Open Stack

One thing I've noticed over the last month or so looking at many
projects requirements handling is that many projects have deps
statements in tox.ini.

There are a couple of nuances here I want to call out - and I want
advice on where to document for people to find this.

Firstly, this:

deps = -r{toxinidir}/requirements.txt

Is redundant: pbr reflects the package dependencies from
requirements.txt into the sdist that tox builds. The only reason to
use requirements.txt directly is if there are dependencies that pbr
can't reflect. This includes all URL based dependencies (today). So -
the only projects that need to use this line today are neutron
split-out services, because everyone else should be strictly
describing their dependencies as packages. Once we get constraints up
and running for tox, even this case can be handled more directly - and
we'll get ZUUL_REF support for running dependencies via git checkouts
too.

Then there is this:

deps = -r{toxinidir}/test-requirements.txt

This is ok. We're likely going to transition away from this, but thats
still being formalised in oslo, and we're not ready to roll it out en
masse yet. When we are it will become something like:
deps = .[test]

Finally, these things are all problematic:
deps = doc8 # or hacking, or flake8, or $ANYTHING
deps = {variable}
deps = {toxinidir}/test-requirements-py3.txt

The -py3 one is problematic because it breaks dependencies in
universal wheels. We're now ready to deprecate this in pbr (but not
remove - backwards compat is for life :)).

The other two are problematic because they are not synchronised with
global-requirements and that leads to things being out of sync across
the project, which leads to non-coinstallability and confusion.

-Rob

-- 
Robert Collins <rbtcollins at hp.com>
Distinguished Technologist
HP Converged Cloud