-
Notifications
You must be signed in to change notification settings - Fork 0
HykuAddons: Dependency Management
HykuAddons employs a number of Gems to bring in dependencies:
- hyku_addon/Gemfile
- hyku_addon/hyku_addon.gemspec
- hyku_addon/spec/internal_test_hyku/Gemfile
- advancinghyku-utils/gemfile.plugins
These service difference purposes depending on context.
The Gemfile for the project is uses for local development and actions performed within the application directory, rails g, rake etc.
Used in the context of the gem and for bundler build dependencies when installing as a gem. Any application using HA, now uses these dependencies as well.
Included into the hyku_addons/Gemfile when the application is started, brings all upstream dependencies.
Uses internally for production builds within the deployment pipeline. Takes precedence over the other files mentioned, so if you pin a version in this file, you can prevent the application using an updated version of the gem.
An example is the hyku-api gem that was pinned to a version before a breaking change, which was in active development, was pushed.
gem 'hyku-api', git: 'https://github.com/ubiquitypress/hyku-api', ref: 'd7cd47d396a6f3695188001bb3447ad97e766124'Using tagged releases would obviously solve the need for this, but at the time this was not possible.
To enable updates to a pinned gem, like hyku-api shown above, simply reset it to track main and then bundle update gem-name from within the hyku_addons application.
In order to build the hyku_addons application, the hyku_base (currently a fork of hyku 2.x branch) is checked out and the gemfile.plugins file is copied into the Gemfile. Without this extra step, production environments would not have access to rake/rails generators and tasks - which is apparently a Rails quirk that no one properly understands. This also means that gems can be pinned to versions, which isn't possible within a gemspec file, which enforces only rubygems references are used.
The gemfile.lock from hyku_addons is copied into the hyku_base project to override their default Gemfile.lock - this solved an issue where by bundler wasn't able to compute builds correctly and wasn't pulling latest versions.