[openstack-dev] DevStack hacks requirements.txt et al

Sean Dague sean at dague.net
Wed Jun 18 11:32:05 UTC 2014

On 06/18/2014 01:57 AM, Clark Boylan wrote:
> On Tue, Jun 17, 2014 at 10:33 PM, Mike Spreitzer <mspreitz at us.ibm.com> wrote:
>> I have noticed that lately DevStack has been hacking requirements.txt in
>> most projects and test-requirements.txt in many.  Why is this being done?
>> Thanks,
>> Mike
>> _______________________________________________
>> OpenStack-dev mailing list
>> OpenStack-dev at lists.openstack.org
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
> This is being done to ensure that all projects are tested with a
> common reproduceable dependency list. Without doing this every project
> can install different versions of things based on the way pip resolves
> dependencies. It isn't intuitive and can cause us to not actually work
> with the dependencies advertised in requirements.txt.
> For example since we don't make requirements syncs happen in lockstep
> project A may depend on an older version of some dependency that is
> shared with project B. Pip will then install this older version for us
> and this older version is what gets tested. Then we update the
> dependency in project A and everything breaks because we actually
> needed the older version. It is also possible that project B
> absolutely requires the newer version that we have stated in
> requirements.txt (perhaps this is why requirements.txt says what it
> says), but if it gets the old version from project A now project B is
> broken.

Global requirements is about a year old, and was a direct reaction to
project growth to the point that we could no longer get all the projects
to sync requirements in a reasonable time frame.

Before we did it we would regularly install / uninstall python-keystone
client 6 times over the course of a devstack run, based on conflicting
project requirements.

It was *awesome*... (not)

The end result is you may or may not be testing with what you thought
you were supposed to be, and if a project used entry point plugins and
was installed at the wrong time, would explode on start, as the
requirements were changed under it.


Sean Dague

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 482 bytes
Desc: OpenPGP digital signature
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20140618/b384dc45/attachment.pgp>

More information about the OpenStack-dev mailing list