Cheetah
This is a modal window.
The media could not be loaded, either because the server or network failed or because the format is not supported.
Formal Metadata
| Title |
| |
| Title of Series | ||
| Number of Parts | 63 | |
| Author | ||
| Contributors | ||
| License | CC Attribution 3.0 Unported: You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor. | |
| Identifiers | 10.5446/54577 (DOI) | |
| Publisher | ||
| Release Date | ||
| Language |
Content Metadata
| Subject Area | ||
| Genre | ||
| Abstract |
|
openSUSE Conference 201638 / 63
1
5
8
13
14
19
20
24
25
31
32
33
34
35
37
38
40
43
44
45
46
47
49
50
51
52
53
54
58
59
61
63
00:00
Software developerPresentation of a groupComputer animationDiagram
00:23
Binary codeParameter (computer programming)AuthorizationInterior (topology)Arithmetic meanFormal languageOverhead (computing)Lecture/Conference
01:37
Content (media)MathematicsResultantBinary codeOpen sourceSoftware developerComputer animationLecture/Conference
02:49
Beer steinState diagramPhysical systemException handlingObject (grammar)Mereology1 (number)Open setString (computer science)Streaming mediaError messageParameter (computer programming)Library (computing)Physical systemBlogFunction (mathematics)WebsiteScripting languageInformation securityStandard deviationThread (computing)Exception handlingFerry CorstenLevel (video gaming)Integrated development environmentDefault (computer science)2 (number)Object (grammar)Arrow of timeEscape characterComputer programmingElectronic visual displayCodeSystem callUsabilityInterpreter (computing)RobotOrbitGastropod shellMessage passingThermal expansionResultantState of matterWeb pageFocus (optics)Enterprise architectureDistribution (mathematics)MultiplicationMultiplication signDifferent (Kate Ryan album)Object-oriented programmingWeb 2.0Motion captureVariable (mathematics)Computer animationLecture/Conference
10:16
Motion captureBeer steinException handlingError messageCASE <Informatik>Standard errorException handlingFunction (mathematics)Parameter (computer programming)InjektivitätComputer programmingError messageFehlererkennungStreaming mediaComputer fileGastropod shellStandard deviationoutputProcess (computing)Arrow of timeResultantGoodness of fitSoftwareLibrary (computing)Motion captureSlide ruleSystem callFerry CorstenEqualiser (mathematics)Interface (computing)Line (geometry)Right angleMessage passingCodeComa BerenicesFitness functionMereologyDefault (computer science)Element (mathematics)Computer animationLecture/Conference
15:04
Revision controlLatent heatFerry CorstenFunction (mathematics)CodeRoutingStandard deviationSystem callVariable (mathematics)Error messageException handlingIntegrated development environmentPhysical systemPattern languageIntegerSoftware maintenanceRange (statistics)Binary codeMathematicsInclusion mapSummierbarkeitStaff (military)Lipschitz-StetigkeitDistribution (mathematics)Interior (topology)Thomas BayesDefault (computer science)Projective planeStandard errorComputer animationLecture/Conference
18:56
Distribution (mathematics)
19:29
Data managementWindowSystem callMereologyStandard deviationDistribution (mathematics)Right angleLevel (video gaming)CodeLecture/Conference
20:10
Revision controlIcosahedronService (economics)BuildingLecture/Conference
21:11
Meta elementDatabaseInstallation artLecture/Conference
22:10
Lecture/Conference
22:30
MereologyElectronic mailing listEmailSlide rule1 (number)Template (C++)Visualization (computer graphics)Lecture/ConferenceComputer animation
22:53
Lecture/ConferenceComputer animation
Transcript: English(auto-generated)
00:08
Do you want to start? OK, so no? No, OK. So welcome, everyone, to my presentation about Cheetah. So I expect you come here, because Cheetah
00:25
is so nice animal. It's really fast. And that's usually what you expect from running another binaries from your language, because you don't want much overhead.
00:41
And fast also in other meanings. You expect that it will be fast to write it. It will be also fast when you read it to recognize what it does. So it's also easy to read, easy to write. And don't forget, Cheetah is quite a dangerous animal.
01:02
And also running binaries can be quite dangerous, especially if you are passing some parameters and so on. So you should be careful. And we also have this in mind when we start developing this Ruby gem. By the way, authors of this gem are David Maida and myself.
01:26
And it's now, I think, three or four years old. But now we add some more new features, which I hope you find interesting. So what we will talk about?
01:40
At first, I will show existing solutions in Ruby, because we are open source developers. So we like corporate. So if there is existing solution that fits or just needs a few adaptations, it's better to use existing one and cooperate with someone else who helps us to maintain it
02:01
and also to use it, to document it, and we like to communicate. So I will compare existing solution and also explain why we don't choose it, because usually its design doesn't fit our needs. And that's hard to adapt design of other tools.
02:23
Then I will show you some features of Chitag. And last but not least, I will show you the last changes done in the last half of a year. It's mainly a result of adapting Chitag to be also used in IAST.
02:42
So currently, there are some places in IAST that already use Chitag for running binaries. So what's existing solutions? I will start from a most famous one in Ruby, is using backticks. Backticks are easy to use.
03:00
As you can see, you just place a command in backticks. It shall expand it, so you can do any fancy stuff here, like redirecting outputs, piping, and such stuff. What's not so nice?
03:22
It's not secure. The majority of security problems in Rails in running some scripts is from these backticks, because if you see the second example and you just pass an argument, then here can be anything,
03:44
like just send pipe or some end command and then remove everything. So if you do this on the web pages, there is a big risk. It can fail. You need to manually handle it somehow. There are some libraries for it,
04:00
like shell escape that gets trained and then escape it. But even single place where you forget to escape it is your security problem. So for us, this is not secure by default. And second stuff we don't like much is checking errors.
04:20
Errors is checked by global variable question mark. And then you need to check what's exit status of this code and then react on it. And again, if you forget to check it, it can happen that you just ignore some errors and later you have bigger problems.
04:41
So we prefer to fail quickly if something goes wrong. So another possible call is using system. System is more secure because it doesn't interpret string as shell command.
05:00
It just send these parameters to exec call. So if you write system get something, then each parameter is just only one parameter. So if you pass a parameter from your user, it's always just one parameter.
05:21
No shell expansion, no more problems. But as you can see, the result is if command ran correctly. But if you need to get your standard output or error output, you have to play with default streams that's
05:45
attached to command, which is not so nice, because you need to close existing ones, open new ones that ideally do some string stream, capture it. So it's not easy to use and definitely not fast to write it correctly.
06:01
So that's also why we don't like it so much. And also, because it doesn't use exceptions, you can simply overlook that command failed. There's something more Linux specific, which is popen3.
06:25
And there's also popen4 as gems. So it's not part of, I think popen3 is part of Ruby standard library and popen4 not. But as you can see syntax, it's quite tricky.
06:41
It opens some block, and it pass a lot of streams. It also pass some thread object that holds its exit status, for example, after finishing of this command. It can allow some waiting. It allows some more interactive.
07:03
But the problem is it's quite low level. It's really quite one to one to Linux system call. So it's not so easy to use. One nice feature that it have, it can pass environment variable, which is quite useful if you programmatically
07:20
run some script or some binary that if you have different local, like you have Chinese user. So we have Chinese local is loaded. Everything is shown in Chinese. And you want to parse some output of command. And if you get Chinese, I don't believe your program
07:42
handle it nicely. So it's nice that you can pass, and I want to run it with standard locals, maybe also some secure one, like do not use display or use this display and so on. So it's quite nice that you can pass this environment.
08:02
And it's changed only for this call. But as I said, its usage is not so easy to do it. And it's a lot of code. Yeah, and another nice library, it's called Cocaine.
08:21
You maybe find this name familiar if you are drag users. So it's created by 2Bot, which is one of companies that are quite famous in Ruby world. It's objects, which is quite different to other calls
08:41
that other libraries is just some calls. Cocaine is object oriented. You create some command. You can run it. It allows some parameters passing, which means you construct some command and set OK. And these two parameters are passed
09:01
by user of this object. So you use run and pass, and I want these two parameters to be replaced. It uses exceptions, which is nice. So if something fails, you get exception. And it forces you to handle error states.
09:21
If you don't do it, then you need to have some global handler. And it shows something goes wrong. So you quickly catch any problems. It looks quite promising for us, but the problem is that they have different focus. They really focused on reusable commands,
09:43
that you have a command and then run it multiple times with different parameters and somehow capture objects and so on. And also, it's quite controversial to add this gem to our enterprise distribution.
10:01
It can cause some, well, jokes. So in the end, we decide we would like to do it our way. And now let's show it if you think we are succeed.
10:21
So for simple use cases, it's simple to use. As you see the first line, it's basically same as system call. So you have each parameter is one argument, so no dependency injections. And it's simple, get something.
10:42
So even someone who don't know Cheetah can recognize what it probably do. And if you need output from this command, you just pass in second example is capture standard output. And it's returned. So the return value is standard output.
11:04
It also supports streams. So if you have, for example, a very big file and you need to process it by partial parts, then you can read just a few bytes, process it, and then continue. So you can see here, we open some file
11:24
and then let some command do something with it. In this case, we write standard output to this file. So it's like capturing output in shell. You can also use it for standard input and arrow
11:44
output. So if some command process by parts, you can pass, for example, some network stream or whatever streams you have in mind can be used for this stuff.
12:01
It also support pipes, which is except backticks, not other libraries support it. And again, we tried to have quiet familiar syntax and easy to recognize. So probably, even if you don't know much Cheetah,
12:20
you can recognize that probably it runs some get command and then grab result for some keyword. So even I hope it's intuitive enough to recognize what they do. And at the end, we captured the result.
12:46
Yeah, good. So I repeat the question, what happens to standard error? We, by default, we have a logging, which I will talk about next slide. So it's locked, standard error.
13:01
But if you don't want it to capture, it's not returned. And if you want, if you would like to have it, you can just write as another parameter, standard error capture. And then it return a tuple, just two elements. So you write the result comma error equal cheetah run,
13:24
and it will return you error output. So if you would like to have it, you can get it. And by default, we log the outputs for it.
13:40
And as I already mentioned, there is some logging. So you see, by default, it use Ruby Logger interface. So you can register your own logger that you would like to get messages from cheetah. And cheetah then write, I run this command.
14:01
It return this standard output. It return this error output, this exit code, and so on. And of course, we use exceptions because we think it's much better to have it.
14:23
It returns cheetah execution failed if command output is non-zero. And I will talk later that for some commands, it's not the perfect behavior. So we also slightly adapt it to fit needs.
14:42
But by default, if you don't specify, then you expect any error codes. It varies exception that an expect error code happen, and probably something goes wrong. And this exception already contain, for example, standard error output. So you see what the program writes to error output.
15:04
So that's features we have from beginning in cheetah. And now what we also modified to be easier to use it in the just because just have some specific needs. So few stuff.
15:22
At first, you see, as I mentioned, there is some binaries that have expected error exit status. Like if you grab something, then one means that the search pattern is not found. And it happened quite often.
15:42
And usually, it's not error. It's just, OK, we don't find it. So you can specify allow exit status one. And then it automatically adds to the return stuff what code it returns.
16:01
So as you see in example code, it's just return the code because we only want exit status. But if you want also standard output on standard error, then the exit status is at last position. And as you can see, you can pass also more than just one integer.
16:21
You can pass range. You can pass any array. You can pass almost anything that responds to include method. And Cheetah just asked, is this exit status in this allowed one? And if it's include, then it's fine.
16:40
OK. User expected, just return it. And if it's not, then it arrays exception. Another feature is passing environment variable because, as I said, for example, in the app, we use it very often because just it's localized. And we need to get some passable output.
17:02
So no Chinese, no Turkish or Spanish, just common English. And last but not least, we allow to run commands in a changed route. It's very important for Yast because during installation,
17:24
you mount your target system. And once you do, there are some stuff, like regenerate initrd and such stuff. And you need to run it in that different route. So you ensure that it run, installed, make initrd,
17:42
and not the insist one, and so on. And in the end, because Cheetah already used some forking and such stuff, doing routing is very, very simple. It's just one call in a Ruby. The only drawback is that you have
18:02
to be route to use this feature. But it's, by default, the permissions on Linux. So if you want to know more, there's more examples, more features that I don't mention here.
18:21
You can go to Cheetah project, which lives on GitHub. Under OpenSUSE umbrella, it's maintained. It's available currently in Tumbleweed. I think leap42.2 is also, I think, 42.1 doesn't have it.
18:45
But I'm not sure. But for newer distributions, it's available, and you can freely use it. OK, so do you have any questions to this gem?
19:09
There's a microphone.
19:25
Does it work? Yes. This gem is also available in the Ruby distribution package manager, right? Yes, it's available on rubygems.org. You can install it anywhere. It doesn't have any dependencies that's
19:44
related to just OpenSUSE. It works on any Linux distribution. Where it doesn't work is Windows, because Windows doesn't have something like pipes and so on. We use some low level Linux stuff. And also, I don't try it on any other Unixes,
20:04
because it uses some codes that are part of Unix standards. But I worry there's also some stuff that's only Linux-specific. So I don't try it on something like Ikes or like this. OK, follow-up question. Do you have a preferred way of getting
20:22
Cheetah if it's Ruby gem or the zipper OpenSUSE? Are they equivalent? They are basically equivalent. It depends, of course, where you need. It's usually very up to date, because as I am upstream
20:43
and also material in OpenSUSE, when I release new version, I also release new. I edit to build service. So it's there. Advantage of RPM is that it offers you when new version appears, that you can do it. But of course, you can do it in the gem by gem update.
21:04
So they are quite equivalent. Also, we have nice feature in OpenSUSE that when we pack Ruby gems, we keep the gem data. So if you install other gem, that depends on Cheetah.
21:26
And if Cheetah is installed via RPM, the gem packager still see the Cheetah, because when you use RPM, it also register it into gem database on your PC.
21:42
So basically, I recommend to use RPMs, because it's easier to see it and to manage it in one tool. And also, gems see gems installed via RPM, but not vis-a-versa. If you install something via gem,
22:01
the RPM doesn't know that you install it via gem. OK, more questions? OK, so I have one question. Who I convinced to try this gem? Hands up.
22:24
Nice, six new users of Cheetah. Great. Great. So thanks for your attention. And you can contact us. I am part of Yaa's team. The easiest way is to contact the whole Yaa's team on the free note on our mailing list.
22:43
And in the end, I would like to thanks Richard Brown for creating these nice templates, because my usual slides are just white ones. So thanks to him, and thanks to you. Ending.