Fork me on GitHub
#babashka
<
2021-05-03
>
borkdude07:05:08

I've decided to just keep it the way it is. Although this is an oversight, people may already rely on it. If they want to make their code portable with JVM Clojure it's an easy fix.

Karol Wójcik09:05:20

Babashka is awesome!! Quick rationale why:

👏 9
Karol Wójcik10:05:38

@borkdude Can I somehow analyze script and tell which dependencies should be added to the classpath?

Karol Wójcik10:05:47

Let me maybe explain it a little bit. I've got following babashka runtime layer. https://github.com/FieryCod/holy-lambda/tree/master/modules/holy-lambda-babashka-layer With build in classpath:

src:/opt/.m2/io/github/FieryCod/holy-lambda/0.1.45/holy-lambda-0.1.45.jar:/opt/.m2/io/github/FieryCod/holy-lambda-babashka-shim/0.1.38/holy-lambda-babashka-shim-0.1.38.jar:/opt/.m2/org/clojure/clojure/1.10.3/clojure-1.10.3.jar:/opt/.m2/com/amazonaws/aws-lambda-java-core/1.2.1/aws-lambda-java-core-1.2.1.jar:/opt/.m2/io/github/FieryCod/holy-lambda-default-retriever/0.0.5/holy-lambda-default-retriever-0.0.5.jar:/opt/.m2/metosin/jsonista/0.3.2/jsonista-0.3.2.jar:/opt/.m2/org/clojure/core.specs.alpha/0.2.56/core.specs.alpha-0.2.56.jar:/opt/.m2/org/clojure/spec.alpha/0.2.194/spec.alpha-0.2.194.jar:/opt/.m2/com/fasterxml/jackson/core/jackson-core/2.12.2/jackson-core-2.12.2.jar:/opt/.m2/com/fasterxml/jackson/core/jackson-databind/2.12.2/jackson-databind-2.12.2.jar:/opt/.m2/com/fasterxml/jackson/datatype/jackson-datatype-jsr310/2.12.2/jackson-datatype-jsr310-2.12.2.jar:/opt/.m2/com/fasterxml/jackson/core/jackson-annotations/2.12.2/jackson-annotations-2.12.2.jar
/var/task/src:/var/task/.m2:/var/task:/var/task/src/clj:/var/task/src/cljc:src/cljc:src/clj:/var/task/resources
It works well with default dependencies, but when the user includes any other dependencies then classpath does not cover it.

borkdude10:05:56

@UJ1339K2B Users can add dependencies to bb.edn or via babashka.deps/add-deps, or via babashka.classpath/add-classpath

Karol Wójcik11:05:26

@borkdude But can they use regular stuartsierra.component if its already provided in classpath?

borkdude11:05:52

they should, I think, yes

Karol Wójcik13:05:33

Last question. How add-deps know where to write deps?

borkdude13:05:55

add-deps doesn't write

borkdude13:05:11

it only adds deps in memory

Karol Wójcik13:05:23

The thing is that I'm adding all .jars which are in Lambda context to BABASHKA_CLASSPATH, so no add-deps in needed. Unfortunetely when one use add-deps then getting download

Karol Wójcik13:05:40

I suspect that there is some environment variable for it as well

borkdude13:05:36

This is using deps.clj so same as before, it downloads to your .m2 or mvn/local-repo

borkdude13:05:02

But I think you can recommend people to just use bb.edn if you are going to use your framework

Karol Wójcik13:05:34

There is no bb.edn in Lambda context. Just pure sources

Karol Wójcik13:05:50

So I cannot set :mvn/local-repo

borkdude13:05:49

yeah, but you can get their deps before you make the lambda right?

borkdude13:05:55

if they are in bb.edn

Karol Wójcik13:05:29

I'm taking deps from both bb.edn and deps.edn

borkdude13:05:46

so then it's good?

Karol Wójcik13:05:58

I think so. The only issue is that in lambda context someone may call add-deps and the artifact is being downloaded. I'm missing some environment variable probably 😄 No more questions. 😄

borkdude10:05:37

Hey, just launched this site: https://babashka.org/ Let me know what you think

❤️ 24
babashka 3
Karol Wójcik10:05:18

Love the font!

Karol Wójcik10:05:36

Looks weird on phone though

borkdude10:05:06

@UJ1339K2B Can you try again on the phone? I think I messed something up

Karol Wójcik10:05:13

Both on emulator and real device

borkdude10:05:39

ok, I will ask the person who designed the site to take a look

fnumatic13:05:02

ah, tailwindcss. https://github.com/green-coder/girouette and babashka would be a good match.

ambrosebs03:05:00

brilliant, looks great

mike_ananev13:05:10

@borkdude is there any way to set PKI certs or disable SSL in babashka? I started bb in corporate network under Windows 10 (w/o WSL) and got following error

borkdude13:05:01

But you could perhaps download the tools jar manually and put it in the expected location

mike_ananev13:05:03

In java we add certificates in trusted JKS to avoid this problem. But in babashka it is not clear, what JKS or truststores are used during SSL handshakes? I'll try to download them manually, but afraid that other deps of my project should be downloaded too.

borkdude13:05:50

AFAIK it uses the same stuff as Java

borkdude13:05:27

Not sure how exactly this works with graalvm

mike_ananev14:05:34

I think here plays role what cacerts are used during bb binary compilation. But in our corporate network we use our own certs which are absent in cacerts.

mike_ananev14:05:47

I have bb.exe (binary) that has no connection with GraalVM.

borkdude14:05:21

@mike1452 I found something here: https://www.jetdrone.xyz/2019/04/16/Full-SSL-Trust-in-Native-Images.html

./dad-jokes \
  -Djavax.net.ssl.trustStore=./cacerts \
  -Djavax.net.ssl.trustAnchors=./cacerts

borkdude14:05:35

This suggests you can set the Java property to point at your certificates

borkdude14:05:34

(yes, you can set java properties this way with bb too)

mike_ananev14:05:00

Thank you! I'll try it

mike_ananev15:05:36

These options has no effect for me. Babashka not using them. It seems, that in corporate networks, without option for disabling SSL certificate check babashka.tasks/clojure cannot download deps.

mike_ananev15:05:04

I'll try to copy .m2 manually

borkdude15:05:21

@mike1452 Can you reproduce that by trying to download with a JVM?

mike_ananev15:05:36

yeah, i'll try

borkdude15:05:57

@mike1452 you can reproduce this with pure java by using this uberjar: https://github.com/borkdude/deps.clj/releases/download/v0.0.14/deps.clj-0.0.14-standalone.jar and running it with java -jar ...

borkdude15:05:15

and java -.ssl.... -jar ...

borkdude15:05:53

or heck, I guess you could even use the babashka uberjar, but that requires Java 11

borkdude15:05:58

not sure which java you are using

mike_ananev15:05:00

I can use java 8 or 11

borkdude16:05:19

does it help if you put ./cacerts or .\cacerts ?

borkdude16:05:42

and you can please put long output in a gist/pastebin?

mike_ananev16:05:46

i'm under vpn right now. corporate policy blocks pastebin for me during vpn session. 😂

borkdude16:05:38

Slack also allows uploading snippets as files :)

borkdude16:05:59

alternatively you can try a full path, like here: https://stackoverflow.com/a/2645939/6264

borkdude16:05:37

@mike1452 Locally I am trying this now too. It seems to not work

borkdude16:05:16

@mike1452 would it help in any way if curl downloaded the jar?

borkdude16:05:18

I guess downloading deps would still need a certificate, but maybe it works. Can you please test this by downloading the tools jar to your system manually and test if it can download a dependency afterwards?

borkdude16:05:19

So follow these "instructions":

Could not find /Users/borkdude/.deps.clj/1.10.3.822/ClojureTools/clojure-tools-1.10.3.822.jar
Attempting download from 
Download the zip, unzip it and place the jar in the expected location. And then try to run bb and see if it can download deps.

mike_ananev19:05:31

@borkdude thank you for your help. I think my situation a bit harder. I suppose our corporate network has inspecting proxy like Bluecoat or other. So, PKI certs are dynamic for proxy pool and add them to cacerts file has no effect. I will try to use curl but, I think, right solution would be to get access to our corporate Nexus mirror and download deps from there. Does deps.clj has functionality to download deps from local Nexus with login/pass credentials?

borkdude19:05:51

@mike1452 I am trying to communicate a few times that the tools.jar is not the same as downloading deps.

borkdude19:05:19

The tools jar is not a dependency (in the usual sense). It is the program that will download the dependencies. It contains tools.deps.alpha. So bb first needs that jar in a certain place so it can execute it.

borkdude19:05:18

So first take care of that, then try again. And after that we can take a look at dependency downloading. These are two separate things. If you manage to download the tools.jar using curl, that is 50% of the solution. The other 50% we have to look at separately.

borkdude19:05:05

but if you have a proxy that you are allowed to download through, then the above settings will apply to both parts of the solution

mike_ananev20:05:21

I have corporate Nexus with clojars mirror and maven central. Unfortunately it requires authentication. I cannot find does deps.clj supports settigns.xml or not? settings.xml contains urls and credentials for private mirrors. Also I think https://clojure.atlassian.net/browse/TDEPS-177 may affect to my case.

borkdude20:05:56

@mike1452 It says: > April 22, 2021, 8:26 PM > Applied for next release

mike_ananev23:05:31

@borkdude, I solved the problem! Your deps.exe saved me. I have two JVMs on my Windows machine and one of them had no trusted certs from our internal CA. After I added them into cacerts file, deps.exe started to download any deps. Cool! Now I can develop my Clojure projects not only on BYOD Mac but also on Windows VM.