Skip to content

Tool to help creating distributions of packages #1335

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 14 commits into
base: main
Choose a base branch
from
Draft

Tool to help creating distributions of packages #1335

wants to merge 14 commits into from

Conversation

@jsoriano
Copy link
Member

@jsoriano jsoriano commented Jul 5, 2025

The tool makes queries to package registry to discover and download packages.

Users provide a configuration file that includes the set of queries to perform, each query receives parameters that map with query parameters. A matrix can be defined with parameters that should be included in all queries.
Actions can be also defined for each package.

Some small examples:

Download all available packages for 9.1.0, with format versions between 2.3 and 3.4.

actions:
  - download:
      destination: ./build/distribution
queries:
  - kibana.version: 9.1.0
    spec.min: 2.3
    spec.max: 3.4

Download all available packages for 9.1.0, with format versions between 2.3 and 3.4, including prereleases

actions:
  - download:
      destination: ./build/distribution
matrix:
  - {}
  - prerelease: true
queries:
  - kibana.version: 9.1.0
    spec.min: 2.3
    spec.max: 3.4

A couple of more complex examples can be found in the PR:

  • lite.yml downloads the latest version of the packages included in the lite distribution, for each one of the given versions of kibana.
  • sample.yml downloads the latest version of all packages, including their prereleases.

@jsoriano jsoriano self-assigned this Jul 5, 2025
@prodsecmachine
Copy link

prodsecmachine commented Jul 5, 2025
edited
Loading

⚠️ Snyk checks are incomplete.

Status Scanner Critical High Medium Low Total (0)
⚠️ Open Source Security 0 0 0 0 See details
⚠️ Licenses 0 0 0 0 See details

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

mrodm
mrodm reviewed Aug 14, 2025
View reviewed changes
Copy link
Contributor

@mrodm mrodm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just take a quick look to this approach, and it looks nice!
This is a tool quite flexible allowing to set different queries to get the desired packages for different scenarios.

For instance it looks easy to create a distribution with just the packages available for Kibana 9.1.0.

The only consideration that I see is that it requires to know how the /search API works along with its query parameters. It will be needed to review the documentation to ensure that there is nothing missing.

cmd/distribution/lite.yaml
address: "https://epr.elastic.co"

# Queries are executed with each one of the parameters of the matrix.
matrix:
Copy link
Contributor

@mrodm mrodm Aug 14, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Would it be similar to set the following matrix?

matrix:
  - all: true
    prereleaes: true

Copy link
Member Author

@jsoriano jsoriano Nov 14, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This configuration would be only getting the latest package that is compatible with each one of the versions, while using all: true would get all packages.

Copy link
Contributor

@mrodm mrodm Nov 14, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah got it, that's true. The example I wrote would download much more packages 👍

cmd/distribution/lite.yaml
Comment on lines +45 to +50
- kibana.version: 8.18.0
spec.max: 3.3
- kibana.version: 8.18.1
spec.max: 3.3
- kibana.version: 8.18.2
spec.max: 3.3
Copy link
Contributor

@mrodm mrodm Aug 14, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As usually packages are defined, but it's true that not all of them, with Kibana constraints using ^ (e.g. ^8.18.0 || ^9.0.0), would this be equivalent to define it with just one for 8.18.x with the latest patch?

matrix:
  ...
  - kibana.version: 8.18.2
    spec.max: 3.3
  ...

Just taking a look there are some packages using ~, for instance:

  • packages/aws/manifest.yml: version: "~8.16.6 || ~8.17.4 || ^8.18.0 || ^9.0.0"

And even there are packages using >=:

  • packages/cloud_asset_inventory/manifest.yml: version: ">=9.1.0"

@jsoriano jsoriano mentioned this pull request Aug 26, 2025
Open
@jsoriano jsoriano mentioned this pull request Oct 6, 2025
Open
mrodm
mrodm reviewed Nov 14, 2025
View reviewed changes
cmd/distribution/main.go Outdated
"strings"

"github.com/google/go-querystring/query"
"golang.org/x/mod/semver"
Copy link
Contributor

@mrodm mrodm Nov 14, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should we use here github.com/Masterminds/semver/v3 ?

Copy link
Member Author

@jsoriano jsoriano Nov 17, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, thanks.

@elasticmachine
Copy link

elasticmachine commented Nov 17, 2025

💚 Build Succeeded

History

cc @jsoriano

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mrodm mrodm mrodm left review comments

At least 1 approving review is required to merge this pull request.

Assignees

@jsoriano jsoriano

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@jsoriano @prodsecmachine @elasticmachine @mrodm