[all] Lower-constraints in some projects broken - update your repos

Radosław Piliszek radoslaw.piliszek at gmail.com
Fri Apr 17 17:00:31 UTC 2020


Thanks, Andreas, for analysis.

I have more to add: in Zuul we rely on extra wheels. In the wild usually
only on PyPI ones.
This adds more flavour to lower-constraints breakage as py3 incompats make
their appearance in full, e.g.:

Collecting MarkupSafe==1.0
  Using cached MarkupSafe-1.0.tar.gz (14 kB)
    ERROR: Command errored out with exit status 1:
    Complete output (5 lines):
    Traceback (most recent call last):
      File "<string>", line 1, in <module>
      File "/tmp/pip-install-_vser3_6/MarkupSafe/setup.py", line 6, in
<module>
        from setuptools import setup, Extension, Feature
    ImportError: cannot import name 'Feature'

-yoctozepto

On Fri, Apr 17, 2020 at 6:53 PM Andreas Jaeger <aj at suse.com> wrote:

> Lower-constraints should test that the minimal requirements work together.
>
> The way we use the install-command in tox.ini, pip often ignores the
> constraints and install a newer package then requested.
>
> First Example: cloudkitty (see [1], [2] ,[3] , [4])
>
> The repo has:
>     install_command = pip install
> -c{env:UPPER_CONSTRAINTS_FILE:
> https://releases.openstack.org/constraints/upper/master}
> {opts} {packages}
> and in lower-constraints.txt:
>     "python-keystoneclient==1.9.0"
>
> And this runs the test with "keystoneclient==4.0.0" [1]
>
> Removing the install_command [3] or moving constraints from
> install_command into deps [2] gives
> "ERROR: Could not find a version that satisfies the requirement
> python-keystoneclient==1.9.0"
>
> So, this works as expected - but means this repo never tested what it
> expected to test.
>
> Second example: kolla-cli [5]
> Removing the install_command with constraints, suddenly
> lower-constraints fails with:
>     "Could not find a version that satisfies the requirement mypy==0.6"
>
> Same problem as with cloudkitty.
>
> I fear that  every repo that has constraints in its install_command has
> broken lower-constraints file. Just remove it and see that nothing works
> anymore ;/
>
> Therefore, I suggest for repos to remove install_command - the default
> is just fine in newer tox (3.x) - and fix their lower-constraints.txt to
> really test that the specified package versions work together.
>
> Information about lower-constraints.txt is at [6],
> Andreas
>
> References:
> [1] https://review.opendev.org/720767
> [2] https://review.opendev.org/720768
> [3] https://review.opendev.org/720770
> [4] https://review.opendev.org/720775
> [5] https://review.opendev.org/#/c/720754/3
> [6]
> https://docs.openstack.org/project-team-guide/dependency-management.html
> --
>  Andreas Jaeger aj at suse.com Twitter: jaegerandi
>   SUSE Software Solutions Germany GmbH, Maxfeldstr. 5, D 90409 Nürnberg
>    (HRB 36809, AG Nürnberg) GF: Felix Imendörffer
>     GPG fingerprint = EF18 1673 38C4 A372 86B1  E699 5294 24A3 FF91 2ACB
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-discuss/attachments/20200417/e0524c50/attachment-0001.html>


More information about the openstack-discuss mailing list