cradle-package

Display a list of available packages

$ cradle package list

$ cradle package search [package]

$ cradle package install [package]

$ cradle package install [package] [version]

$ cradle package update [package]

$ cradle package update [package] [version]

$ cradle package remove [package]

cradle [GLOBAL_OPTIONS] <COMMAND> [COMMAND_OPTIONS]

Common commands include:
cradle build [OPTIONS]
cradle test [OPTIONS]
cradle run [OPTIONS]
cradle shell [OPTIONS]
cradle version
cradle clean

--verbose, -v
    Enables verbose output, providing more detailed information about the execution process.

--debug
    Activates debug output, useful for troubleshooting issues by showing internal operations.

--config <path>
    Specifies an alternative path to the cradle.toml configuration file, overriding the default in the project root.

--docker-host <host>
    Overrides the default Docker daemon host, typically specified via the DOCKER_HOST environment variable.

--docker-tls-verify <true|false>
    Enables or disables TLS verification for Docker daemon connections.

--docker-cert-path <path>
    Specifies the path to Docker client certificates for TLS connections.

--help
    Displays general help information for the cradle command or for a specific subcommand.

Note: The command 'cradle-package' is not a standard Linux command found in typical distributions. This analysis assumes the user is referring to the cradle command, which is the primary executable from the go-cradle project. The go-cradle project focuses on creating reproducible Go application builds and facilitating their packaging.

cradle is a command-line tool designed to create reproducible Go application binaries. It achieves this by performing the entire build process within a clean, isolated Docker container, ensuring that the build environment is consistent across different machines and times. This approach eliminates issues arising from differing local development environments, such as varying Go versions, library dependencies, or system configurations. cradle helps ensure that the compiled binary is identical every time, which is critical for security audits, debugging, and consistent deployments in CI/CD pipelines. It is particularly useful for Go projects that require strong guarantees about their build artifacts and aims to simplify complex aspects of Go cross-compilation and dependency management for consistent packaging.

cradle is not a standard, pre-installed Linux command; it must be installed separately (e.g., via go install or pre-built binaries from its project repository).
It requires Docker to be installed and running on the host system to function, as it relies on Docker containers for isolated builds and execution environments.
Initial builds may require internet access to download necessary Docker images and Go modules, which can be substantial.
Performance can be marginally slower compared to native builds due to the overhead of Docker container management.
The tool's behavior is heavily influenced by the presence and content of the cradle.toml configuration file in the project root.

Projects utilizing cradle are typically configured via a cradle.toml file located in the project's root directory. This file is pivotal for defining project-specific build parameters, including the desired Go version to use within the container, custom build flags, specific handling of dependencies, and output paths for the compiled binaries. It ensures that cradle can consistently reproduce the build according to the project's precise requirements, making it a central and essential component of the reproducible build process.

The core principle behind cradle's operation is the execution of Go builds within a tightly controlled and isolated Docker environment. This methodology guarantees that the build process is shielded from variations in the host system's Go toolchain, libraries, or environmental configurations. By fetching Go modules deterministically and using a fixed, specified Go toolchain version within the container, cradle ensures that the output binary is bit-for-bit identical across different build executions and environments, significantly enhancing reliability, verifiability, and traceability of software artifacts.

The go-cradle project was developed to address a critical challenge in Go application development: achieving truly reproducible builds. Before tools like cradle, Go builds could inadvertently vary based on the host system's Go version, environment variables, and cached dependencies, leading to inconsistencies and the infamous 'works on my machine' syndrome. cradle emerged as a robust solution by leveraging Docker's powerful isolation capabilities to create a consistent, immutable build environment. Its usage gained traction in scenarios demanding high integrity for binaries, such as continuous integration/delivery pipelines, and projects with strict security or audit requirements, evolving to streamline complex build workflows for Go applications.

go(1), docker(1), make(1), git(1)