Adding Python libraries to your app

If your app requires dependencies, such as RPMs or Python libraries, you can add them in the src_deps sub folder of the app folder.

The src_deps folder contains these sub folders:


Use the pip folder to state which extra Python libraries are needed for your Guardium app, and to install them. The folder is created when you create an app using grd_sdk create (see Creating your Guardium application), along with an empty python requirements file (python standard). In this file, add the names of the extra Python packages that are needed to be installed by the app, as well as their dependent packages.

The Python packages must be compatible with the operating system that the application is running on. This is applicable when running locally on Windows (tested with Win7) or Linux (tested with Ubuntu 16.04), whether with or without Docker. However, we recommend adding Python packages for other operating systems as well to this folder, since this allows you to share the application among developers that work on different platforms (the requirements file remains the same for all platforms).

File names must be separated with a new line (UNIX line endings) in the order that you want them installed.

For example, if your application requires the observable-0.01.00 Python library, add the observable-0.01.00.tar.gz file to the pip folder, and mention the package name and version in APP_CUSTOM_REQUIREMENTS.txt, located within the same folder, by appending observable==0.01.00.

In addition to adding the libraries, list the packages (for example observable==0.01.00) in the following text file: <app_workspace_path>/src_deps/pip/APP_CUSTOM_REQUIREMENTS.txt

Use Python Wheel packages, whenever they exist. Note that tar.gz packages may contain third-party code in C, which can cause compilation problems in other file systems.

You must install Python wheel files on the same system architecture they were compiled upon. To work with the Guardium application framework, wheel files must be compiled on Centos 7.4.1708 x86_64. If it uses compatible architecture, you can use the Python bdist_wheel command to create wheel files from a library's source code on your own system. The command python sdist bdist_wheel creates the wheel file when you run it from within the root directory of the Python library's source folder.

A useful alternative to manually downloading Python packages for your app is the pip2pi Python package. It requires pip and you can install it on your development computer with the pip install pip2pi command. After you install this package, run the following command:

pip2tgz <target-directory> <Python package>

For example, the following command downloads the package's wheel, along with its dependencies, into the specified folder.

pip2tgz src_deps/pip/ pytest==2.8.2
pip2tgz src_deps/pip/ pytest

The python version number parameter is optional and you can use it to download specific versions of a package.

If you run the application on a different operating system, you can install all required packages that you mentioned in the TXT file by running:

cd ./src_deps/pip


Use the rpms folder to install extra Red Hat Enterprise Linux (RHEL) RPMs. The RPMs must be CentOs 7.4.1708 x86_64 compatible.

Once the application is installed or run through the Docker container, any RPM file within the rpms folder is installed. If you need to control the order of installation (usually for RPMs that have dependencies), add the ordering.txt file within the rpms folder and list the RPM file names in separate lines. This text file must include the names of files that are in the rpms folder. File names must be separated with a new line (UNIX line endings), in the order you want them installed.

When the app runs locally on the Docker container, the RPMs are installed. When the app runs locally (without a Docker container), the dependencies in this directory are only echoed to screen to let the user know what system dependencies might be required.


Dependencies that do not fit into the pip or rpms folders should be added to the init folder. The lines in this ordering.txt file (UNIX line endings) are run as shell commands during the installation of the app.

The ordering.txt executes as single-line commands only when you run the Guardium application through a Docker container. As with rpms, when running a Guardium application locally the commands do not run, but are echoed to screen, and are only written to the application console/log, as it's assumes you don’t need to automatically reinstall special packages on your local development machine. For example, you might want to install a collection of RPMs that has a complex dependency chain that is not explicitly known. In this use case, you add a .tar file that is called dependant_rpms.tar.gz to the init folder. You add the following commands to the ordering.txt file:
mkdir /src_deps/init/dependant_rpms
cd /src_deps/init
tar -xzvf dependant_rpms.tar.gz
yum -y localinstall --disablerepo=*dependant_rpms/*rpm
rm -rf dependant_rpms
Note: The --disablerepo=* switch in this example is used to prevent the yum from attempting to contact remote repositories on Guardium consoles that have no internet access.
This example uses yum's RPM auto-dependency resolution that installs a set of specified RPMs in the required order; If the RPMs are included in the rpms folder (see rpms), you must specify the installation order by yourself.