need it for CocoaPods.app is because we have only 1 bin that we expose outside of the application bundle, which is pod. So to install a gem you would need to know the path to the gem command inside the application bundle, which is not really user-friendly. — |
Never tried it myself (I stopped developing OSX apps and went to iOS apps before CodeSigning was introduced on OS X) but I would be strongly surprised that it does allow it, because changing he content of the bundle means changing the signature of the whole bundle, thus making the CodeSigning invalid, right? |
I’ve updated the README to clarify the design goals better. I hope that helps, in terms of prioritising things like UI additions. |
@AliSoftware That’s not true. The signature could verify that files existing at the time of signing are unchanged. Added files do not automatically get executed. Nonetheless, I have never looked into those details :) @samdmarshall Would you know? |
Good point. Besides, I just realized that Still need some more information about all that to understand it better. Still, I'm not sure to know how the pod executable would find other gems (like plugins) in the right place, does it have kinda like its own |
Doh! Good point :D
Yup. When running |
You mean that the It's been ages since I have developed for OS X, but as far as I know, running commands that needs sudo access are not so trivial… as in order to do it right and avoid security risks and privilege escalation, one need to do specific stuff, like do the work in a dedicated service separated from the main app executable, etc… |
For reference I just found Apple's SMJobBless Sample code on privilege escalation. This confirms that to do it properly, we need a helper that will be installed as a LaunchDaemon or PrivilegedHelperTool, bless it using methods from |
@AliSoftware No that’s only needed if this were about doing this from the UI, which is not the case, this is purely about CLI usage. I tried to make it clear in the README, but maybe it’s still not clear enough; the only thing we need right now is to be able to do the following from Terminal.app (or whatever your terminal app of choice is):
If the user does not have write access to the
Afterwards, or if the user has write access, they should see:
|
And to be clear,
|
Regarding code-signing, there's a plist |
I’ve moved this to #28 which has a clean list of requirements. |
Discuss how we would handle cocoapods-plugins in the bundled App. /cc @alloy
Should we have a menu that list all known plugins (probably fetched from the
plugins.json
file) and allows the use to install them for the bundled cocoapods in one click?Maybe we should also only embed SCM tools only if the corresponding
cocoapods-plugin
is installed, namely don't embedbazaar
,hg
orsvn
binaries in the initial .app, and only download a bundledsvn.tar.xz
containing the SVN binary when the use choose to install thecocoapods-svn
plugin?(This solution would lighten the CocoaPods.app package a lot)
The text was updated successfully, but these errors were encountered: