This is not quite as elegant as using `bundlerApp`,
which I could not get working.
However, this still uses most of the Ruby infrastructure,
including stock bundix, and should be fairly reasonable to maintain.
This means no more hacks to work around wrong embedded binaries,
and no need for an old version of Ruby.
Note that `vagrant share` is no longer included,
as that functionality is closed-source
and not present in the upstream source code.
The Vagrant maintainers publish official Vagrant installers,
which they prefer people use as most platforms don't
have great support for pinning known-good dependencies.
When run outside one of the offical installers,
Vagrant normally prints a warning to that effect.
However, Vagrant does run outside the installer environment
(nominally to support Vagrant development),
and this has the effect of functioning better by respecting
OS certs and shared libraries,
as opposed to trying to use bundled versions.
To keep these postive side effects without having to see the warning
on every Vagrant invocation, patch out the call to print the warning.
Note that I have reset the maintainers since the implementation is
totally redone; I'm happy to re-add any of the current maintainers.
On Darwin, keep the Ruby and libffi libraries and binaries bundled
with Vagrant instead of linking to the Nix ones, to avoid errors about
libraries not found.
Upgrade to latest version of Vagrant.
After installation, the following messages appear whenever vagrant runs.
These were already present in previous versions, I'm not sure if/what
to do about them:
Ignoring ffi-1.9.18 because its extensions are not built. Try: gem pristine ffi --version 1.9.18
Ignoring unf_ext-0.0.7.4 because its extensions are not built. Try: gem pristine unf_ext --version 0.0.7.4
Ignoring wdm-0.1.1 because its extensions are not built. Try: gem pristine wdm --version 0.1.1
Vagrant on macOS is distributed as a .dmg installer. Luckily, the
internal contents of that archive resemble that of the .deb we use for
linux. In fact, the similarity is enough that if we move its `embedded`
directory to `opt/vagrant/embedded` and its `bin` to `usr/bin` (and back
again after installation), the derivation's installPhase (which replaces
embedded libs & binaries with those from the package's inputs) can
remain exactly the same between macOS and linux.
We currently already replace the embedded bsdtar binaries with the
corresponding ones from Nix. However, we also need to replace the
libarchive shared library to prevent version mismatches between the
embedded library and the Nix binaries.
Also expose version on the derivation and use environment variables
to make overriding the derivation easier.
This improves our Bundler integration (i.e. `bundlerEnv`).
Before describing the implementation differences, I'd like to point a
breaking change: buildRubyGem now expects `gemName` and `version` as
arguments, rather than a `name` attribute in the form of
"<gem-name>-<version>".
Now for the differences in implementation.
The previous implementation installed all gems at once in a single
derivation. This was made possible by using a set of monkey-patches to
prevent Bundler from downloading gems impurely, and to help Bundler
find and activate all required gems prior to installation. This had
several downsides:
* The patches were really hard to understand, and required subtle
interaction with the rest of the build environment.
* A single install failure would cause the entire derivation to fail.
The new implementation takes a different approach: we install gems into
separate derivations, and then present Bundler with a symlink forest
thereof. This has a couple benefits over the existing approach:
* Fewer patches are required, with less interplay with the rest of the
build environment.
* Changes to one gem no longer cause a rebuild of the entire dependency
graph.
* Builds take 20% less time (using gitlab as a reference).
It's unfortunate that we still have to muck with Bundler's internals,
though it's unavoidable with the way that Bundler is currently designed.
There are a number improvements that could be made in Bundler that would
simplify our packaging story:
* Bundler requires all installed gems reside within the same prefix
(GEM_HOME), unlike RubyGems which allows for multiple prefixes to
be specified through GEM_PATH. It would be ideal if Bundler allowed
for packages to be installed and sourced from multiple prefixes.
* Bundler installs git sources very differently from how RubyGems
installs gem packages, and, unlike RubyGems, it doesn't provide a
public interface (CLI or programmatic) to guide the installation of a
single gem. We are presented with the options of either
reimplementing a considerable portion Bundler, or patch and use parts
of its internals; I choose the latter. Ideally, there would be a way
to install gems from git sources in a manner similar to how we drive
`gem` to install gem packages.
* When a bundled program is executed (via `bundle exec` or a
binstub that does `require 'bundler/setup'`), the setup process reads
the Gemfile.lock, activates the dependencies, re-serializes the lock
file it read earlier, and then attempts to overwrite the Gemfile.lock
if the contents aren't bit-identical. I think the reasoning is that
by merely running an application with a newer version of Bundler, you'll
automatically keep the Gemfile.lock up-to-date with any changes in the
format. Unfortunately, that doesn't play well with any form of
packaging, because bundler will immediately cause the application to
abort when it attempts to write to the read-only Gemfile.lock in the
store. We work around this by normalizing the Gemfile.lock with the
version of Bundler that we'll use at runtime before we copy it into
the store. This feels fragile, but it's the best we can do without
changes upstream, or resorting to more delicate hacks.
With all of the challenges in using Bundler, one might wonder why we
can't just cut Bundler out of the picture and use RubyGems. After all,
Nix provides most of the isolation that Bundler is used for anyway.
The problem, however, is that almost every Rails application calls
`Bundler::require` at startup (by way of the default project templates).
Because bundler will then, by default, `require` each gem listed in the
Gemfile, Rails applications are almost always written such that none of
the source files explicitly require their dependencies. That leaves us
with two options: support and use Bundler, or maintain massive patches
for every Rails application that we package.
Closes #8612