Build setup of 1.11.0, use of npm #10253
Comments
|
I could see the option of having a separate download for a I do have to wonder if there are more general solutions to this problem. We do use |
|
However, not all go modules are vendored. As much as we can include the generated js and css files, I think network access is still required to resolve go dependencies. How was that resolved in previous versions? |
As far as I'm aware, all Go module dependencies are vendored, at least up to 1.10.3. |
|
True, go modules are included. We could indeed publish node_modules to download folder beside gitea binaries. That could also speedup our own builds with this plugin and s3 configuration: http://plugins.drone.io/meltwater/drone-cache/ |
|
Go modules are vendored currently, but I think the plan is to eventually un-vendor them (Go 1.14 or later), so they too would then need a solution for a "offline" build. |
|
We can cache them to Gitea dl s3 also then |
|
We can add a sub directory |
|
I started earlier #9733 it need to be changed to only update cache on master or version branch to limit cache poisonning. |
|
Same problem in openSUSE. And please, don't stop to include this modules. |
|
Vendoring I still wonder why distributions need their build systems to be offline. |
|
Maybe a .tar.gz (for each tag) of source code with vendor inside (go and node) is good for you ? This way the build is reproducible from those archive. |
|
I just checked what Kibana (who is also a heavy node modules user): They don't have So I think we just need to update the release process to create a source tarball with modules included. One has to keep in mind that they can be platform-specific when native node.js modules are present, but luckily we don't really have any of those (besides the optional fsevents on macOS), so our node_modules should be generally portable. |
|
Including the modules in the release source tarballs would be perfect! |
Reproducibility. |
lunny
added
the
topic/build
|
You should be able to download the archive for the last commit on 1.11 branch on https://dl.gitea.io/gitea/1.11/gitea-src-1.11.tar.gz The next release 1.11.1 should be released when tagged at the url https://dl.gitea.io/gitea/1.11.1/gitea-src-1.11.1.tar.gz You can use the signature and the hash that is distributed along the archive. |
|
The CSS and JS builds are also kept inside the public folder so you can skip the nodejs part if you want. |
|
Gave it a try, There is one minor issues with a error "fatal: not a git repository (or any of the parent directories): .git" seen because the Makefile calls I'm also thinking we should probably add a explicit |
|
Or we could create a version file before create source tar file. And makefile could read version from the file before read from git. The version file could also tell user which version is the gitea source. |
|
I removed |
|
I'd just parse the version from git, write it to |
|
I think we should write the version number to a temporary file and ship the sources with that. Then use a |
|
The primary reason for a |
|
Please reopen this issue. It will be properly resolved once #10325 is landed and backported to 1.11. |
|
I'm also hating nodejs dependency, it really sucks, when main reason to follow Gitea (Gogs, actually, when I started) was the niceties of only needing "go" compiler. Please save us from nodejs, what is it needed for, again ? |
|
The released source tarballs will be able to build without Node.js using a special
For webpack, which currently handles JS transpilation and lazy-loading, CSS preprocessing and SVG bundling. Modern frontend development would simply not be possible without it. |
* Add frontend/backend make targets, fix source release - Add 'make backend' and 'make frontend' make targets which are used to build go and js/css/svg files respectively. - The 'backend' target can be invoked without requiring Node.js to be present on the system if pre-built frontend assets are present like in the release source tarballs. - Fix source releases missing 'dist' folders inside 'node_modules' which were erronously excluded from tar. - Store VERSION in file VERSION for the release tarballs and prefer that file over git-derived version. * fix release task * fix typo * fix another typo Fixes: go-gitea#10253
* Add frontend/backend make targets, fix source release - Add 'make backend' and 'make frontend' make targets which are used to build go and js/css/svg files respectively. - The 'backend' target can be invoked without requiring Node.js to be present on the system if pre-built frontend assets are present like in the release source tarballs. - Fix source releases missing 'dist' folders inside 'node_modules' which were erronously excluded from tar. - Store VERSION in file VERSION for the release tarballs and prefer that file over git-derived version. * fix release task * fix typo * fix another typo Fixes: #10253
|
In the next minor 1.11 release, you will be able to use the |
Updates `gitea` to the latest version available[1]. Also ensured that upgrading from `gitea-1.9` (used on NixOS 19.09) to `1.11.3` works seamlessly. The derivation required a few more changes this time since `gitea` uses `npm` now to build the frontend[2]. When using the default tarball from GitHub, we'd have to build the frontend manually. By fetching a custom tarball published on every release, we get a prebuilt frontend (as it was the case on previous versions) and build the backend only from source. Co-authored-by: kolaente <k@knt.li> Closes #80175 [1] https://github.com/go-gitea/gitea/releases/tag/v1.11.3 [2] go-gitea/gitea#10253
Updates `gitea` to the latest version available[1]. Also ensured that upgrading from `gitea-1.9` (used on NixOS 19.09) to `1.11.3` works seamlessly. The derivation required a few more changes this time since `gitea` uses `npm` now to build the frontend[2]. When using the default tarball from GitHub, we'd have to build the frontend manually. By fetching a custom tarball published on every release, we get a prebuilt frontend (as it was the case on previous versions) and build the backend only from source. Co-authored-by: kolaente <k@knt.li> Closes #80175 [1] https://github.com/go-gitea/gitea/releases/tag/v1.11.3 [2] go-gitea/gitea#10253 (cherry picked from commit cbceee8)
Description
I'm the maintainer for the FreeBSD port of Gitea, allowing FreeBSD users to simply
pkg install gitea.It seems that with 1.11.0, the CSS and JS files are not included pre-built in the repo anymore, but are built during the Gitea build process, requiring the use of
npm install, including network access to download almost a thousand node modules.The FreeBSD package build system does not allow network access during the build phase; all required files need to be downloaded first using a build-system specific download mechanism from pre-recorded URLs. Among other aspects, this allows the build system to verify cryptographic checksums on files downloaded from potentially unreliable mirrors for source packages.
The FreeBSD ports/package system currently contains no provisions to handle
npm installas part of a package build.This means that with the current state, no FreeBSD package of Gitea 1.11.0 can be produced.
Would you consider adding
./node_modulesto the source archive for releases, or provide a single file archive for download of it (matching the release), so that the necessary node modules can be made available to package builds without the necessity to runnpm install? I don't think it's necessary to add the directory to the Git repo, only make it part of the release tar.gz. I see this as similar to the vendoring of Go modules.I have a suspicion that other OS/distributions might have similar restrictions on files that are used during package builds.
The text was updated successfully, but these errors were encountered: