Closed Bug 1407449 Opened 4 years ago Closed 4 years ago
redo requirements using constraints file
53 bytes, text/x-github-pull-request
|Details | Review|
Pip 7.1+ supports a constraints file which allows you to constrain which versions of dependencies are allowed to be installed. We can use this in conjunction with our requirements file such that we put first-order dependencies in the requirements file and all the things they depend on in the constraints file. Then deploys install only the things we need (first-order dependencies and the specific set of things they need) without us having to spend a lot of time maintaining the files. https://pip.pypa.io/en/stable/user_guide/#constraints-files This bug covers switching to requirements.txt + constraints.txt.
It's very likely this will affect deploys. However, I'm pretty sure the RPM building code is in the Socorro repo, so it's possible all the changes we need to make will be in the socorro repo.
Mike mentioned this earlier today. I'm going to assign this to him for now and let him pass it off to someone else as he so desires.
Assignee: nobody → mkelly
Commits pushed to master at https://github.com/mozilla-services/socorro https://github.com/mozilla-services/socorro/commit/a0c807c8cbb2040b29bc929848b64e453165427b Fix bug 1407449: Use a constraints file for our Python requirements. This splits the requirements.txt file into two: - requirements/default.txt, which contains direct dependencies that are used by Socorro. - requirements/constraints.txt, which contains dependencies of the direct dependencies, and the hashes that we accept for them. bootstrap.sh was updated to use this new format for the existing infrastructure, and Dockerfile was updated for the new infrastructure. The following dependencies were removed because they were either not used, or were dependencies of another dependency that was not used: - argparse - BeautifulSoup - certifi - cffi - cryptograph - futures - google - gunicorn - honcho - A Procfile existed in the repo root to be used by honcho, but it is out-of-date (it refers to the old middleware) and was also removed. - idna - ipaddress - mercurial - ndg - Paste - path - pgxnclient - This was only used by scripts/json-enhancements.sh, which is not used anymore and was also removed, along with its entry in Makefile. - pycparser - pyOpenSSL - sqlalchemy - toposort - uritemplate - wsgiref The following dependencies were moved to requirements/constraints.txt as they are not direct dependencies: - configobj - configparser - cssselect - decorator - django-jsonfield - enum34 - httplib2 - Mako - MarkupSafe - mccabe - py - pyasn1 - pyasn1-modules - pycodestyle - pyflakes - python-editor - rsa - sasl - simplejson - six - thrift - urllib3 https://github.com/mozilla-services/socorro/commit/38cf1d99efc3a2d8848b50ba2225bfa050e8f0e8 Merge pull request #4062 from Osmose/constraints Fix bug 1407449: Use a constraints file for our Python requirements.
Status: NEW → RESOLVED
Closed: 4 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.