List of desired package manager plugins for OneGet #77

Closed
fearthecowboy opened this Issue Nov 10, 2014 · 76 comments

Comments

Projects
None yet
@fearthecowboy
Contributor

fearthecowboy commented Nov 10, 2014

OneGet is a package management aggregator.

In order to fill out the goal of comprehensive package management in Windows, we need to come up with a list of package providers (types of existing package managers) that we'd like to see plugins created for OneGet for.

The list starts off fairly easy, but we need to get as much of these captured as possible.

Package Managers

Package Manager Assigned To Project Page Notes
PSModule manikb (none) PowerShell Get package manager for powershell modules.
MSI @fearthecowboy OneGet Included in OneGet core
MSU @fearthecowboy OneGet Included in OneGet core
BootStrap @fearthecowboy OneGet Included in OneGet core. Set to automation-only
ARP (Add/remove programs) @fearthecowboy OneGet Included in OneGet core -- Does not currently support installation, just removal.
EXE unassigned (none) Should detect known EXE installers to provide consistent usage.( ie, detecting NSIS packages, InstallShield packages, etc...)
NuGet @fearthecowboy OneGet/NuGet Bootstraps off the web. Will get set to automation-only by default.
Chocolatey @fearthecowboy OneGet/NuGet Current implementation is included with the NuGet provider -- this can be changed to support the Official Chocolatey version when it is ready to replace the current one.
WindowsUpdate unassigned (none) Idea A package manager for Windows Update (and supports WSUS) to find and install updates for Windows. from @p0w3rsh3ll: I'd split WindowsUpdate into: WSUS catalog (on-premise), Windows Update and Microsoft Update. http://t.co/fcMBVWwc71
WindowsStore unassigned (none) Idea A package manager for Windows Store Applications (.appx)
Cygwin unassigned (none) support for installing packages into a cygwin installation.
Ruby Gems unassigned (none) support for installing Ruby Gems.
Node's NPM unassigned (none) support for installing Node JS packages.
Perl's CPAN unassigned (none) support for installing PERL packages from CPAN.
Python unassigned (none) support for installing Python packages from Pypi (uh, and easyinstall and PIP)
PEAR unassigned (none) PEAR is a framework and distribution system for reusable PHP components..
PECL unassigned (none) PECL is a repository for PHP Extensions, providing a directory of all known extensions and hosting facilities for downloading and development of PHP extensions.
Composer unassigned (none) Composer is a tool for dependency management in PHP. It allows you to declare the dependent libraries your project needs and it will install them in your project for you.
Maven unassigned (none) a standard (Java) way to build the projects, a clear definition of what the project consisted of, an easy way to publish project information and a way to share JARs across several projects..
LUADist unassigned (none) LuaDist is a true multi-platform package management system that aims to provide both source and binary repository of modules for the Lua programming language.
LUA unassigned (none) This is LuaRocks, a deployment and management system for Lua modules.
CPM unassigned (none) A C++ Package Manager based on CMake and Git. (Any info on pacm? )
Cargo/Rust unassigned (none) Cargo is a tool that allows Rust projects to declare their various dependencies, and ensure that you'll always get a repeatable build.
Bower unassigned (none) Bower works by fetching and installing packages from all over, taking care of hunting, finding, downloading, and saving the stuff you’re looking for. Bower keeps track of these packages in a manifest file, bower.json. How you use packages is up to you. Bower provides hooks to facilitate using packages in your tools and workflows.
Pathogen/Vim unassigned (none) Manage your 'runtimepath' with ease. In practical terms, pathogen.vim makes it super easy to install plugins and runtime files in their own private directories
ClickOnce unassigned (none) Applications installed via ClickOnce
VSIX unassigned (none) Visual Studio Extensions. Would be awesome if it could scrape the gallery as a package source
Github Gist @dfinke (none) A package provider that pulls packages from github gists!
AppV unassigned (none) Install AppV packages (yes, very cool).
WebPI unassigned (none) Microsoft's Web Platform Installer.
Azure Gallery unassigned (none) Azure Gallery (?).
Windows Features unassigned (none) Windows Features (ie, CBS or DISM).?
SCCM unassigned (none) System Center Config Manager packages
# using the format:
[$NAME]($WEB) | unassigned | (none) | $DESCRIPTION.

OneGet also supports pluggable archive formats:

Archive Formats

Format Assigned To Project Page Notes
CAB @fearthecowboy OneGet CAB files. Support for this borrowed from the DTF.
ZIP @fearthecowboy OneGet Zip Files. Support for this borrowed from the DTF.
TAR unassigned (none) Unix TAR files
GZIP unassigned (none) Unix gzip (.gz) files
7Zip unassigned (none) 7Zip files
RAR unassigned (none) RAR files

As well as pluggable downloader schemes:

Downloaders

Format Assigned To Project Page Notes
FTP/HTTP/HTTPS/File @fearthecowboy OneGet Built in support for standard protocols. Current implementation is pretty rudimentary. Should add support for SmartScreen.
SSH/SCP unassigned (none) Support for grabbing files from SSH/SCP

Remember:

Package Providers can leverage other package providers in their implementation (ie, the PSModule provider uses the NuGet Provider and the Chocolatey uses the MSI, MSU and VSIX Providers

Please feel free to add any package manager to this list (just specify the details in this thread, I'll edit this post, and then delete your message)

@fearthecowboy fearthecowboy self-assigned this Nov 10, 2014

@ferventcoder

This comment has been minimized.

Show comment
Hide comment

+1

@auroraeosrose

This comment has been minimized.

Show comment
Hide comment
@auroraeosrose

auroraeosrose Nov 10, 2014

Programming languages rundown - feel to add any I missed

PEAR (+PECL) (PHP) (for bc, old folks)
composer (PHP)
pickle (PHP - new pecl)

npm (node)
bower(javascript)

cpan (perl)

not sure how to handle this mess...
(setuptools??) (python)
(pypi??)(python)
easyinstall (python)
pip (python)

rubygems (ruby)

maven (java)

luadist (lua)
luarocks (lua)

.... go? there's still wars on which one to use
https://code.google.com/p/go-wiki/wiki/PackageManagementTools

pick one and say "we're using this"??

cpm (c++)
pacm (c++)

cargo (rust)

Programming languages rundown - feel to add any I missed

PEAR (+PECL) (PHP) (for bc, old folks)
composer (PHP)
pickle (PHP - new pecl)

npm (node)
bower(javascript)

cpan (perl)

not sure how to handle this mess...
(setuptools??) (python)
(pypi??)(python)
easyinstall (python)
pip (python)

rubygems (ruby)

maven (java)

luadist (lua)
luarocks (lua)

.... go? there's still wars on which one to use
https://code.google.com/p/go-wiki/wiki/PackageManagementTools

pick one and say "we're using this"??

cpm (c++)
pacm (c++)

cargo (rust)

@ferventcoder

This comment has been minimized.

Show comment
Hide comment
@ferventcoder

ferventcoder Nov 10, 2014

If you really want to get fun, pathogen (vim).

If you really want to get fun, pathogen (vim).

@madewokherd

This comment has been minimized.

Show comment
Hide comment
@madewokherd

madewokherd Nov 10, 2014

ClickOnce installers (.application files) ?

PyPI uses (at least) the following formats: distutils (.tar.gz), python egg, windows .exe, and windows .msi. Distutils is at least fairly straightforward for pure python code (not sure how C extensions need to work, apparently .tar.gz packages normally include source code and build scripts), so it should be handled separately for stand-alone files. Pip and easyinstall seem to be alternative methods for installing things, including python eggs, from PyPI. We should probably research whether they install eggs in a compatible fashion and if so handle those separately as well.

I guess I can take responsibility for the Python mess if need be.

ClickOnce installers (.application files) ?

PyPI uses (at least) the following formats: distutils (.tar.gz), python egg, windows .exe, and windows .msi. Distutils is at least fairly straightforward for pure python code (not sure how C extensions need to work, apparently .tar.gz packages normally include source code and build scripts), so it should be handled separately for stand-alone files. Pip and easyinstall seem to be alternative methods for installing things, including python eggs, from PyPI. We should probably research whether they install eggs in a compatible fashion and if so handle those separately as well.

I guess I can take responsibility for the Python mess if need be.

@auroraeosrose

This comment has been minimized.

Show comment
Hide comment
@auroraeosrose

auroraeosrose Nov 10, 2014

oh we're volunteering too? ah, PHP mess... I can do PEAR and PECL (they're actually all done with the PEAR installer yo so it's one package manager) + composer and https://github.com/FriendsOfPHP/pickle - pickle which is aiming for use with composer as well

oh we're volunteering too? ah, PHP mess... I can do PEAR and PECL (they're actually all done with the PEAR installer yo so it's one package manager) + composer and https://github.com/FriendsOfPHP/pickle - pickle which is aiming for use with composer as well

@fearthecowboy

This comment has been minimized.

Show comment
Hide comment
@fearthecowboy

fearthecowboy Nov 10, 2014

Contributor

Awesome. FYI, I have builds of the package provider SDK ready to go, and we can examine it in detail this Friday.

Contributor

fearthecowboy commented Nov 10, 2014

Awesome. FYI, I have builds of the package provider SDK ready to go, and we can examine it in detail this Friday.

@dfinke

This comment has been minimized.

Show comment
Hide comment
@dfinke

dfinke Nov 10, 2014

I'm making progress with a Gist OneGet provider. I've got questions though.

dfinke commented Nov 10, 2014

I'm making progress with a Gist OneGet provider. I've got questions though.

@fearthecowboy

This comment has been minimized.

Show comment
Hide comment
@fearthecowboy

fearthecowboy Nov 10, 2014

Contributor

@dfinke SQUEEEEEEEEEE!

Contributor

fearthecowboy commented Nov 10, 2014

@dfinke SQUEEEEEEEEEE!

@mwrock

This comment has been minimized.

Show comment
Hide comment
@mwrock

mwrock Nov 10, 2014

More manager ideas:
VSIX
Sublime Text
chef cookbooks
dsc resources
puppet modules
vagrant
docker

Other Archive formats to consider:
LZMA/LZMA2 - 7zip defaults to the lzma algorithm but many non 7zip archivers (eg bsdtar) cannot decompress 7zip.

mwrock commented Nov 10, 2014

More manager ideas:
VSIX
Sublime Text
chef cookbooks
dsc resources
puppet modules
vagrant
docker

Other Archive formats to consider:
LZMA/LZMA2 - 7zip defaults to the lzma algorithm but many non 7zip archivers (eg bsdtar) cannot decompress 7zip.

@fearthecowboy

This comment has been minimized.

Show comment
Hide comment
@fearthecowboy

fearthecowboy Nov 10, 2014

Contributor

@mwrock We're gonna dance awful close to insanity when we support the notion of Chef, DSC, Puppet, Vagrant and Docker as 'package managers' !

Hard not to agree that they are needed tho'

Contributor

fearthecowboy commented Nov 10, 2014

@mwrock We're gonna dance awful close to insanity when we support the notion of Chef, DSC, Puppet, Vagrant and Docker as 'package managers' !

Hard not to agree that they are needed tho'

@ferventcoder

This comment has been minimized.

Show comment
Hide comment
@ferventcoder

ferventcoder Nov 10, 2014

@fearthecowboy @mwrock Chef / DSC / Puppet - not package managers - puppet modules, chef cookbooks, dsc resources however can be considered packages, thus have places where they are installed, upgraded and uninstalled.

@fearthecowboy @mwrock Chef / DSC / Puppet - not package managers - puppet modules, chef cookbooks, dsc resources however can be considered packages, thus have places where they are installed, upgraded and uninstalled.

@mwrock

This comment has been minimized.

Show comment
Hide comment
@mwrock

mwrock Nov 10, 2014

@fearthecowboy @ferventcoder I definitely realize these are not the "low hanging fruit" but figure I'd throw them out there while we are brainstorming.

mwrock commented Nov 10, 2014

@fearthecowboy @ferventcoder I definitely realize these are not the "low hanging fruit" but figure I'd throw them out there while we are brainstorming.

@ferventcoder

This comment has been minimized.

Show comment
Hide comment

👍

@ferventcoder

This comment has been minimized.

Show comment
Hide comment
@ferventcoder

ferventcoder Nov 10, 2014

@mwrock I just realized you mentioned yourself in that comment ;)

@mwrock I just realized you mentioned yourself in that comment ;)

@fearthecowboy

This comment has been minimized.

Show comment
Hide comment
@fearthecowboy

fearthecowboy Nov 10, 2014

Contributor

Pardon me, I should have said "Package Providers" ... I think about the trickyness involved in those, and It starts to give me vertigo

Contributor

fearthecowboy commented Nov 10, 2014

Pardon me, I should have said "Package Providers" ... I think about the trickyness involved in those, and It starts to give me vertigo

@Jaykul

This comment has been minimized.

Show comment
Hide comment
@Jaykul

Jaykul Nov 10, 2014

How about source + make files? Can we write a provider that knows how to "just run msbuild"?

== Read slowly and answer in your head as you go: ==

If we wanted to support "deploy from github" what would a github project need to do at a minimum? Must they build an MSI package for each release, and specifically attach it to a commit tag, and then inject SWID tags to their project home page? I assume this will work as soon as the SWID provider is done, right?

What if they "just" create a nupkg instead, can the SWID provider handle chocolatey nuget packages?

What if they skip creating a custom home page -- can we search releases/tags on github to find nuget packages, and still not require them to upload the package to a specific chocolatey server?

What if they just put a chocolatey nuget manifest in their source code (so it ends up in the source zip), instead of actually creating the nuget package? Let's assume the chocolateyinstall.ps1 script can call msbuild to compile the repo ... so the only step they're missing is actually running nuget and attaching the nupkg to the tag in github.

What if they skip the manifest and just have the chocolateyinstall.ps1 script in the repo?

Since the chocolateyinstall script is just calling msbuild anyway, can we just skip the install script and have an msbuild.*proj file in the root?

Jaykul commented Nov 10, 2014

How about source + make files? Can we write a provider that knows how to "just run msbuild"?

== Read slowly and answer in your head as you go: ==

If we wanted to support "deploy from github" what would a github project need to do at a minimum? Must they build an MSI package for each release, and specifically attach it to a commit tag, and then inject SWID tags to their project home page? I assume this will work as soon as the SWID provider is done, right?

What if they "just" create a nupkg instead, can the SWID provider handle chocolatey nuget packages?

What if they skip creating a custom home page -- can we search releases/tags on github to find nuget packages, and still not require them to upload the package to a specific chocolatey server?

What if they just put a chocolatey nuget manifest in their source code (so it ends up in the source zip), instead of actually creating the nuget package? Let's assume the chocolateyinstall.ps1 script can call msbuild to compile the repo ... so the only step they're missing is actually running nuget and attaching the nupkg to the tag in github.

What if they skip the manifest and just have the chocolateyinstall.ps1 script in the repo?

Since the chocolateyinstall script is just calling msbuild anyway, can we just skip the install script and have an msbuild.*proj file in the root?

@Jaykul

This comment has been minimized.

Show comment
Hide comment
@Jaykul

Jaykul Nov 10, 2014

For what it's worth: DSC Resources are PowerShell modules, and will be deployed as such via PowerShellGet.

Vagrant has a https://vagrantcloud.com/ repository for boxes, and command-line tools that could be wrapped for downloading/installing.

Do Chef and Puppet have similar repositories and command-line search and download tools for their cookbooks and modules?

Jaykul commented Nov 10, 2014

For what it's worth: DSC Resources are PowerShell modules, and will be deployed as such via PowerShellGet.

Vagrant has a https://vagrantcloud.com/ repository for boxes, and command-line tools that could be wrapped for downloading/installing.

Do Chef and Puppet have similar repositories and command-line search and download tools for their cookbooks and modules?

@ferventcoder

This comment has been minimized.

Show comment
Hide comment
@ferventcoder

ferventcoder Nov 10, 2014

@Jaykul yup, they both do.

@Jaykul yup, they both do.

@mwrock

This comment has been minimized.

Show comment
Hide comment
@mwrock

mwrock Nov 10, 2014

chef has https://supermarket.getchef.com/ and has a ruby CLI that wraps a rest API to do all the packaging logistics.

mwrock commented Nov 10, 2014

chef has https://supermarket.getchef.com/ and has a ruby CLI that wraps a rest API to do all the packaging logistics.

@fearthecowboy

This comment has been minimized.

Show comment
Hide comment
@fearthecowboy

fearthecowboy Nov 10, 2014

Contributor

re : How about source + make files? Can we write a provider that knows how to "just run msbuild"?

@Jaykul I've thought about that many times, and I'd love to see one for that too.

Contributor

fearthecowboy commented Nov 10, 2014

re : How about source + make files? Can we write a provider that knows how to "just run msbuild"?

@Jaykul I've thought about that many times, and I'd love to see one for that too.

@Jaykul

This comment has been minimized.

Show comment
Hide comment
@Jaykul

Jaykul Nov 10, 2014

Then (IMO) it makes sense to include that much, at least, as a OneGet provider. Eventually.

I have to say that I think that these things which are tool-chain-specific are not great candidates for inclusion, and should go dead-last after everything else is built (unless their developers want to write them, which is great and awesome, and better than the community writing them anyway).

That is: CPAN/PyPi/PEAR and all the other language-specific repositories are tool-chain-specific, and so are the repositories for chef, puppet, and vagrant. Nobody has any use for a chef cookbook except to run it with chef, and someone who's using vagrant is just never going to run install-package rather than using vagrant box install -- because they already have to learn the vagrant tool chain, and there's no sense using one command from OneGet when everything else is vagrant up and vagrant ssh etc.

The only caveat I would make to that is for tools that are providing other tools. So, for instance:

  • NuGet is not (in my opinion) tool-chain specific, because we need it in Visual Studio and in build tools, as well as in PowerShell (because libraries are also dependencies for PowerShell modules).
  • PowerShellGet is really not tool-chain specific (we need it in PowerShell and in DSC), but even if it were, the fact that it adds modules that are actually tools, (and not just code that we need to write more code for) would give it a pass in my book anyway.

Jaykul commented Nov 10, 2014

Then (IMO) it makes sense to include that much, at least, as a OneGet provider. Eventually.

I have to say that I think that these things which are tool-chain-specific are not great candidates for inclusion, and should go dead-last after everything else is built (unless their developers want to write them, which is great and awesome, and better than the community writing them anyway).

That is: CPAN/PyPi/PEAR and all the other language-specific repositories are tool-chain-specific, and so are the repositories for chef, puppet, and vagrant. Nobody has any use for a chef cookbook except to run it with chef, and someone who's using vagrant is just never going to run install-package rather than using vagrant box install -- because they already have to learn the vagrant tool chain, and there's no sense using one command from OneGet when everything else is vagrant up and vagrant ssh etc.

The only caveat I would make to that is for tools that are providing other tools. So, for instance:

  • NuGet is not (in my opinion) tool-chain specific, because we need it in Visual Studio and in build tools, as well as in PowerShell (because libraries are also dependencies for PowerShell modules).
  • PowerShellGet is really not tool-chain specific (we need it in PowerShell and in DSC), but even if it were, the fact that it adds modules that are actually tools, (and not just code that we need to write more code for) would give it a pass in my book anyway.
@fearthecowboy

This comment has been minimized.

Show comment
Hide comment
@fearthecowboy

fearthecowboy Nov 10, 2014

Contributor

NuGet is not (in my opinion) tool-chain specific, because we need it in Visual Studio and in build tools, as well as in PowerShell (because libraries are also dependencies for PowerShell modules).

Oddly enough, the NuGet team feels that NuGet is toolchain-specific and has asked me to hide the NuGet provider by default. This stems from it being less-functional at the command line than it is in Visual Studio (the cmdline won't do the msbuild edits)

Contributor

fearthecowboy commented Nov 10, 2014

NuGet is not (in my opinion) tool-chain specific, because we need it in Visual Studio and in build tools, as well as in PowerShell (because libraries are also dependencies for PowerShell modules).

Oddly enough, the NuGet team feels that NuGet is toolchain-specific and has asked me to hide the NuGet provider by default. This stems from it being less-functional at the command line than it is in Visual Studio (the cmdline won't do the msbuild edits)

@madewokherd

This comment has been minimized.

Show comment
Hide comment
@madewokherd

madewokherd Nov 10, 2014

I disagree about PyPI. If you are a developer of a Python application that you wish to distribute, your users have to get the dependencies somehow, and that may be how they are packaged. The install path isn't different for end-users; they need the same stuff you do.

I disagree about PyPI. If you are a developer of a Python application that you wish to distribute, your users have to get the dependencies somehow, and that may be how they are packaged. The install path isn't different for end-users; they need the same stuff you do.

@fearthecowboy

This comment has been minimized.

Show comment
Hide comment
@fearthecowboy

fearthecowboy Nov 10, 2014

Contributor

. Nobody has any use for a chef cookbook except to run it with chef, and someone who's using vagrant is just never going to run install-package rather than using vagrant box install -- because they already have to learn the vagrant tool chain, and there's no sense using one command from OneGet when everything else is vagrant up and vagrant ssh etc.

I disagree...

The bootstrapping all-the-way-down becomes an incredibly powerful reason to use the OneGet cmd. If I said install-package -provider XYZ some-complex-package -ForceBootstrap ... if everything works right, it'll bootstrap what's needed to run that all in one shot.

Didn't have to manually install each thing (vagrant, chef, XYZ, etc)

Contributor

fearthecowboy commented Nov 10, 2014

. Nobody has any use for a chef cookbook except to run it with chef, and someone who's using vagrant is just never going to run install-package rather than using vagrant box install -- because they already have to learn the vagrant tool chain, and there's no sense using one command from OneGet when everything else is vagrant up and vagrant ssh etc.

I disagree...

The bootstrapping all-the-way-down becomes an incredibly powerful reason to use the OneGet cmd. If I said install-package -provider XYZ some-complex-package -ForceBootstrap ... if everything works right, it'll bootstrap what's needed to run that all in one shot.

Didn't have to manually install each thing (vagrant, chef, XYZ, etc)

@fearthecowboy

This comment has been minimized.

Show comment
Hide comment
@fearthecowboy

fearthecowboy Nov 10, 2014

Contributor

@madewokherd EXACTLY.

When I want to use Pygments, I should be able to (on a new system): install-package -provider Python -forcebootstrap Pygments

Contributor

fearthecowboy commented Nov 10, 2014

@madewokherd EXACTLY.

When I want to use Pygments, I should be able to (on a new system): install-package -provider Python -forcebootstrap Pygments

@Jaykul

This comment has been minimized.

Show comment
Hide comment
@Jaykul

Jaykul Nov 10, 2014

Fair enough, that's an oversight on my part -- to the extent that apps are acceptable in the repository, it becomes useful outside it's tool-chain.

Jaykul commented Nov 10, 2014

Fair enough, that's an oversight on my part -- to the extent that apps are acceptable in the repository, it becomes useful outside it's tool-chain.

@mwrock

This comment has been minimized.

Show comment
Hide comment
@mwrock

mwrock Nov 10, 2014

I have to say that I think that these things which are tool-chain-specific are not great candidates for inclusion, and should go dead-last after everything else is built (unless their developers want to write them, which is great and awesome, and better than the community writing them anyway)

I largely agree with this. Especially since most of these are developer centric tools, if the devs are not willing to contribute thats evidence that oneget support does not provide value in this area and internal MS resources would likely be better spent elsewhere.

However, this is an OSS project right? I'm assuming this is not a wish list for Microsoft but an idea board for would be contributors (many of whom will likely be MS employees).

mwrock commented Nov 10, 2014

I have to say that I think that these things which are tool-chain-specific are not great candidates for inclusion, and should go dead-last after everything else is built (unless their developers want to write them, which is great and awesome, and better than the community writing them anyway)

I largely agree with this. Especially since most of these are developer centric tools, if the devs are not willing to contribute thats evidence that oneget support does not provide value in this area and internal MS resources would likely be better spent elsewhere.

However, this is an OSS project right? I'm assuming this is not a wish list for Microsoft but an idea board for would be contributors (many of whom will likely be MS employees).

@ferventcoder

This comment has been minimized.

Show comment
Hide comment
@ferventcoder

ferventcoder Nov 10, 2014

I think the vagrant one is interesting, I saw it as the plugins for vagrant and not adding the boxes.

I think the vagrant one is interesting, I saw it as the plugins for vagrant and not adding the boxes.

@fearthecowboy

This comment has been minimized.

Show comment
Hide comment
@fearthecowboy

fearthecowboy Nov 10, 2014

Contributor

We're gonna have to start a second list of things we'd like to see use OneGet as an API.

Wait till I publish the API!

Contributor

fearthecowboy commented Nov 10, 2014

We're gonna have to start a second list of things we'd like to see use OneGet as an API.

Wait till I publish the API!

@Jaykul

This comment has been minimized.

Show comment
Hide comment
@Jaykul

Jaykul Nov 10, 2014

To re-emphasize what I said: I'm not saying we don't want these, just to prioritize them lower. They have less usefulness than more general repositories.

Pygments is a great example, since it is (sortof) an app, even though it's really a library. If you're writing Python, you're unlikely to Install-package -provider PythonPyPi -Force Pygments since you already have pip installed, and you can copy/paste pip install Pygments from their website ... but if you're not a Python user, and you just want to install Pygments for use at the command-line in Windows ... then you're probably that one guy who should write the PyPI provider 😛

Back to my point: put these on the list for sure, but let's prioritize repositories that package tools and apps over repositories that package source and libraries -- developers getting involved who care about a specific repository should tackle what they care about, ignoring priorities as always -- but if people are just trying to get involved and help out OneGet, tool-chain-specific things should come after the more useful things 💊

Jaykul commented Nov 10, 2014

To re-emphasize what I said: I'm not saying we don't want these, just to prioritize them lower. They have less usefulness than more general repositories.

Pygments is a great example, since it is (sortof) an app, even though it's really a library. If you're writing Python, you're unlikely to Install-package -provider PythonPyPi -Force Pygments since you already have pip installed, and you can copy/paste pip install Pygments from their website ... but if you're not a Python user, and you just want to install Pygments for use at the command-line in Windows ... then you're probably that one guy who should write the PyPI provider 😛

Back to my point: put these on the list for sure, but let's prioritize repositories that package tools and apps over repositories that package source and libraries -- developers getting involved who care about a specific repository should tackle what they care about, ignoring priorities as always -- but if people are just trying to get involved and help out OneGet, tool-chain-specific things should come after the more useful things 💊

@auroraeosrose

This comment has been minimized.

Show comment
Hide comment
@auroraeosrose

auroraeosrose Nov 10, 2014

The problem is viewing this as just one thing in isolation with the toolchain providers
There are end users who don't want the hassle, where cross provider deps can save sanity

So here's a theoretical user -

I want to install drupal on my new windows box

I can just install package drupal with a provider that is just for the tar.gz I downloaded

OneGet sees that there are deps registered for this from other packages and package managers

It uses msi to get apache and php and installs them

It uses PECL to grab a couple additional PHP extensions

It uses composer to get dependent PHP libraries from packagist

TADA - I'm ready to run

4 different package providers - 3 "toolchain specific" - and 99.9% less hassle for everyone involved

The problem is viewing this as just one thing in isolation with the toolchain providers
There are end users who don't want the hassle, where cross provider deps can save sanity

So here's a theoretical user -

I want to install drupal on my new windows box

I can just install package drupal with a provider that is just for the tar.gz I downloaded

OneGet sees that there are deps registered for this from other packages and package managers

It uses msi to get apache and php and installs them

It uses PECL to grab a couple additional PHP extensions

It uses composer to get dependent PHP libraries from packagist

TADA - I'm ready to run

4 different package providers - 3 "toolchain specific" - and 99.9% less hassle for everyone involved

@Jaykul

This comment has been minimized.

Show comment
Hide comment
@Jaykul

Jaykul Nov 10, 2014

Oh, that reminds me, we need a provider for Web Platform Installer. 😈

I know you think I don't get it, but I just wanted to prioritize things with bigger impact first. I am certainly not trying to convince any geeks not to work on the providers for their favorite repositories. You clearly have a specific toolchain you want support for -- please go write it!

My 2 cents: I think if you "want to install drupal" you're not an "end user" anymore, and if you want to do it on Windows, maybe you want to do it with IIS (or even IIS Express), and ... you missed the database server 😉.

Tangent: I don't think I want OneGet to be quite as clever as you're imagining it. I definitely don't want OneGet to decide for me that I need a specific web server, programming languages and database just from seeing a source code tarball. Do you I think you need explicit dependencies on specific packages (e.g. WPI has a drupal package which requires MySQL and IIS with PHP via FastCGI -- but maybe there's another which requires PostgreSQL and Apache, with ModPHP?)

P.S. I'm just a geek, my opinions have no particular standing or weight around here.

Jaykul commented Nov 10, 2014

Oh, that reminds me, we need a provider for Web Platform Installer. 😈

I know you think I don't get it, but I just wanted to prioritize things with bigger impact first. I am certainly not trying to convince any geeks not to work on the providers for their favorite repositories. You clearly have a specific toolchain you want support for -- please go write it!

My 2 cents: I think if you "want to install drupal" you're not an "end user" anymore, and if you want to do it on Windows, maybe you want to do it with IIS (or even IIS Express), and ... you missed the database server 😉.

Tangent: I don't think I want OneGet to be quite as clever as you're imagining it. I definitely don't want OneGet to decide for me that I need a specific web server, programming languages and database just from seeing a source code tarball. Do you I think you need explicit dependencies on specific packages (e.g. WPI has a drupal package which requires MySQL and IIS with PHP via FastCGI -- but maybe there's another which requires PostgreSQL and Apache, with ModPHP?)

P.S. I'm just a geek, my opinions have no particular standing or weight around here.

@madewokherd

This comment has been minimized.

Show comment
Hide comment
@madewokherd

madewokherd Nov 11, 2014

Ideally, when you install drupal you would be able to specify options regarding the environment you want to use it in, and the default would be a working environment consisting of whatever the drupal packager thinks is best. I don't know enough about web applications to say whether that's feasible.

It's how I would do a provider for anything Python: default to using a system-wide install (using the msi from python.org) of the newest Python version compatible with the thing you're installing, but allow the user to specify a different Python version or Python install location.

Ideally, when you install drupal you would be able to specify options regarding the environment you want to use it in, and the default would be a working environment consisting of whatever the drupal packager thinks is best. I don't know enough about web applications to say whether that's feasible.

It's how I would do a provider for anything Python: default to using a system-wide install (using the msi from python.org) of the newest Python version compatible with the thing you're installing, but allow the user to specify a different Python version or Python install location.

@rismoney

This comment has been minimized.

Show comment
Hide comment
@rismoney

rismoney Nov 11, 2014

I am probably going to get boos on this-OneGet feels like the emperor's new clothes. I use a ton of package manager solutions listed above and aggregating them is not where the problem lies. I will try to focus on the future needs and not current. I largely agree with @Jaykul and the priorities.

Config management tools like chef or puppet easily abstract away the intracacies of how to handle packages via their provider models. I wrote the choco and oneget providers for puppet... not perfect but incrementally better than handling msis...there is now DSC and more abstraction can happen but that is not necessarily good...

The docker models require user mode packages vs kernel mode packages which noone has a clue on how it is going to be delivered in win server 10. Docker does not need a wrapper to wrap its docker pull. Dockerfiles will need package manager support however. Orchestrating docker falls into managing with fleet, kubernetes or other tooling. As @Jaykul mentioned unless you have a problem with native tooling I consider these edge case providers.

If I am a ruby dev I may start with a trivial gem install but you soon move to bundler when you learn more. Why run one-get to install a gem? It only reduces my trust, wont be taught by a ruby instructor and will be fringe use at best. Imagine the same with pip, python, go, etc. Psget might be exception as its not been solidified in stone how to get psmodules.

Just because something can be done doesnt mean it should be or need be.

If you are looking for value in oneget it comes from- driving people towards package management on windows. This requires a commitment - distributing ALL msft software through it to prove it works. From Exchange to IIS to Unifying ARP to hotfixs updates, etc. Working with partners to get feeds so other vendors like Adobe, oracle or others develop with packages in mind on pluggable feeds of their own.

The frustration from package management starts at microsoft. How do I install sql on a cluster with one-get? How do I install the Windows ADK when they make dont make the installer urls available? When I find a kb that needs a hotfix from qfe...it goes on and on. When I want to patch my system with windoes update I see yet another "feed"...webpi.a lot of technology wrapped under an umbrella. Get that right and build on from there.

I am probably going to get boos on this-OneGet feels like the emperor's new clothes. I use a ton of package manager solutions listed above and aggregating them is not where the problem lies. I will try to focus on the future needs and not current. I largely agree with @Jaykul and the priorities.

Config management tools like chef or puppet easily abstract away the intracacies of how to handle packages via their provider models. I wrote the choco and oneget providers for puppet... not perfect but incrementally better than handling msis...there is now DSC and more abstraction can happen but that is not necessarily good...

The docker models require user mode packages vs kernel mode packages which noone has a clue on how it is going to be delivered in win server 10. Docker does not need a wrapper to wrap its docker pull. Dockerfiles will need package manager support however. Orchestrating docker falls into managing with fleet, kubernetes or other tooling. As @Jaykul mentioned unless you have a problem with native tooling I consider these edge case providers.

If I am a ruby dev I may start with a trivial gem install but you soon move to bundler when you learn more. Why run one-get to install a gem? It only reduces my trust, wont be taught by a ruby instructor and will be fringe use at best. Imagine the same with pip, python, go, etc. Psget might be exception as its not been solidified in stone how to get psmodules.

Just because something can be done doesnt mean it should be or need be.

If you are looking for value in oneget it comes from- driving people towards package management on windows. This requires a commitment - distributing ALL msft software through it to prove it works. From Exchange to IIS to Unifying ARP to hotfixs updates, etc. Working with partners to get feeds so other vendors like Adobe, oracle or others develop with packages in mind on pluggable feeds of their own.

The frustration from package management starts at microsoft. How do I install sql on a cluster with one-get? How do I install the Windows ADK when they make dont make the installer urls available? When I find a kb that needs a hotfix from qfe...it goes on and on. When I want to patch my system with windoes update I see yet another "feed"...webpi.a lot of technology wrapped under an umbrella. Get that right and build on from there.

@timbodv

This comment has been minimized.

Show comment
Hide comment
@timbodv

timbodv Nov 11, 2014

How about an App-V provider? Based on the support lifecycle from Microsoft an implementation for 4.5 (supported until 2019), 4.6 (supported until 2020) and 5.0 (supported until 2023) versions are probably warranted, however I don't see much 4.5 around these days - there is a lot of existing 4.6 packages and 5.0 is really starting to kick off.

timbodv commented Nov 11, 2014

How about an App-V provider? Based on the support lifecycle from Microsoft an implementation for 4.5 (supported until 2019), 4.6 (supported until 2020) and 5.0 (supported until 2023) versions are probably warranted, however I don't see much 4.5 around these days - there is a lot of existing 4.6 packages and 5.0 is really starting to kick off.

@auroraeosrose

This comment has been minimized.

Show comment
Hide comment
@auroraeosrose

auroraeosrose Nov 11, 2014

Already volunteered for the crap I use :) And PHP comes with sqlite as a db (no I wouldn't really recommend it but... you can use it LOL)

As far as letting an app pick a toolchain path (db type, server type) I'd suspect the packager would either provide different meta-packages that provide functionality and let you pick (a la gnome vs. kde) or let you pass stuff via command line - as @madewokherd I'd leave that to the packagers themselves

Already volunteered for the crap I use :) And PHP comes with sqlite as a db (no I wouldn't really recommend it but... you can use it LOL)

As far as letting an app pick a toolchain path (db type, server type) I'd suspect the packager would either provide different meta-packages that provide functionality and let you pick (a la gnome vs. kde) or let you pass stuff via command line - as @madewokherd I'd leave that to the packagers themselves

@fearthecowboy

This comment has been minimized.

Show comment
Hide comment
@fearthecowboy

fearthecowboy Nov 11, 2014

Contributor

All package providers can specify any number of dynamic parameters that are important for installation. (ie, the NuGet provider requires -Destination to tell it where to work.

Contributor

fearthecowboy commented Nov 11, 2014

All package providers can specify any number of dynamic parameters that are important for installation. (ie, the NuGet provider requires -Destination to tell it where to work.

@cdhunt

This comment has been minimized.

Show comment
Hide comment
@cdhunt

cdhunt Nov 11, 2014

https://spoon.net/hub

Application containers for Windows. Alt to Docker.

cdhunt commented Nov 11, 2014

https://spoon.net/hub

Application containers for Windows. Alt to Docker.

@Nacimota

This comment has been minimized.

Show comment
Hide comment
@Nacimota

Nacimota Nov 11, 2014

Re Windows Features: didn't MS ship a DISM module for PowerShell with 8.1/2012 R2? If we can use that I imagine it would cut down on the work required.

Re Windows Features: didn't MS ship a DISM module for PowerShell with 8.1/2012 R2? If we can use that I imagine it would cut down on the work required.

@oising

This comment has been minimized.

Show comment
Hide comment
@oising

oising Nov 18, 2014

I've always wanted to wrap DISM up in something useful, so I will take a crack at that one for the "windows features" provider. I'm certain whether that would end up performing double-duty for the server platform too, but I'll start out with the windows client.

oising commented Nov 18, 2014

I've always wanted to wrap DISM up in something useful, so I will take a crack at that one for the "windows features" provider. I'm certain whether that would end up performing double-duty for the server platform too, but I'll start out with the windows client.

@mwrock

This comment has been minimized.

Show comment
Hide comment
@mwrock

mwrock Nov 18, 2014

the DISM feature names work on both client and server so in theory you should be able to reuse that for both server and client.

mwrock commented Nov 18, 2014

the DISM feature names work on both client and server so in theory you should be able to reuse that for both server and client.

@doctordns

This comment has been minimized.

Show comment
Hide comment
@doctordns

doctordns Nov 22, 2014

Re the Downloader. You might consider a BITS downloader.

Re the Downloader. You might consider a BITS downloader.

@bastianeicher

This comment has been minimized.

Show comment
Hide comment
@bastianeicher

bastianeicher Nov 29, 2014

Addition for the list:

Package Manager: Zero Install
Assigned To: @bastianeicher
Project Page: http://0install.de
Notes: This could be maintained as a part of the Zero Install project itself.

Addition for the list:

Package Manager: Zero Install
Assigned To: @bastianeicher
Project Page: http://0install.de
Notes: This could be maintained as a part of the Zero Install project itself.

@rzander

This comment has been minimized.

Show comment
Hide comment
@rzander

rzander Apr 14, 2015

Another one is born...
Package Manager: RuckZuck
Assigned To: @rzander
Project Page: http://ruckzuck.codeplex.com
Notes: Support for installation, update (e.g. Find-Package -Updates) and removal is implemented.

rzander commented Apr 14, 2015

Another one is born...
Package Manager: RuckZuck
Assigned To: @rzander
Project Page: http://ruckzuck.codeplex.com
Notes: Support for installation, update (e.g. Find-Package -Updates) and removal is implemented.

@fearthecowboy

This comment has been minimized.

Show comment
Hide comment
@fearthecowboy

fearthecowboy Apr 14, 2015

Contributor

@rzander Oh, very cool.

I'm tied up today, but I'll play around with this tomorrow. If it's stable enough, I'd like to get it into the list of available providers that can autobootstrap.

G

Contributor

fearthecowboy commented Apr 14, 2015

@rzander Oh, very cool.

I'm tied up today, but I'll play around with this tomorrow. If it's stable enough, I'd like to get it into the list of available providers that can autobootstrap.

G

@bastianeicher

This comment has been minimized.

Show comment
Hide comment
@bastianeicher

bastianeicher May 7, 2015

The Package Provider for Zero Install is ready. It supports Find-Package, Get-Package, Install/Uninstall-Package, Save-Package and Register/Unregister/Set-PackageSource.

The Provider is bundled with Zero Install 2.8+ and registered via the HKCU\SOFTWARE\Microsoft\PackageManagement registry key. An installer that runs without Admin privileges is available at https://0install.de/files/zero-install-per-user.exe . It can be executed silently with /verysilent /norestart.

@fearthecowboy I'd love to see this added to the bootstrap list. Please let me know if you need any additional information.

The Package Provider for Zero Install is ready. It supports Find-Package, Get-Package, Install/Uninstall-Package, Save-Package and Register/Unregister/Set-PackageSource.

The Provider is bundled with Zero Install 2.8+ and registered via the HKCU\SOFTWARE\Microsoft\PackageManagement registry key. An installer that runs without Admin privileges is available at https://0install.de/files/zero-install-per-user.exe . It can be executed silently with /verysilent /norestart.

@fearthecowboy I'd love to see this added to the bootstrap list. Please let me know if you need any additional information.

@fearthecowboy

This comment has been minimized.

Show comment
Hide comment
@fearthecowboy

fearthecowboy May 11, 2015

Contributor

@bastianeicher AWESOME!

I'm just recovering from the worst flu I've had in like forever, gimme a day or so, and we'll work on getting this into the bootstrapper list. Lemme take a look, and see if we need to sync up over skype.

G

Contributor

fearthecowboy commented May 11, 2015

@bastianeicher AWESOME!

I'm just recovering from the worst flu I've had in like forever, gimme a day or so, and we'll work on getting this into the bootstrapper list. Lemme take a look, and see if we need to sync up over skype.

G

@bastianeicher

This comment has been minimized.

Show comment
Hide comment
@bastianeicher

bastianeicher May 12, 2015

@fearthecowboy I wish you a speedy recovery.
My Skype handle is bastian.eicher. I'm in the CEST timezone, 9 hours ahead of PDT, so a good timeframe to get in touch would probably be between 8 a.m. and 1 p.m. PDT.

@fearthecowboy I wish you a speedy recovery.
My Skype handle is bastian.eicher. I'm in the CEST timezone, 9 hours ahead of PDT, so a good timeframe to get in touch would probably be between 8 a.m. and 1 p.m. PDT.

@fearthecowboy

This comment has been minimized.

Show comment
Hide comment
@fearthecowboy

fearthecowboy May 19, 2015

Contributor

@bastianeicher I finally got around to playing with the 0install provider. Pretty damn cool.

I have two requests:

  • is it possible to make an msi installer? the bootstrapper doesn't support exe installers yet.
  • provider packages need to be digitally signed before the bootstrapper can support them. (oh, wait, it's open source, right? ... If I can get an automated build set up for it, I can digitally sign it.)
Contributor

fearthecowboy commented May 19, 2015

@bastianeicher I finally got around to playing with the 0install provider. Pretty damn cool.

I have two requests:

  • is it possible to make an msi installer? the bootstrapper doesn't support exe installers yet.
  • provider packages need to be digitally signed before the bootstrapper can support them. (oh, wait, it's open source, right? ... If I can get an automated build set up for it, I can digitally sign it.)
@fearthecowboy

This comment has been minimized.

Show comment
Hide comment
@fearthecowboy

fearthecowboy May 19, 2015

Contributor

@bastianeicher couple more points of feedback -

  • You probably shouldn't bother with progress messages in find-package. It's kinda noisy, and the downloads for the metadata seem fast enough.
    • find-package with a blank name should return all the results. A lot of people use that for discovering what's available
Contributor

fearthecowboy commented May 19, 2015

@bastianeicher couple more points of feedback -

  • You probably shouldn't bother with progress messages in find-package. It's kinda noisy, and the downloads for the metadata seem fast enough.
    • find-package with a blank name should return all the results. A lot of people use that for discovering what's available
@bastianeicher

This comment has been minimized.

Show comment
Hide comment
@bastianeicher

bastianeicher May 19, 2015

@fearthecowboy

  • 0install has a self-updating feature that itself uses the 0install package format and can update both "installed" and "portable" instances of Zero Install. This would most likely conflict with Windows Installer's resiliency/self-repair feature, since it would see a self-updated instance as damaged and try to revert it. I could create an MSI that simply wraps the current EXE installer but that seems like a rather hacky solution. :(
  • Correct, it's an open-source project currently with next to no funds (e.g. for buying an Authenticode certificate). There's a build.cmd script in the Git repo that compiles the source and produces an installer and a CI server so automating the build shouldn't be a problem.
  • The provider ties into 0install's existing progress-reporting infrastructure which generally reports anything that does network IO. I suppose I could modify the provider to filter out low-impact/noisy events such as metadata retrieval.
  • Thanks for the Find-Package hint, I'll modify that.
    • I was also wondering whether the -SearchMirror option I added was sensibly named and discoverable enough. It tells the provider to query a global mirror listing all known 0install packages rather than just those in the registered package sources.

@fearthecowboy

  • 0install has a self-updating feature that itself uses the 0install package format and can update both "installed" and "portable" instances of Zero Install. This would most likely conflict with Windows Installer's resiliency/self-repair feature, since it would see a self-updated instance as damaged and try to revert it. I could create an MSI that simply wraps the current EXE installer but that seems like a rather hacky solution. :(
  • Correct, it's an open-source project currently with next to no funds (e.g. for buying an Authenticode certificate). There's a build.cmd script in the Git repo that compiles the source and produces an installer and a CI server so automating the build shouldn't be a problem.
  • The provider ties into 0install's existing progress-reporting infrastructure which generally reports anything that does network IO. I suppose I could modify the provider to filter out low-impact/noisy events such as metadata retrieval.
  • Thanks for the Find-Package hint, I'll modify that.
    • I was also wondering whether the -SearchMirror option I added was sensibly named and discoverable enough. It tells the provider to query a global mirror listing all known 0install packages rather than just those in the registered package sources.
@fearthecowboy

This comment has been minimized.

Show comment
Hide comment
@fearthecowboy

fearthecowboy May 19, 2015

Contributor

@bastianeicher

Hmm. Supporting an exe install for providers is coming, just not soon enough. I couldn't get it in before the cutoff for the win10 client.

Sadly, that MSI => EXE shim, while hacky, would allow us to get past that. I can't think of a simpler workaround in the short run. Hmmmm.

I found the -SearchMirror simply enough. I don't think you need to do anything different there.

Contributor

fearthecowboy commented May 19, 2015

@bastianeicher

Hmm. Supporting an exe install for providers is coming, just not soon enough. I couldn't get it in before the cutoff for the win10 client.

Sadly, that MSI => EXE shim, while hacky, would allow us to get past that. I can't think of a simpler workaround in the short run. Hmmmm.

I found the -SearchMirror simply enough. I don't think you need to do anything different there.

@bastianeicher

This comment has been minimized.

Show comment
Hide comment
@bastianeicher

bastianeicher May 31, 2015

@fearthecowboy

I've just released Zero Install for Windows 2.8.2 some minor bug fixes and tweaks. The build process now also generates an MSI wrapping the the EXE installer: http://0install.de/files/zero-install-per-user.msi

How do we go about creating a signed version of the MSI?

@fearthecowboy

I've just released Zero Install for Windows 2.8.2 some minor bug fixes and tweaks. The build process now also generates an MSI wrapping the the EXE installer: http://0install.de/files/zero-install-per-user.msi

How do we go about creating a signed version of the MSI?

@oising

This comment has been minimized.

Show comment
Hide comment
@oising

oising Jun 1, 2015

I see that Windows 10 ships with a DISM module. It should be renamed DISMal though. It's horridly un-powershelly.

oising commented Jun 1, 2015

I see that Windows 10 ships with a DISM module. It should be renamed DISMal though. It's horridly un-powershelly.

@bastianeicher

This comment has been minimized.

Show comment
Hide comment
@bastianeicher

bastianeicher Jun 3, 2015

@fearthecowboy

Zero Install is mostly used for adding apps to the current user profile without requiring admin privileges. Therefore, bootstrapping the per-user setup for Zero Install fits nicely.

Zero Install also supports creating entry points for all users (exposed via the -MachineWide option in the OneGet provider). This only works if the machine-wide setup for Zero Install was used instead, which installs additional stuff like a Windows service for safely sharing binaries between users.

So if a first time user runs Install-Package vlc -Provider 0install -MachineWide they'd get a somewhat suboptimal experience of having per-user Zero Install automatically installed and then being told they actually need to get a different setup instead if the want to use the machine-wide feature.

Possible solution:
Create separate 0install and 0install-Machine providers.
OneGet could bootstrap the per-user setup for 0install and the the machine-wide setup for 0install-Machine (which would include the 0install provider).

@fearthecowboy

Zero Install is mostly used for adding apps to the current user profile without requiring admin privileges. Therefore, bootstrapping the per-user setup for Zero Install fits nicely.

Zero Install also supports creating entry points for all users (exposed via the -MachineWide option in the OneGet provider). This only works if the machine-wide setup for Zero Install was used instead, which installs additional stuff like a Windows service for safely sharing binaries between users.

So if a first time user runs Install-Package vlc -Provider 0install -MachineWide they'd get a somewhat suboptimal experience of having per-user Zero Install automatically installed and then being told they actually need to get a different setup instead if the want to use the machine-wide feature.

Possible solution:
Create separate 0install and 0install-Machine providers.
OneGet could bootstrap the per-user setup for 0install and the the machine-wide setup for 0install-Machine (which would include the 0install provider).

@bastianeicher

This comment has been minimized.

Show comment
Hide comment
@bastianeicher

bastianeicher Jun 29, 2015

Is there any news regarding the bootstrap list? I'd love to see 0install added before Windows 10 RTMs. :)

Is there any news regarding the bootstrap list? I'd love to see 0install added before Windows 10 RTMs. :)

@fearthecowboy

This comment has been minimized.

Show comment
Hide comment
@fearthecowboy

fearthecowboy Jul 6, 2015

Contributor

Sorry for the delay; I've been temporarily seconded onto another project, (and all the rush up to the shipping of Win10 client has stretched my time mighty slim)

Stay tuned--we're trying to work out some details fairly shortly.

Contributor

fearthecowboy commented Jul 6, 2015

Sorry for the delay; I've been temporarily seconded onto another project, (and all the rush up to the shipping of Win10 client has stretched my time mighty slim)

Stay tuned--we're trying to work out some details fairly shortly.

@nagisa nagisa referenced this issue in rust-lang/rfcs Jul 11, 2015

Merged

RFC: Add `cargo install` #1200

@bastianeicher

This comment has been minimized.

Show comment
Hide comment
@bastianeicher

bastianeicher Aug 11, 2015

I have now acquired my own code signing certificate. The following MSIs are AuthentiCode-signed and ready for inclusion in the OneGet bootstrap list:
0install: http://0install.de/files/zero-install-per-user.msi
0install-Machine: http://0install.de/files/zero-install.msi

I have now acquired my own code signing certificate. The following MSIs are AuthentiCode-signed and ready for inclusion in the OneGet bootstrap list:
0install: http://0install.de/files/zero-install-per-user.msi
0install-Machine: http://0install.de/files/zero-install.msi

@bastianeicher

This comment has been minimized.

Show comment
Hide comment

@fearthecowboy Any news on this?

@xumins

This comment has been minimized.

Show comment
Hide comment
@xumins

xumins Sep 11, 2015

Contributor

Bastianeicher, Krishna will contact you shortly to discuss how to include your provider into the bootstrap list.

Contributor

xumins commented Sep 11, 2015

Bastianeicher, Krishna will contact you shortly to discuss how to include your provider into the bootstrap list.

@xumins

This comment has been minimized.

Show comment
Hide comment
@xumins

xumins Sep 11, 2015

Contributor

@bastianeicher , @KrishnaV-MSFT will contact you shortly.

Contributor

xumins commented Sep 11, 2015

@bastianeicher , @KrishnaV-MSFT will contact you shortly.

@dreamcat4

This comment has been minimized.

Show comment
Hide comment
@dreamcat4

dreamcat4 Sep 30, 2015

+1
Need cygwin provider for duplicity and irssi.

+1
Need cygwin provider for duplicity and irssi.

@bastianeicher

This comment has been minimized.

Show comment
Hide comment
@bastianeicher

bastianeicher Oct 2, 2015

@KrishnaV-MSFT Haven't heard from you yet. Any estimate when we could get 0install into the bootstrap list?

@KrishnaV-MSFT Haven't heard from you yet. Any estimate when we could get 0install into the bootstrap list?

@Krishna-Vutukuri

This comment has been minimized.

Show comment
Hide comment
@Krishna-Vutukuri

Krishna-Vutukuri Oct 5, 2015

Hi Bastian,

Thanks for your interest in integrating with PackageManagement provider. Given the project timelines and the number of issues we are finding in PackageManagement/OneGet core, at this point we are considering only supporting assemblies or PowerShell modules as PackageManagement providers. We discussed about this during our community meeting on 9/22. In this context, is it possible for you to change your 0install provider to be either an Assembly or a PoweShell module? If you choose PowerShell module route, you can publish it directly at https://www.powershellgallery.com/. If you choose the assembly route, we can add it to PackageManagement provider list.

We want to document this process and take feedback. But before we do that, I would like to take your inputs. Supporting MSI and other forms of PackageMangement providers is on our list, but at this point of time we want to prioritize supporting the two forms mentioned above.

Thanks
Krishna

Hi Bastian,

Thanks for your interest in integrating with PackageManagement provider. Given the project timelines and the number of issues we are finding in PackageManagement/OneGet core, at this point we are considering only supporting assemblies or PowerShell modules as PackageManagement providers. We discussed about this during our community meeting on 9/22. In this context, is it possible for you to change your 0install provider to be either an Assembly or a PoweShell module? If you choose PowerShell module route, you can publish it directly at https://www.powershellgallery.com/. If you choose the assembly route, we can add it to PackageManagement provider list.

We want to document this process and take feedback. But before we do that, I would like to take your inputs. Supporting MSI and other forms of PackageMangement providers is on our list, but at this point of time we want to prioritize supporting the two forms mentioned above.

Thanks
Krishna

@bastianeicher

This comment has been minimized.

Show comment
Hide comment
@bastianeicher

bastianeicher Oct 6, 2015

Hi Krishna,

Zero Install uses a concept somewhat similar to Windows Installer's advertised shortcuts. Launching an application that was "installed" using Zero Install always goes through 0install.exe first which performs tasks such as download-on-demand and dependency injection.

So while I could redesign the 0install OneGet Provider to be a standalone assembly anything it installed would not work unless a "regular" installation of Zero Install was also present on the system.

One possibility I see is to implement the provider as a standalone assembly that installs the rest of Zero Install on first use. Would this approach be fine for you?

Regards
Bastian

Hi Krishna,

Zero Install uses a concept somewhat similar to Windows Installer's advertised shortcuts. Launching an application that was "installed" using Zero Install always goes through 0install.exe first which performs tasks such as download-on-demand and dependency injection.

So while I could redesign the 0install OneGet Provider to be a standalone assembly anything it installed would not work unless a "regular" installation of Zero Install was also present on the system.

One possibility I see is to implement the provider as a standalone assembly that installs the rest of Zero Install on first use. Would this approach be fine for you?

Regards
Bastian

@bastianeicher

This comment has been minimized.

Show comment
Hide comment
@bastianeicher

bastianeicher Oct 12, 2015

@KrishnaV-MSFT Would a single-assembly package provider that installs additional components on first use be accepted into the bootstrap list?

@KrishnaV-MSFT Would a single-assembly package provider that installs additional components on first use be accepted into the bootstrap list?

@Krishna-Vutukuri

This comment has been minimized.

Show comment
Hide comment
@Krishna-Vutukuri

Krishna-Vutukuri Oct 14, 2015

Thanks Bastian. That should work.

Thanks Bastian. That should work.

@Jaykul

This comment has been minimized.

Show comment
Hide comment
@Jaykul

Jaykul Oct 25, 2015

Thanks for your interest in integrating with PackageManagement provider. Given the project timelines and the number of issues we are finding in PackageManagement/OneGet core, at this point we are considering only supporting assemblies or PowerShell modules as PackageManagement providers.

This doesn't make sense to me -- what about NuGet?

Jaykul commented Oct 25, 2015

Thanks for your interest in integrating with PackageManagement provider. Given the project timelines and the number of issues we are finding in PackageManagement/OneGet core, at this point we are considering only supporting assemblies or PowerShell modules as PackageManagement providers.

This doesn't make sense to me -- what about NuGet?

@mwrock

This comment has been minimized.

Show comment
Hide comment
@mwrock

mwrock Oct 25, 2015

I interpreted this as "Assemblies" == NuGet. Not sure if that's a correct interpretation.

mwrock commented Oct 25, 2015

I interpreted this as "Assemblies" == NuGet. Not sure if that's a correct interpretation.

@bastianeicher

This comment has been minimized.

Show comment
Hide comment
@bastianeicher

bastianeicher Oct 25, 2015

As far is I understand it, the issue is how OneGet acquires new providers for specific package managers on-demand (bootstrapping). The original design supported two variants:

  1. Providers that consist of a single assembly (.NET DLL or EXE) that simply get downloaded to a well-known location and are then ready to use.
  2. MSI or EXE installer that gets downloaded and executed by OneGet to install a provider assembly along with additional support stuff it needs.
    Variant 2 is being put on ice for now.

As far is I understand it, the issue is how OneGet acquires new providers for specific package managers on-demand (bootstrapping). The original design supported two variants:

  1. Providers that consist of a single assembly (.NET DLL or EXE) that simply get downloaded to a well-known location and are then ready to use.
  2. MSI or EXE installer that gets downloaded and executed by OneGet to install a provider assembly along with additional support stuff it needs.
    Variant 2 is being put on ice for now.
@rismoney

This comment has been minimized.

Show comment
Hide comment
@rismoney

rismoney Oct 25, 2015

Set-Alias Half-Get One-Get

Set-Alias Half-Get One-Get

@Jaykul

This comment has been minimized.

Show comment
Hide comment
@Jaykul

Jaykul Oct 26, 2015

Yeah, ok, my point was that Nuget is an executable.

I guess if you consider nuget.exe the provider, then we need documentation of how to write an exe provider (I was assuming that the provider had to be implemented on top of nuget.exe)

Jaykul commented Oct 26, 2015

Yeah, ok, my point was that Nuget is an executable.

I guess if you consider nuget.exe the provider, then we need documentation of how to write an exe provider (I was assuming that the provider had to be implemented on top of nuget.exe)

@bastianeicher

This comment has been minimized.

Show comment
Hide comment
@bastianeicher

bastianeicher Oct 26, 2015

The NuGet provider seems to be a little sneaky in that regard: Although it is an EXE OneGet still loads it like a DLL and searches for a class that implements its provider contract. It does not actually "execute" the EXE.

Please note this is all based on what I saw in OneGet builds a few months ago. This may well have changed in the meantime.

The NuGet provider seems to be a little sneaky in that regard: Although it is an EXE OneGet still loads it like a DLL and searches for a class that implements its provider contract. It does not actually "execute" the EXE.

Please note this is all based on what I saw in OneGet builds a few months ago. This may well have changed in the meantime.

@jianyunt

This comment has been minimized.

Show comment
Hide comment
@jianyunt

jianyunt Oct 26, 2015

Contributor

Yeah, we made some changes. The new version of Nuget provider is .dll. Check out the source code https://github.com/OneGet/NuGetProvider. It runs on Nano server and full server.

Contributor

jianyunt commented Oct 26, 2015

Yeah, we made some changes. The new version of Nuget provider is .dll. Check out the source code https://github.com/OneGet/NuGetProvider. It runs on Nano server and full server.

@jianyunt

This comment has been minimized.

Show comment
Hide comment
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment