On 2020-04-18 17:22:38 +0200 (+0200), Radosław Piliszek wrote:
On Sat, Apr 18, 2020 at 5:18 PM Jeremy Stanley <fungi@yuggoth.org> wrote:
On 2020-04-18 16:18:24 +0200 (+0200), Radosław Piliszek wrote:
On Sat, Apr 18, 2020 at 2:56 PM Jeremy Stanley <fungi@yuggoth.org> wrote: [...]
In what way is it not enforced? Or put another way, what were you expecting it to enforce which it doesn't?
Oh, I mean the lockfile part. If lower-constraints jobs pass without enforcing each transitive dependency, then it's not enforced in this way. [...]
I wouldn't mind digging into a specific example of this. It seems likely to be one (or more) of: <snip>
Be my guest. The case is about *transitive* dependencies, not direct. See the already mentioned kolla-cli change. [1] This is what is not enforced (except for Sean's legit -1 :-) ).
Thanks. So you're asserting that the problem here is that 720754,4 has a passing openstack-tox-lower-constraints build but you think it should not? Can you explain little more as to why you think it should have failed? I see you removing a bunch of package versions from the constraints list, but that's not what the job is intended to catch. It's there to find out if tests pass using the versions you're saying you want installed. If that's the concern, it's like saying a job should fail if you remove some tests from it. We run jobs to tell us if the things we want to test work, not to tell us that we've stopped testing something (coverage jobs being an obvious exception there). What I would consider a problem with the job is if the constraints file specified one version of a package but a different version of that package got installed instead. If *that's* what's happening (though skimming the logs I don't see any evidence of it) then I agree something is wrong and we should seek to fix it. I did at least double-check that the entries you've left in lower-constraints.txt match those pip installed according to tox/lower-constraints-1.log so it looks to me like its working as designed. -- Jeremy Stanley