Clojurians Log v2
babashka
I've decided to just keep it the way it is. Although this is an oversight, people may already rely on it. If they want to make their code portable with JVM Clojure it's an easy fix.
Babashka is awesome!! Quick rationale why:
Hey, just launched this site: https://babashka.org/ Let me know what you think
brilliant, looks great
@borkdude Can I somehow analyze script and tell which dependencies should be added to the classpath?
Love the font!
Looks weird on phone though
Let me maybe explain it a little bit. I've got following babashka runtime layer. https://github.com/FieryCod/holy-lambda/tree/master/modules/holy-lambda-babashka-layer With build in classpath:
src:/opt/.m2/io/github/FieryCod/holy-lambda/0.1.45/holy-lambda-0.1.45.jar:/opt/.m2/io/github/FieryCod/holy-lambda-babashka-shim/0.1.38/holy-lambda-babashka-shim-0.1.38.jar:/opt/.m2/org/clojure/clojure/1.10.3/clojure-1.10.3.jar:/opt/.m2/com/amazonaws/aws-lambda-java-core/1.2.1/aws-lambda-java-core-1.2.1.jar:/opt/.m2/io/github/FieryCod/holy-lambda-default-retriever/0.0.5/holy-lambda-default-retriever-0.0.5.jar:/opt/.m2/metosin/jsonista/0.3.2/jsonista-0.3.2.jar:/opt/.m2/org/clojure/core.specs.alpha/0.2.56/core.specs.alpha-0.2.56.jar:/opt/.m2/org/clojure/spec.alpha/0.2.194/spec.alpha-0.2.194.jar:/opt/.m2/com/fasterxml/jackson/core/jackson-core/2.12.2/jackson-core-2.12.2.jar:/opt/.m2/com/fasterxml/jackson/core/jackson-databind/2.12.2/jackson-databind-2.12.2.jar:/opt/.m2/com/fasterxml/jackson/datatype/jackson-datatype-jsr310/2.12.2/jackson-datatype-jsr310-2.12.2.jar:/opt/.m2/com/fasterxml/jackson/core/jackson-annotations/2.12.2/jackson-annotations-2.12.2.jar
/var/task/src:/var/task/.m2:/var/task:/var/task/src/clj:/var/task/src/cljc:src/cljc:src/clj:/var/task/resources@karol.wojcik Can you try again on the phone? I think I messed something up
@borkdude Still the same.
Both on emulator and real device
ok, I will ask the person who designed the site to take a look
@karol.wojcik Users can add dependencies to bb.edn or via babashka.deps/add-deps, or via babashka.classpath/add-classpath
@borkdude But can they use regular stuartsierra.component if its already provided in classpath?
they should, I think, yes
Ok great 馃槃
@borkdude Confirmed. Works!
Last question. How add-deps know where to write deps?
add-deps doesn't write
it only adds deps in memory
ah, tailwindcss. https://github.com/green-coder/girouette and babashka would be a good match.
The thing is that I'm adding all .jars which are in Lambda context to BABASHKA_CLASSPATH, so no add-deps in needed. Unfortunetely when one use add-deps then getting download
I suspect that there is some environment variable for it as well
This is using deps.clj so same as before, it downloads to your .m2 or mvn/local-repo
But I think you can recommend people to just use bb.edn if you are going to use your framework
I cannot 馃槥
There is no bb.edn in Lambda context. Just pure sources
So I cannot set :mvn/local-repo
yeah, but you can get their deps before you make the lambda right?
if they are in bb.edn
I'm taking deps from both bb.edn and deps.edn
so then it's good?
I think so. The only issue is that in lambda context someone may call add-deps and the artifact is being downloaded. I'm missing some environment variable probably 馃槃 No more questions. 馃槃
@borkdude is there any way to set PKI certs or disable SSL in babashka? I started bb in corporate network under Windows 10 (w/o WSL) and got following error
@mike1452 The download happens here: https://github.com/borkdude/deps.clj/blob/9e0ca8002cca486223a962c06865dbbe3bc1917a/src/borkdude/deps.clj#L181 Not sure what should happen to solve your problem
But you could perhaps download the tools jar manually and put it in the expected location
In java we add certificates in trusted JKS to avoid this problem. But in babashka it is not clear, what JKS or truststores are used during SSL handshakes? I'll try to download them manually, but afraid that other deps of my project should be downloaded too.
AFAIK it uses the same stuff as Java
Not sure how exactly this works with graalvm
Here is some info: https://www.graalvm.org/reference-manual/native-image/JCASecurityServices/
I think here plays role what cacerts are used during bb binary compilation. But in our corporate network we use our own certs which are absent in cacerts.
I have bb.exe (binary) that has no connection with GraalVM.
@mike1452 I found something here: https://www.jetdrone.xyz/2019/04/16/Full-SSL-Trust-in-Native-Images.html
./dad-jokes \
-Djavax.net.ssl.trustStore=./cacerts \
-Djavax.net.ssl.trustAnchors=./cacertsThis suggests you can set the Java property to point at your certificates
(yes, you can set java properties this way with bb too)
Thank you! I'll try it
These options has no effect for me. Babashka not using them. It seems, that in corporate networks, without option for disabling SSL certificate check babashka.tasks/clojure cannot download deps.
I'll try to copy .m2 manually
@mike1452 Can you reproduce that by trying to download with a JVM?
yeah, i'll try
@mike1452 you can reproduce this with pure java by using this uberjar:
https://github.com/borkdude/deps.clj/releases/download/v0.0.14/deps.clj-0.0.14-standalone.jar
and running it with java -jar ...
and java -<http://Djavax.net|Djavax.net>.ssl.... -jar ...
oh! cool!
or heck, I guess you could even use the babashka uberjar, but that requires Java 11
not sure which java you are using
I can use java 8 or 11
ok: https://github.com/babashka/babashka/releases/download/v0.3.7/babashka-0.3.7-standalone.jar
java -<http://Djavax.net|Djavax.net>.ssl... -jar babashka-....jar
does it help if you put ./cacerts or .\cacerts ?
and you can please put long output in a gist/pastebin?
i'm under vpn right now. corporate policy blocks pastebin for me during vpn session. 馃槀
Slack also allows uploading snippets as files :)
alternatively you can try a full path, like here: https://stackoverflow.com/a/2645939/6264
@mike1452 Locally I am trying this now too. It seems to not work
I am asking in the graalvm slack: https://app.slack.com/client/TN37RDLPK/CN9KSFB40
@mike1452 would it help in any way if curl downloaded the jar?
I guess downloading deps would still need a certificate, but maybe it works. Can you please test this by downloading the tools jar to your system manually and test if it can download a dependency afterwards?
So follow these "instructions":
Could not find /Users/borkdude/.deps.clj/1.10.3.822/ClojureTools/clojure-tools-1.10.3.822.jar
Attempting download from <https://download.clojure.org/install/clojure-tools-1.10.3.822.zip>@borkdude thank you for your help. I think my situation a bit harder. I suppose our corporate network has inspecting proxy like Bluecoat or other. So, PKI certs are dynamic for proxy pool and add them to cacerts file has no effect. I will try to use curl but, I think, right solution would be to get access to our corporate Nexus mirror and download deps from there. Does deps.clj has functionality to download deps from local Nexus with login/pass credentials?
@mike1452 is that similar to using a proxy? https://github.com/borkdude/deps.clj#proxy-environment-variables
@mike1452 I am trying to communicate a few times that the tools.jar is not the same as downloading deps.
The tools jar is not a dependency (in the usual sense). It is the program that will download the dependencies. It contains tools.deps.alpha. So bb first needs that jar in a certain place so it can execute it.
So first take care of that, then try again. And after that we can take a look at dependency downloading. These are two separate things. If you manage to download the tools.jar using curl, that is 50% of the solution. The other 50% we have to look at separately.
but if you have a proxy that you are allowed to download through, then the above settings will apply to both parts of the solution
I have corporate Nexus with clojars mirror and maven central. Unfortunately it requires authentication. I cannot find does deps.clj supports settigns.xml or not?
settings.xml contains urls and credentials for private mirrors.
Also I think https://clojure.atlassian.net/browse/TDEPS-177 may affect to my case.
@mike1452 It says: > April 22, 2021, 8:26 PM > Applied for next release
@borkdude, I solved the problem! Your deps.exe saved me. I have two JVMs on my Windows machine and one of them had no trusted certs from our internal CA. After I added them into cacerts file, deps.exe started to download any deps. Cool! Now I can develop my Clojure projects not only on BYOD Mac but also on Windows VM.
also, I configured correct settings.xml using https://clojure.org/reference/deps_and_cli#_maven_authenticated_repos