Comments (6)
Unfortuantely, I haven't seen any mechanism by which pom_file
could read information from maven_jar
as it currently stands. Patching maven_jar
to include a tags
attribute sounds like a great option, and then bazel-deps
can use that. Or maybe even maven_jar
should just specify the tag automagically.
Alternatively/additionally, bazel-deps could probably use java_import_external
which has better reliability during builds /cc: @jart @johnynek
from bazel-common.
Or maybe even maven_jar should just specify the tag automagically.
Other than the red tape involved to nail down the officially supported tag, yes. Otherwise future people are going to have the same confusion I had where I added this into an existing project & then stared blankly when it didn't do anything. (I should probably file another bug/just make a PR with a bit more documentation around that requirement, but it'd still be better for the obvious things to Just Work[tm])
Alternatively/additionally, bazel-deps could probably use java_import_external which has better reliability during builds
Skimming the docs, it looks like that's inadequate for private use: maven_jar
is maven aware and can hit my settings.xml to figure out about credentials to hit our internal repository, but java_import_external
seems to want URLs that are expected to just work.
I might be able to get bazel to interpolate in something pulled in from elsewhere, but I'd also be nervous that something somewhere would naively dump https://blah:[email protected]/
to a log.
from bazel-common.
Looks like I'm unblocked for the moment with minimal pain by hacking bazel-deps to add the tag to the java_library
wrappers it generates around the maven_jar
s.
🤞
from bazel-common.
I'm not sure what the best practice is (or if there is one) with regard to bazel+internal maven servers+credentials. That sounds like a way that builds become unreproducible?
Looks like I'm unblocked for the moment with minimal pain by hacking bazel-deps to add the tag to the java_library wrappers it generates around the maven_jars.
That also works :)
Shall we close this issue?
from bazel-common.
I'm not sure what the best practice is (or if there is one) with regard to bazel+internal maven servers+credentials. That sounds like a way that builds become unreproducible?
Why? It's still a maven repository with immutable published artifacts and my WORKSPACE files can list expected checksums for them, etc. They just aren't publicly available and/or available by virtue of just being on. some private network. Try to hit it as some random person & it'll fail downloads and bazel will break just like if you hit a public repo and all your mirrors barfed at the same time.
Shall we close this issue?
I can open another issue/PR for documenting "Hey, if you want to use this, you need to do this extra legwork", but it's really unfortunate if that's the answer when maven_jar
is a first-party rule in bazel and theoretically should let this all happen automagically.
from bazel-common.
I would recommend using java_import_external which is in the bazel codebase and documents itself as the recommended practice. Please note it does not grab transitive dependencies automatically. You can use Bazel Maven Config Generator to crawl POM metadata and generate a WORKSPACE config that's fast, reliable, and mirrors artifacts to Google Drive. See demo video and best practices guide.
from bazel-common.
Related Issues (20)
- Keep the Android SDK optional under forthcoming Bazel versions
- See what's up with square/bazel_maven_repository
- jarjar failed handling org.xerial.snappy:snappy-java:1.1.8.2 HOT 5
- jarjar_runner.sh is unreliable on case-insensitive filesystems (Mac) HOT 2
- jarjar_runner.sh fails incorrectly on jars that contain files ending in ~ HOT 1
- Update asm to version 9.2 HOT 7
- Issue running jarjar with a rule file HOT 3
- Cannot set `size` or `timeout` in `gen_java_tests` rule
- More than one javadoc_library rule ends up producing "merged" output
- Security Policy violation Binary Artifacts HOT 3
- javadoc_library doesn't grok tree artifacts HOT 3
- Something something Bzlmod HOT 1
- Release a repository archive for consistent checksum HOT 2
- Some libraries should have deps
- Update asm to version 9.6 (or at least 9.5)
- Update log4j version past 1.2.15.
- Use Bazel CI HOT 1
- Unable to set custom api_level and build_tools_version HOT 2
- Prepare for --incompatible_load_java_rules_from_bzl in Bazel 1.2.1 HOT 3
- gRPC-netty is old, and depends on a broken version of netty
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from bazel-common.