tools-build

weavejester 2021-10-31T12:40:35.102500Z

I’ve been looking into replacing my Leiningen build chain with tools.deps and tools.build, but I notice that write-pom doesn’t currently support description or license elements. Would there be interest in me putting together a patch?

deactivateduser 2021-11-01T18:09:13.179300Z

That’s a use case this library was developed for: https://github.com/pmonks/tools-pom

borkdude 2021-10-31T12:44:28.102800Z

Usually the flow is http://ask.clojure.org -> JIRA -> patch

weavejester 2021-10-31T12:57:51.105400Z

I was wondering about http://ask.clojure.org, as I noticed it on previous patches, but it seemed more a place for community answers to questions, rather than requests for features.

weavejester 2021-10-31T12:58:44.105900Z

I can certainly post on there if that’s the common flow, though.

borkdude 2021-10-31T12:59:46.106400Z

Let's wait for Alex's answer, I was just writing how I usually see things being handled here.

weavejester 2021-10-31T13:00:09.106800Z

Sure 👍

Alex Miller (Clojure team) 2021-10-31T13:12:16.107700Z

We don't support lots of elements as we can sync from a source pom

Alex Miller (Clojure team) 2021-10-31T13:12:44.108400Z

So write the pom template with whatever you need and sync that

Alex Miller (Clojure team) 2021-10-31T13:15:05.110200Z

And ask Clojure is a good place to ask for features too (use the request tag)

weavejester 2021-10-31T13:55:31.112900Z

That’s fair. In which case I might fork then. I’d prefer to keep the pom out of source control.

➕ 2
♾️ 1
Alex Miller (Clojure team) 2021-10-31T14:07:26.120400Z

what if you made a pre-task that made the static source pom?

lread 2021-10-31T14:07:34.120500Z

What's your thinking @weavejester, if you don't mind me poking your big brain? For projects where I have adopted tools-build my pom.xml has become less information-rich but still present. Some of the data it held now lives in build.clj. So I have build info in declarative deps.edn pom.xml and programmatic build.clj. Are you shooting for a declarative source of build truth or something different?

2021-11-01T09:18:03.177200Z

Yeah - I made a similar PR last year: https://github.com/slipset/deps-deploy/pull/21 but it predates tools.build, so would want to be rethought now

seancorfield 2021-11-01T18:12:25.179900Z

Given that the source template for the pom.xml file doesn't need to be called pom.xml, and can be very minimal -- just containing the specific non-default bits of data you want -- I think it's reasonable to have that under version control, just like you have any other "config/control" files under version control (`deps.edn`, your build.clj file etc). It seems weird to me to talk about "forking tools.build" because of that, unless I'm misunderstanding your comment @weavejester?

deactivateduser 2021-11-01T18:26:56.180200Z

@seancorfield the problem with that is that those minimal / incomplete pom.xml files confuse other Maven-based tooling.

deactivateduser 2021-11-01T18:27:24.180400Z

(including GitHub itself, for example, when it tries to do its dependabot security scanning)

deactivateduser 2021-11-01T18:29:01.180600Z

@dcj your framing absolutely resonates with me, and I threw this together to scratch my own itch on this problem: https://github.com/pmonks/tools-pom I’d greatly appreciate your thoughts (especially on the general approach - the code itself is a bit of a rush job though…).

seancorfield 2021-11-01T18:46:41.181400Z

@deactivateduser10790 That's why I made a point of saying they do not need to be called pom.xml!

deactivateduser 2021-11-01T18:47:04.181600Z

Sure, but defaults have inertia.

p-himik 2021-11-01T18:50:19.182Z

That is exactly a concern someone has raised and has been discussing on Discljord Discord server. IIUC, a library author might not care about the default and be completely fine with a template pom.xml lingering at the rood. But a library consumer will have potential problems if their tooling decides to look at that file.

seancorfield 2021-11-01T18:54:36.182200Z

No need to throw the baby out with the bathwater. build.clj can just specify :src-pom and you can call the file pom_template.xml or whatever you want. Heck, you could even have build.clj copy the generated file back to the root of the project instead so that the complete, correct pom.xml is at the root, can be checked into git, and can be relied on by other tooling. The choice is entirely up to you.

seancorfield 2021-11-01T18:54:54.182400Z

Complaining about defaults and inertia when you have full control over this is silly.

p-himik 2021-11-01T18:59:21.182600Z

You as a library author have full control over where pom.xml goes - yes. You as a library consumer have full control iff you fork the library. If the author of the library has used the default pom.xml at the root of the project as a template, then all your tooling that knows about pom.xml files will be screwed. Or am I misunderstanding something?

seancorfield 2021-11-01T19:01:58.182800Z

If the project has a pom.xml and it is out of date and negatively affects tooling, that's a bug. Create an issue and get the library owner to fix it.

seancorfield 2021-11-01T19:02:14.183Z

That's what you'd do if tools.build wasn't even in the mix, right?

seancorfield 2021-11-01T19:02:52.183200Z

Consumers of the library are generally going to be depending on the pom.xml inside the JAR tho', right?

seancorfield 2021-11-01T19:03:43.183400Z

The pom.xml that is uploaded to Clojars, for example, should be the complete, generated one. That's what should be passed to deps-deploy for example.

p-himik 2021-11-01T19:03:48.183600Z

Generally - yes. But not in all cases. It's about applying my tools to someone else's code. Not a JAR. Not a Git dep. The code.

seancorfield 2021-11-01T19:04:17.183800Z

Then raise an issue and get the library author to fix it. It's a bug, plain and simple.

seancorfield 2021-11-01T19:04:29.184Z

Either don't have pom.xml or have a correct one.

p-himik 2021-11-01T19:05:37.184200Z

Indeed! That's exactly the point - a template pom.xml a priori is not correct by itself. But the default template path is exactly pom.xml. So it's a bug affordance.

seancorfield 2021-11-01T19:06:23.184400Z

Then complain on http://ask.clojure.org and see if you can persuade the core team to change that?

seancorfield 2021-11-01T19:06:58.184600Z

I think the burden is on the library author, personally, but you don't agree.

p-himik 2021-11-01T19:09:34.184800Z

Then the tool imposes the burden on library authors. :) My main intention here was to figure out if I understand the situation correctly, and seems like it's the case now. Someone that actually uses template POM files and happens to have an alternative approach in mind would be in a much better position to create an question.

seancorfield 2021-11-01T19:31:55.185Z

@p-himik In the mean time... https://github.com/seancorfield/build-clj#pomxml-and-jar

👍 1
seancorfield 2021-11-01T19:43:32.185300Z

Oh, the irony! So I decided to follow that advice and rename pom.xml to pom_template.xml and now the GitHub Actions setup_java fails because it requires that your repo includes a pom.xml 😞

seancorfield 2021-11-01T19:54:26.185500Z

Updated that section to suggest template/pom.xml -- which satisfies GitHub Actions' setup_java and still avoids having an (incomplete and/or outdated) pom.xml in the project root.

deactivateduser 2021-11-01T19:59:17.185700Z

@seancorfield that may be something else. I have a project (several in fact) that use the setup-java GitHub Action, but do not include a pom.xml anywhere in the checked in code, and that seems to be working fine. Here’s an amusingly meta example of that: • Project: https://github.com/pmonks/tools-pom • Use of setup-java: https://github.com/pmonks/tools-pom/blob/main/.github/workflows/deploy.yml#L18 • Confirmation that this repo does not include a pom.xml anywhere: https://github.com/pmonks/tools-pom/search?q=pom.xml (observe that none of the search results are for a file called pom.xml).

seancorfield 2021-11-01T20:15:11.186100Z

I was surprised by it. Are you using v1 or v2? I see you're using v2, same as me.

seancorfield 2021-11-01T20:15:37.186300Z

Oh, you're not enabling the maven cache so that's probably it.

deactivateduser 2021-11-01T21:38:28.186900Z

Ah yes well spotted. I’d been wondering about enabling that on the off chance it might help with tools.build builds, but this finding suggests that that might not work. 😉

seancorfield 2021-11-01T21:49:26.187100Z

Well, it does help since it caches the ~/.m2/repo stuff between builds so you don't have to "download the world" for each build, so your tests/builds run faster. But you need a pom.xml somewhere -- in my repos, it's template/pom.xml which satisfies the GH setup and provides cache from run-to-run -- and still lets me have a :src-pom for write-pom without needing a misleading pom.xml in the project root.

seancorfield 2021-11-01T21:59:54.187300Z

Now, I suspect the cache is only recalculated if that template/pom.xml changes so if I update deps.edn, it will have to download any new deps but that's still better than no cache (since the cache will also include all the tools.deps stuff as well which doesn't change very often).

deactivateduser 2021-11-01T23:26:42.187700Z

Yeah I was leaning more towards using the https://github.com/marketplace/actions/cache directly, since that lets one specify file paths (which could include both ~/.m2/repository and ~/.gitlibs/libs ), and doesn’t require a pom.xml or whatever (it’s also what the Maven caching mechanism uses under the hood). Obviously what would be even better would be a comprehensive tools.build based GitHub Action that just rolled all this stuff up, but I’m currently 2 side projects away from my primary development priority, so probably can’t justify biting that off just yet. 😉

👍🏻 1
seancorfield 2021-11-02T00:08:21.188200Z

Yeah, that cache action is more like what I am using in BitBucket Pipelines where I cache those two and also ~/.clojure and ~/.cpcache which also avoids classpath recomputation in the CLI etc.

👌 1
2021-10-31T18:28:57.166400Z

I want/feel that pom.xml is a generated "artifact" and I'd prefer not to have a template at all. I'd prefer if everything needed for most pom.xml files be generated from other sources of truth. deps.edn is one potential source of truth, and earlier this year I worked with @seancorfield (`depstar`) and created a PR for deps-deploy to support centralizing and abstracting various aspects, enabling a deps.edn like this (for example):

:mvn/repos {"acn-snapshots" {:url ""}
             "acn-releases"  {:url ""}}

 :aliases
 {:mvn/artifact-id database
  :mvn/group-id    org.aircraft-noise
  :mvn/version     "0.3.4-SNAPSHOT"
  :jar/file-name   "database.jar"

  :jar {:replace-deps
        {com.github.seancorfield/depstar {:mvn/version "2.0.216"}}
        :exec-fn hf.depstar/jar
        :exec-args {:jar         :jar/file-name
                    :artifact-id :mvn/artifact-id
                    :group-id    :mvn/group-id
                    :version     :mvn/version
                    :sync-pom    true}}

  :deploy {:extra-deps {com.dcj/deps-deploy
                        {:git/url ""
                         :sha "cf0f5e612eab04789c757a98f544eb8dea61a45b"}}
           :exec-fn deps-deploy.deps-deploy/deploy
           :exec-args {:installer :remote
                       :sign-releases? false
                       :artifact :jar/file-name
                       :repository "acn-snapshots"}}
  }
(with the credentials for my private Maven repo getting pulled out of ~/.m2/settings.xml) This enabled me to provide most of what I needed for pom.xml in a DRY manner, with no need for a template/basic pom.xml, but obviously not every desirable pom directive was supported (e.g. VCS, license, etc) N.B that this thinking/work PRECEEDED tools.build... I can appreciate that most of this info is not about dependencies. so putting it into deps.edn is not ideal. Revisiting this in the light of tools.build is on my list of things to do (eventually) The idea (later in this thread) of project.edn has crossed my mind, and could have merit. The above got me to about 80% of what I wanted a completely generated pom.xml to contain. Seems like with latest versions of tools we could support even more POM stanzas.....

☝️ 1
borkdude 2021-10-31T14:10:05.123700Z

Having a pom.xml in source control also gives GitHub some hints about your project, although probably not very important

weavejester 2021-10-31T14:11:36.125100Z

If the pom contains both generated elements and non-generated elements, effective source control becomes a little tricky. Ideally I want to separate the two, so I can keep the generated parts of my project out of source control, and the parts that aren’t generated in source control.

weavejester 2021-10-31T14:13:12.126800Z

I could have a task that generates a pom, and then use write-pom to update it, but I think it would be easier to grab gen-pom from the tools.build source and adapt it.

lread 2021-10-31T14:16:29.129100Z

Thanks. I don't have that situation (yet) where I need to commit the pom.xml enriched by build.clj.

weavejester 2021-10-31T14:17:50.130400Z

I’m mostly doing it because I don’t want to feel like I’m going backward moving from Leiningen to tools.build. I have the possibly unrealistic goal of being able to do everything in my old workflow in my new one.

weavejester 2021-10-31T14:18:45.131500Z

I’m experimenting with a combination of tools.deps, tools.build and babashka task runner.

lread 2021-10-31T14:21:21.133500Z

I'm personally finding that combo works nicely. Babashka allows me to succinctly describe command-line friendly build tasks. And the cross-platform scripting language is pretty sweet too!

weavejester 2021-10-31T14:22:33.134400Z

Babashka’s task runner is certainly a hidden gem.

lread 2021-10-31T14:24:04.135400Z

Are you experimenting with this for your open-source projects, or is this a closed-source/work-thing endeavor?

lread 2021-10-31T14:28:59.141300Z

If it is open-source, I'm looking forward to seeing what you come up with. As you know, I do admire your knack for combining clarity with succinctness!

borkdude 2021-10-31T14:29:34.141600Z

We have some examples of tools.build + bb tasks in eg clj-easy/graal-build-time. I also have one experimental branch in that project where I launch a JVM prepl once lazily and then send build tasks as needed :-)

weavejester 2021-10-31T14:32:00.143800Z

@lee open source projects. Every so often I’ll check out the tools.deps toolchain and see how viable it is to switch. I like the design of tools.deps, but Lein is very convenient for having “batteries included”.

Alex Miller (Clojure team) 2021-10-31T14:33:52.145Z

if you have an idea for extending the pom stuff in a generic way, I'm interested in that for tools.build. that is, I don't want to add 100 specific keys and code to handle them, but if you worked on a generic "turn clojure data into pom xml", would be happy to integrate that.

deactivateduser 2021-11-01T18:11:50.179600Z

Here you go: https://github.com/pmonks/tools-pom

Alex Miller (Clojure team) 2021-10-31T14:34:18.145400Z

@weavejester ^^

lread 2021-10-31T14:35:10.146300Z

project.edn? simple_smile

weavejester 2021-10-31T14:39:19.150900Z

It did cross my mind…

lread 2021-10-31T14:43:26.153900Z

I was slightly surprised, without understanding all the hard work that went into making the decision, that while tools deps source of truth is declarative, tools build source of truth is programmatic.

weavejester 2021-10-31T14:45:54.154800Z

I understand the reasoning behind it. I think a project.edn would only make sense if you could pick and choose the “build library” that goes along with it.

lread 2021-10-31T14:52:57.157100Z

And I guess there's really nothing stopping anybody from rolling their own build truth stored in a project.edn while using tools build.

weavejester 2021-10-31T14:36:22.147500Z

Sure, @alexmiller. I think I’ll aim for something a little more specific at first, simply because it seems easier, and I don’t have to worry about updates. I understand why you don’t want to include additional keys without a generic solution.

weavejester 2021-10-31T14:37:56.149Z

That said, the description element is exposed as part of clojars interface, so I’d advocate that particular key at least, even if none of the others are included.

weavejester 2021-10-31T14:38:25.149700Z

But I also understand the need to say “no” on a project — I’ve said it often enough myself 🙂

lread 2021-10-31T14:38:56.150400Z

(yes, yes, you have! simple_smile)

borkdude 2021-10-31T14:40:58.153800Z

What if you can have a hook in write pom to operate on the s-expr before it’s turned into XML for instance. There’s lots of other considerations and places where one could intercept. It feels like it’s almost worth a spreadsheet ;-)

Alex Miller (Clojure team) 2021-10-31T16:05:19.163400Z

Also seems like a viable option

lread 2021-10-31T14:46:22.155100Z

That sounds pretty flexible. Users could then simply add in what they like.

weavejester 2021-10-31T14:48:05.156400Z

On another note, could build.clj potentially be part of a dependency? I assume so, but I’m not completely certain on how clj -T: works.

lread 2021-10-31T15:02:27.158500Z

If I understand correctly, build.clj is merely a convention. The https://clojure.org/guides/tools_build.

borkdude 2021-10-31T15:08:52.159500Z

@weavejester yes, there is nothing specifically built into deps regarding tools.build, you can just use it as a dependency

Alex Miller (Clojure team) 2021-10-31T15:30:12.160200Z

for sure, the expectation is that you can pull in other libs as part of your build

lread 2021-10-31T15:37:08.163Z

FWIW, @weavejester the things I clearly prefer in tools deps/build over leiningen are: • less mysterious (for me) to extend • deps resolution makes more sense to me

weavejester 2021-10-31T16:16:53.166300Z

Yeah, for sure. I’d certainly like to use it — I’ve just been waiting for it to mature enough that I can use it to deploy to Clojars without losing any of the functionality Leiningen gives me out of the box. I think the ecosystem is about 95% there now.

☝️ 1
Kaan 2021-10-31T21:43:08.173200Z

Did anyone have success building an application(both clj and cljc sources) as uberjar? I'm using the same config and build.clj from https://clojure.org/guides/tools_build with small edits to comply with my project. This is a representation of my projects directory structure:

src
├── clj
├── cljs
└── cljc
    └── my-project/specs.cljc (contains 1 reader conditional in ns form)
The reader conditional is:
(:require [#?(:clj  clojure.spec.alpha
              :cljs cljs.spec.alpha) :as spec])
--- The clj -T:build uber command stucks at compile-clj step without any warnings or errors but it creates an uberjar if I port specs.cljc to specs.clj under src/clj/ directory. Everything works great when I'm developing with a REPL with the same deps.edn file. What could be wrong with this?

borkdude 2021-10-31T21:46:57.173800Z

@tugh my-project/specs.cljc should probably be my_project/specs.cljc but not sure if this has anything to do with your error

Kaan 2021-11-01T10:31:09.177900Z

Thanks. Will check it out...

Kaan 2021-10-31T21:51:03.174500Z

It's actually a single word. there is no dash or underscore in the project/folder names.

borkdude 2021-10-31T21:51:36.174700Z

ok that's definitely not it then. perhaps you can make a public repository with a repro

borkdude 2021-10-31T22:25:29.176800Z

random guess, it might be this issue: https://github.com/clj-easy/graal-build-time/blob/main/build.clj#L1

dpsutton 2021-10-31T21:53:44.176Z

Been a bit but don’t you not even need a reader conditional for that? Can’t you just use clojure and the cljs analyzer or some step does the write thing?

dpsutton 2021-10-31T22:08:48.176200Z

% clojure -A:cljs -M -m cljs.main -re node -r
ClojureScript 1.10.773
cljs.user=> (require '[clojure.spec.alpha :as spec])
nil
cljs.user=> (dir spec)
&
*
...

dpsutton 2021-10-31T22:16:29.176600Z

I doubt this will solve your issue but you call it out as if you suspect it might be related and this can eliminate it

👍 1
Kaan 2021-11-01T10:30:49.177700Z

Thanks but I'm using shadow-cljs for cljs builds. This only applies if I'm using tools.build for the cljs builds too, right?

dpsutton 2021-11-01T13:33:30.179Z

No this is just the clojurescript compiler. Which shadow uses as well. I’m sure it will work there as well

👍 1