Crane is a new package-less software manager that will not force suggested dependencies on you and only install what you ask it to. It allows for building Docker images straight from Git without the need for a bloated runtime to support the package manager itself.
Crane is a new tool to deploy pre-built software or configuration directly from Git onto the local filesystem. The primary focus of Crane is provisioning a Docker images. This allows for installing only what's needed without any "recommended" dependencies or other unneeded dependencies or files.
Crane was developed with a single purpose in mind; to make provisioning Docker images simple, secure and fully reproducible. With traditional package managers it's often anyones guess what you'll actually end up with after installing package X. Oftentimes it will change or get updates from upstream providers which need not be desired/required for your setup. Or installing X pulls in Y as an optional dependency, which in turn requires a another bunch of dependencies. It's turtles all the way down. While this paradigm could benefit new users, it's often a serious issue when trying to build a slim and secure Docker image.
With Crane you decide what needs to be installed, because you're the one who's most aware of your use case and situation.
Additionally, Crane can wipe itself from the image making it even harder to modify the image with additional software once it has been provisioned.
Only very few pieces of software can actually function without any dependencies. The different with APT or Yum is that you decide which dependencies are applicable and where to install them from. This is handled through MANIFEST.yaml. For example:
maintainer: 'Reiner Jung'
- name: 'unicorns'
Where unicorns.git contains a similar manifest file.
How to use Crane
Here's a snippet of a Dockerfile utilising Crane:
ADD .ssh /root/.ssh
RUN crane -package=dockerlint -repo=ssh://email@example.com:RedCoolBeans \
RUN crane -clean
This does assume crane has been installed already, either by copying the binary and libraries in-place or with go get.
What does it do?
Essentially it does a Git clone and copy the files around, removing any traces of the clones and itself when finished. This way no further software can be installed as there's no package manager around anymore.
What does it not do?
Crane does not build or configure anything. This allows it to be very flexible and handle any file format. Build once, deploy everywhere.