Hermit - uniform tooling for Linux and Mac

Related tags

Command Line hermit
Overview
Hermit

Hermit - uniform tooling for Linux and Mac CI Slack chat

Hermit installs tools for software projects in self-contained, isolated sets, so your team, your contributors, and your CI have the same consistent tooling.

See https://cashapp.github.io/hermit for full documentation.

hermit intro screen cast


Copyright 2021 Square, Inc.

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Issues
  • Shell hooks are not installed when running `zsh --login`

    Shell hooks are not installed when running `zsh --login`

    I found this issue working with Hermit in VS Code. When we launch VS Code from a hermit-activated environment/shell, it fails to set the PATH correctly for the underlying terminal:

    source ./bin/activate-hermit
    echo $HERMIT_ENV                       # /path/to/my/repo
    which python3                          # /path/to/my/repo/bin/python3
    

    Which tells me that the environment is activated successfully, however, if I open a VS Code instance from that terminal:

    code /path/to/my/repo
    

    And try to use the integrated terminal:

    echo $HERMIT_ENV                       # /path/to/my/repo
    which python3                          # /usr/bin/python3
    

    Which means that HERMIT_ENV is propagated, but PATH is not propagated correctly. To fix this, I have to activate it again from the integrated terminal, even though it is using zsh, which has the right hermit shell-hooks in .zshrc:

    source ./bin/activate-hermit
    
    This Hermit environment has already been activated. Skipping
    

    I then get this confusing message, however, the shell is configured correctly now:

    which python3                          # /path/to/my/repo/bin/python3
    

    I wonder if there is a better way to detect this better than using HERMIT_ENV. We can either:

    1. fix this for integrated terminals, so that PATH is propagated correctly.
    2. Detect that the shell is not truly configured, and update error message accourdingly.
    opened by OmarTawfik 17
  • split commands.go into multiple files

    split commands.go into multiple files

    commands.go was looking increasingly large. I broke it into separate files and it's own package to keep things tidy.

    Note that some small commands (noop, version) I left behind just because they were small and more... operational).

    Also a caveat is that app/commands/ does not have access to Config, so I had to work around that by binding the http client and the env vars. I'm open to better ideas there..

    Added a little something to the makefile, in case it eventually gets bigger. Looks like this: Screen Shot 2021-09-16 at 5 39 44 PM )

    opened by mihai-chiorean 13
  • Verify installer script checksum when bootstrapping

    Verify installer script checksum when bootstrapping

    We verify the downloaded install script's SHA-256 value against a known checksum in bin/hermit. This ensures the integrity of the installer when bootstrapping hermit.

    We version (via file name suffix) the install script by the script's short hash value, so that an install script can be uniquely identified by its version / file name. The corresponding bin/hermit is generated with hermit init for a project.

    Note that an install script's version" is unrelated to the version of the hermit executable.

    opened by syncom 5
  • fix: use the right installer URL for the canary channel

    fix: use the right installer URL for the canary channel

    • We make changes for the generated bin/hermit to correctly identity the download URL for the canary channel. This part was overlooked in an earlier implementation.
    • The InstallScriptSHAs map is manually populated for the "canary" and "stable" channels, respectively, in env.go.
    • Update ScriptSHAs for the updated bin/hermit scripts, for "canary" and "stable" channels.
    • Add InstallerSHA256Sums map to the Config struct of the main Hermit app.
    • Update GHA CI step for sanity check of SHA256 sums of install script.
    • Fix a buggy integration test.
    opened by syncom 5
  • Hermit shell hooks emits error

    Hermit shell hooks emits error

    When I use hermit's shellhooks in zsh, in a hermit enabled repo, I get the following error at the end of every single command I run.

    fatal:hermit: /Users/yunchi/Projects/bork/bin/hermit has an unknown SHA256 signature (9413f2347c5f70e6a004e62b7faac99d3bb1666f86451ed1f6e05a679e3bc27c); verify that you trust this environment and run 'hermit init /Users/yunchi/Projects/bork'
    

    This doesn't happen if I disable the shell hook and activate hermit manually.

    opened by mightyguava 5
  • Fix infinite ETag check loop if DB is missing.

    Fix infinite ETag check loop if DB is missing.

    If the hermit DB is deleted, executing binaries from any existing packages would result in an ETag check on each invocation.

    I think this behaviour is okay, but it's also not clear to me why the original behaviour was desirable?

    opened by alecthomas 5
  • feat: prefix sort search results

    feat: prefix sort search results

    Users likely expect to receive prefix matches first. Motivating example is python3 vs gpython when searching for Python.

    Minimal example:

    > hermit search test
    test (@1, @1.0, @latest, 1.0.0)
    attest (@1, @1.0, @latest, 1.0.0)
    untested (@1, @1.0, @latest, 1.0.0)
    

    In live, it would return attest first.

    Note -- the test doesn't work, not sure why the output is not being collected by the buffer :(

    opened by stillmatic 4
  • refactor: switch to a file-based DAO

    refactor: switch to a file-based DAO

    We're doing this because BoltDB has caused some Hermit binaries to time out due to lock contention at high (>32) concurrency.

    Removed "UsedAt" and consequently GC as we believe that "gc" is very rarely used and updating usage time could be quite costly.

    opened by alecthomas 4
  • feat: add json format to list and search

    feat: add json format to list and search

    This PR let list and search command able to print out Machine readable JSON output.

    Also creates JSONFormattable flag shared among info, list, and search command.

    opened by lyonlai 3
  • Add hermit subcommand gen-installer

    Add hermit subcommand gen-installer

    Add hermit gen-installer subcommand. It prints the SHA-256 digest of the generated installer script to stdout.

    Use hermit gen-installer to generate installer script

    We also perform a cross-check in CI to make sure cmd/geninstaller and hermit gen-installer produce identical installer scripts.

    opened by syncom 3
  • Normalise environment variable substitution

    Normalise environment variable substitution

    One code path would setup environment variable overrides in the order of: (later beats earlier)

    1. Packages
    2. PATH
    3. HERMIT_BIN / HERMIT_ENV
    4. The local hermit.hcl
    5. Command-line parameters

    And another would do it in order of:

    1. Packages
    2. The local hermit.hcl
    3. PATH
    4. Runtime dependencies
    5. HERMIT_BIN / HERMIT_ENV
    6. Command-line parameters

    This refactor refactors to a single codepath in the order of:

    1. PATH / HERMIT_BIN / HERMIT_ENV (now inseparable)
    2. Runtime dependencies
    3. Packages
    4. The local hermit.hcl
    5. Command-line parameters

    A test is attached. A better test would define the priority order of these overrides … but that's for a better person than me.

    opened by quad 3
  • `hermit install` in nested hermit setup didn't include files in git after the command

    `hermit install` in nested hermit setup didn't include files in git after the command

    nested setup:

    1. bin/hermit in root folder
    2. gradle-plugin/bin/hermit as a nested setup

    when doing hermit install in gradle-plugin folder, files weren't added to git after.

    image

    opened by lyonlai 0
  • Improve error messaging when package is missing

    Improve error messaging when package is missing

    fatal:hermit: https://github.com/cashapp/hermit-packages.git/cashcache.hcl: no version cashcache-0.0.38 found in versions (cashcache-0.0.18, cashcache-0.0.21, cashcache-0.0.23, cashcache-0.0.25, cashcache-0.0.27, cashcache-0.0.28, cashcache-0.0.29, cashcache-0.0.30, cashcache-0.0.31, cashcache-0.0.32, cashcache-0.0.34, cashcache-0.0.35, cashcache-0.0.36) or channels ([email protected], [email protected], [email protected]): unknown package
    

    Add `, try "hermit update"?

    opened by alecthomas 0
  • sources git URL not supporting tags

    sources git URL not supporting tags

    The bin/hermit.hcl sources variable is not supporting repo tags. Example: sources = ["https://gitlab.com/onis-oss/hermit-packages.git#onis-oss"]

    Results in this error: fatal:hermit: /home/rolandknight/git/gitlab.com/onis-oss/tlc/sandbox/bin/hermit.hcl: unsupported source "https://gitlab.com/onis-oss/hermit-packages.git#onis-oss"

    opened by rolandknight 3
  • Hermit fails to infer OS when 'osx' is used as the OS

    Hermit fails to infer OS when 'osx' is used as the OS

    $ hermit manifest create https://github.com/github/gh-ost/releases/download/v1.1.4/gh-ost-binary-osx-amd64-20220225143506.tar.gz
    fatal:hermit: https://github.com/github/gh-ost/releases/download/v1.1.4/gh-ost-binary-osx-amd64-20220225143506.tar.gz: could not infer OS
    

    osx seems like a perfectly cromulent OS to infer, but it looks like the code only recognizes darwin or linux

    opened by staktrace 0
  • Support version locking a la npm

    Support version locking a la npm

    @lyonlai had an interesting suggestion of being able to lock specific packages to a version range. The idea being that you could then just type hermit upgrade and everything would be upgraded within the specified constraints. It could be similar to npm's approach, but encoded in the symlink chain. eg.

    hermit install openjdk~17.0.2
    

    (note the tilde) would allow patch level upgrades automatically, but not minor version upgrades

    This could be encoded in the symlink chain as you would expect

    javac -> .openjdk~17.0.2.pkg -> hermit
    
    opened by alecthomas 0
Releases(v0.25.0)
CLI to support with downloading and compiling terraform providers for Mac with M1 chip

m1-terraform-provider-helper A CLI to help with managing the installation and compilation of terraform providers when running a new M1 Mac. Motivation

kreuzwerker GmbH 170 Jun 23, 2022
Termial remote (mac) for Sony Bravia TV

Sony Bravia terminal remote Environment variables HOST: [....] PSK: [....] Configure the Bravia TV Todo: Scan network for a Bravia device Move and git

Emil 1 Nov 26, 2021
Service for read & update MAC OUI list

manufacturer-parser Service written on Golang to get actual MAC OUI list from here and store to MongoDB. Needed for dealt with actual list in Wimark O

WiMark Systems 0 Dec 29, 2021
Oui - MAC Address CLI Toolkit

oui MAC Address CLI Toolkit Installation macOS $ brew tap thatmattlove/oui $ bre

Matt Love 25 May 16, 2022
A twitch focused command line tool for producing, archiving and managing live stream content. Built for Linux.

twinx is a live-streaming command line tool for Linux. It connects streaming services (like Twitch, OBS and YouTube) together via a common title and description.

Kris Nóva 23 May 27, 2022
Command-line tool to customize the official Spotify client. Supports Windows, MacOS and Linux.

Command-line tool to customize the official Spotify client. Supports Windows, MacOS and Linux. Features Change colors whole UI Inject CSS for advanced

null 11.6k Jun 26, 2022
Runc: a CLI tool for spawning and running containers on Linux according to the OCI specification

runc Introduction runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. This repo contains a lightly mod

Brian 0 Dec 16, 2021
Alpie - A CLI tool for imaging and configuring Alpine Linux installs on Raspberry Pis

Alpie Alpie is a CLI tool aimed at making imaging and customizing installs of Al

George Bolmida 1 Jan 22, 2022
Alpie - A CLI tool for imaging and configuring Alpine Linux installs on Raspberry Pis

Alpie is a CLI tool aimed at making imaging and customizing installs of Alpine Linux onto Raspberry Pis simpler.

George Bolmida 1 Jan 22, 2022
progress_bar creates a single customizable progress bar for Linux terminal.

progress_bar Go Progress Bar Features progress_bar creates a single customizable progress bar for Linux terminal. Installation go get -u github.com/er

erman imer 126 Jan 14, 2022
gif effects CLI. single binary, no dependencies. linux, osx, windows.

yeetgif Composable GIF effects CLI, with reasonable defaults. Made for custom Slack/Discord emoji :) Get it Alternative 1: go get Alternative 2: just

Sergey Grebenshchikov 520 Jun 19, 2022
1Pass - 1Password Linux CLI explorer

1Pass is a command line application that allows to explore 1Password OPVault format. Application was created because there is no official 1Password desktop client for Linux users.

Maciej Bedra 6 Nov 5, 2021
Go package for running Linux distributed shell commands via SSH.

Go package for running Linux distributed shell commands via SSH.

Disco 143 May 24, 2022
A tool to enumerate all the command-line arguments used to start a Linux process written in Go.

ranwith A tool to enumerate all the command-line arguments used to start a Linux process written in Go. ranwith uses the Linux /proc directory to obta

Alexis Rodriguez 2 Mar 28, 2022
MimixBox - mimic BusyBox on Linux

MimixBox - mimic BusyBox on Linux MimixBox has many Unix commands in the single binary like BusyBox. However, mimixbox aim for the different uses from

Nao1215 21 Jun 23, 2022
Tool for containerized command line environments on Linux

Tool for containerized command line environments on Linux

Containers 1.4k Jun 20, 2022
ets2-dlc-repacker is a Windows / Linux / MacOS CLI util to automatically repack older DLC archives for compatibility with newer versions.

ets2-dlc-repacker is a Windows / Linux / MacOS CLI util to automatically repack older DLC archives for compatibility with newer versions.

Daniel 0 Dec 26, 2021
Clipsync: a high performance clipboard sharing application for linux

clipsync: Clipboard sync Clipsync is a high performance clipboard sharing applic

Zachary Huff 2 Jun 22, 2022
Jsos - A operating system that runs system-level javascript, based on the Linux kernel

JsOS ?? An linux-based operating system that runs Javascript code at the system-

Theo Paris 1 Mar 8, 2022