Pkgr.io: Easy way to get a Debian package out of any app

[+] blinry|12 years ago|reply

I recently discovered the OpenSUSE build service, an automated build service for RPM and DEB packages: https://build.opensuse.org/

It builds the packages on virtual machines for many different distributions and 32+64 bit CPUs.

[+] baldfat|12 years ago|reply

The number one under used service on the planet. It is amazing and should have revolutionized packaging years ago!!!

Hope people will just "get it" soon!

[+] comice|12 years ago|reply

https://launchpad.net/ does this too (though just for Ubuntu distros). It's quite nice and a pretty impressive service, considering it's provided for free.

[+] mtrn|12 years ago|reply

Packaging is a real pain, kind of a schlep. One project, which solved a lot of problems for me was https://github.com/jordansissel/fpm.

One edge-case, where fpm cannot help by itself, occurs in the python (w/ C-bindings) world, when your dev and prod environments use different libc versions. I got around that issue by running fpm inside a VM, which matches the libc version of the target system.

But it's still not as easy as it can be - so pkgr.io looks promising.

[+] crohr|12 years ago|reply

OP here, thanks for the comment. fpm is a great tool: PKGR is based on https://github.com/crohr/pkgr, which itself uses fpm. That being said, you indeed need to make sure your build system is close to your target system, and it is not that easy to package complex apps with specific dependencies. Generally, (Web) Application packaging does not have the same needs as OS packaging.

[+] bguthrie|12 years ago|reply

Gist of the thing:

    As a Rails developer, I've become tired of messing with
    ruby versions, gem dependencies, bundle installations,
    deploy-time asset precompilation on my servers,
    etc. ... Basically, what I wanted was a Heroku-like 
    workflow that generates and hosts debian packages, 
    which is what  exactly what PKGR provides.

As a customer of Heroku's excellent but rather expensive services, and a fan of deployment via package management, I'm certainly intrigued.

[+] wting|12 years ago|reply

I use Dokku (self hosted Heroku) for this purpose:

https://github.com/progrium/dokku

[+] takeoutweight|12 years ago|reply

To offer an alternative, I've personally found checkinstall to be useful for putting together ad-hoc .deb packages for deployment.

http://manpages.ubuntu.com/manpages/trusty/man8/checkinstall...

[+] regularfry|12 years ago|reply

Unfortunately checkinstall has an inconvenient bug on (at least) Debian Wheezy which makes sudo required for package building under some circumstances.

[+] jamesgeck0|12 years ago|reply

My first thought was that there was no way I'd want to make my deploys dependent on yet another random webservice. But it looks like there's a standalone version, too. https://github.com/crohr/pkgr

[+] comice|12 years ago|reply

"Uses Heroku buildpacks to embed all your dependencies within the debian package. That way, no need to mess with stale system dependencies"

That does mean, however, that it's now your job to rebuild your package whenever a library gets a security fix. Possibly worth the sacrifice, but an important one I think people need to understand.

[+] crohr|12 years ago|reply

OP here. Totally right, the final goal being that a new version of the package gets automatically rebuilt whenever a buildpack gets updated with a security fix.

[+] drdaeman|12 years ago|reply

Not sure whenever this is a good service or not (proper Debian packaging is 10% writing scripts 90% reading and conforming to policies), but I believe it would be really better if it'd be able to produce and maintain "debian" branch and tags for pbuilder/git-buildpackage, so standard package building practices would apply.

[+] derefr|12 years ago|reply

Pkgr (and fpm, the program it uses) is not for shipping a package that people can install and depend upon as part of their own OS distribution. It's for using apt-get as your orchestration system, instead of puppet/chef/etc.

You package your application and its dependencies as .debs, create an apt-mirror containing those debs, add that apt repo to your deploy-targets' sources.list.d's, "apt-get install yourcorp-system-release", and relax.

[+] jlafon|12 years ago|reply

Well done. All of my questions were answered by browsing the site. +1 for using SSL everywhere.

[+] crymer11|12 years ago|reply

How does this work with assets that need to be served externally, e.g. uploaded to S3?

[+] crohr|12 years ago|reply

You have the possibility to add custom before/after hooks, and thus upload freshly precompiled assets from them, however there is currently no secure way to encrypt secrets (in your case, S3 credentials). This may come later on (a la Travis-CI, http://docs.travis-ci.com/user/encryption-keys/), but is not a priority right now.

[+] jjgreen|12 years ago|reply

Since a .deb, shouldn't this be installed into /usr rather than /opt?

[+] phaer|12 years ago|reply

No, why? It should be installed in /usr and so on if it conforms to debians packaging guidelines, otherwise it should stay in /opt.

[+] YokoZar|12 years ago|reply

No, as a non distro-official package it should install into its own prefix in /opt.

[+] comice|12 years ago|reply

Somewhat related is gem2deb: https://github.com/lnussbaum/gem2deb

Missing the neat config interface of pkgr (and the build service obviously!) but it's fully supported by Debian/Ubuntu now (used to build almost all of their ruby app and library packages).

[+] otterley|12 years ago|reply

Any plans to do the same for RPM packages? Most enterprises are running a RHEL variant, not Debian/Ubuntu.

[+] krupan|12 years ago|reply

Does this only work for Ruby projects?

[+] crohr|12 years ago|reply

At launch, only Ruby and Node.js projects are officially supported. But you can always specify another buildpack in your app's configuration to test with other runtimes (https://pkgr.io/doc#buildpack).

[+] pekk|12 years ago|reply

Installing dependencies for web apps at the system level is usually the wrong thing. You may have a deb but now you are prone to conflicts between that deb and the distro's debs.

[+] mwcampbell|12 years ago|reply

There are no conflicts, because the application debs put everything in e.g. /opt/discourse

[+] qbonnard|12 years ago|reply

How does it compare to Docker for example?

[+] crohr|12 years ago|reply

OP here. For all the goodness offered by Docker to deploy apps, sometimes a good old debian package is all that's needed. The format is widely supported and battle-tested, while Docker requires specificities under the form of kernel version, additional software to install, and additional operational knowledge.

In short, if you already have a working Docker installation, you probably don't need PKGR, though nothing prevents you from building your containers by simply apt-get install'ing the app instead of having 10's of RUN commands to install the dependencies.

[+] pandemicsyn|12 years ago|reply

It doesn't really compare. It's:

"The easiest way to get a debian package out of any app"

Basically you push up to the service and it takes care of building a debian package for you and provides an apt repo to pull from.

Usually you end up having to do some permutation of https://wiki.debian.org/HowToPackageForDebian

[+] jafaku|12 years ago|reply

Yeah, I don't think I will ever need stuff like what OP created now that we have Docker. Containerize all the things!

[+] maslam|12 years ago|reply

This solves a real problem. Nicely done. Can't wait to try it out.

[+] brokenparser|12 years ago|reply

Do the generated packages pass lintian?

[+] tomswartz07|12 years ago|reply

This looks very useful for .deb systems.

Does anyone have any suggestions for other platforms? Perhaps Windows, OSX, etc?

[+] baldfat|12 years ago|reply

Not interested because it only works for deb.

52 comments