Create a first-class deb WORKSPACE rule

[dlorenc]

This rule should make it easier for users to depend on debs from package repositories without needing to use http_file.

For UX, we should consider something like:

deb_package(
  name = 'openssl',
  version = '1.0.1f-1ubuntu2.22'
)

How should the apt sources fit in here though? Maybe we could add a list of those to the deb_package rule, or create another type of rule to reference apt sources, and depend on those in dep_package?

[dlorenc]

cc @mattmoor @r2d4 wdyt?

[mattmoor]

I think that we'll want two rules:

   deb_mirror(
       name = "blah",
       url = "https://...",
       # Forget what these are called off the top of my head :)
       foo = "main",
       bar = "jessie",
   )

   deb_pkg(
      name = "openssl",
      mirror = ":blah",
      version = "...",
   )

Alternately we could specify the channel in the rules, but I think this provides a nice way of sharing the deb source. WDYT?

[r2d4]

Just looking that travis rules we recently added, maybe we want to expose something similar?

https://docs.travis-ci.com/user/installing-dependencies/#Installing-Packages-on-Container-Based-Infrastructure

Maybe a top level

deb(
    sources = ["trusty"],
    packages = [
        "gcc-4.8",
        "...",
    ],
)

[mattmoor]

@r2d4 Fixed?

[dlorenc]

I think there's a bit more work around SHA/checksum validation, but that could be a separate issue.

[r2d4]

Closing, there's still a bit more work to be done around UX and validation, but I think this issue can be closed because the rules are in a usable state.