Hey everyone,
I need to move source code and a lot of packages to a secured environment where there is no internet. I have seen the options of SIEGE or PackageCompiler to move images to another system but this excludes possibilities to develop code in the secured environment.
Is there a way how I can copy the source code of the packages in my Manifest.toml into a zipfile and unpack in the secured environment. There is a recent version of Julia installed at the new environment. What complicates the situation is that the destination system is a Windows system and my own computer is a Mac.
Thank you in advance!
Steven
1 Like
There are indeed quite a few challenges:
- Package Compiler doesn’t do cross-compilation. To go that route, you’d need a comparable Windows machine on the outside.
- You need to make sure all artifacts (for the correct platform) are also bundled in, in addition to the source code.
- You need to make sure any dynamic assets that hit the internet while running get artifactorized. Many of these have been tackled, but I’m sure there are many still out there.
And then, generally, the folks who run secure environments like these don’t typically like you just walking in with a few gigabytes of executable code without first vetting it in some way.
This is something we’ve helped a number of companies with at JuliaHub. One half-way solution is the DepotDelivery.jl package. But the entire JuliaHub platform itself can also be installed within air-gapped systems and handle the security auditing and such, too.
7 Likes
You may create a private package registry for your organisation, which gives you complete control over all dependencies. This approach could work well for teams and provides the most seamless development workflow. (Note that I am not an expert on this)
However, if you only need dependencies that are specified in Manifest.toml, AppBundler.jl may be well fit for the purpose. To use it, create a folder with a project where all necessary dependencies are added. Then you can build a bundled directory with all relevant dependencies via:
bundle_app(Windows(:x86_64), project_dir, “output_dir”)
Then, you can start Julia from output_dir/julia/bin/julia, which should have all the project’s dependencies available. (Note there is a heavy development and refactoring happening underneath so for further steps for now one shall reffer to the codebase).
This is currently a hack, but support for Julia distribution creation is planned for the near future with AppBundler.jl
JuliaHub offers an air-gapped package server solution. It’s not cheap, but you could talk to sales and probably get a POC before deciding if you want to commit or not.
1 Like
Thank you!
The secured environment is managed by a governmental agency so convincing them to start using commercial software will probably out of reach even though it might solve many of their problems.
I will give DepotDeliver.jl a try! Thank you for your suggestion
This also looks good! I will give it a try next week.
Thank you for the suggestion
1 Like
The owners of the secured environment is a governmental organisation.
Convincing them to use a new service will probably be very difficult…
JuliaHub has worked with a number of government agencies so it might be easier than you think. Work a conversation with our govt folks. DM me if you want me to connect you.