Pipenv dependency management #4477

reinvantveer · 2021-02-04T07:13:44Z

Description of the change:
Use Pipenv - the Python packaging authority recommended way - as a dependency resolution managemente system and vulnerability checker to install Python dependencies.

This PR is part of #4237 to work towards a more user-friendly way of doing reproducible local builds

Motivation for the change:
Python package dependency is best managed using a fit-for-purpose package manager that checks for dependency conflicts, separates wanted dependencies from required subdependencies and that is able to check for vulnerabilities. The proposed solution is fully backwards compatible.

Checklist

If the pull request includes user-facing changes, extra documentation is required:

Add a new changelog fragment in changelog/fragments (see changelog/fragments/00-template.yaml)
Add or update relevant sections of the docs website in website/content/en/docs

reinvantveer · 2021-02-04T07:16:35Z

Note that the commit list is rather long simply because I rebased and merged from upstream, but the Python version pinning and Docker image pinning were already merged.

reinvantveer · 2021-02-04T17:49:15Z

Yay, passed!

images/ansible-operator/Dockerfile

estroz · 2021-02-04T19:24:59Z

@reinvantveer looks like you need to rebase onto the latest master.

…erator-framework#4407) Signed-off-by: Eric Stroczynski <[email protected]> Signed-off-by: Rein van 't Veer <[email protected]>

…-framework#4431) Signed-off-by: Rein van 't Veer <[email protected]>

… a previous operator version doesn't exist (operator-framework#4448) * `run bundle-upgrade` should handle error gracefully when a previous operator version doesn't exist Signed-off-by: rashmigottipati <[email protected]> Signed-off-by: Rein van 't Veer <[email protected]>

…erator-framework#4449) Bumped to operator-framework/api. Signed-off-by: jesus m. rodriguez <[email protected]> Signed-off-by: Rein van 't Veer <[email protected]>

…g release (operator-framework#3431) Signed-off-by: Rein van 't Veer <[email protected]>

Signed-off-by: Rein van 't Veer <[email protected]>

…erator-framework#4462) Signed-off-by: Eric Stroczynski <[email protected]> Signed-off-by: Rein van 't Veer <[email protected]>

…projects (operator-framework#4419) Signed-off-by: Rein van 't Veer <[email protected]>

…ework#4445) internal/generatel/clusterserviceversion/bases/definitions: make the owned CRD generator package- and type-aware so multiple packages containing the same type names can be used. Signed-off-by: Eric Stroczynski <[email protected]> Signed-off-by: Rein van 't Veer <[email protected]>

* upgrade Python to v 3.8 * add change notes * add python to installation guide Signed-off-by: reinvantveer <[email protected]> Signed-off-by: Rein van 't Veer <[email protected]>

This commit modifies the suggested format for finalizers from <finalizer-name>.<qualified-group> to <qualified-group>/<finalizer-name>, which is the recommended format in k8s docs. This change is not breaking because technically any name format is allowed Signed-off-by: Eric Stroczynski <[email protected]> Signed-off-by: Rein van 't Veer <[email protected]>

…-framework#4471) * Fixed invalid object names generated for long package names * TrimDNS1123Label would trim strings but end up creating invalid DNS1123 strings. * FormatOperatorNameDNS1123 would return strings that were invalid if they begin or end with non-alphanumeric or hyphens. * Handle capitals and use more efficient trim mechanism * React to new expectation. Fixes operator-framework#4470 Signed-off-by: jesus m. rodriguez <[email protected]> Signed-off-by: Rein van 't Veer <[email protected]>

Signed-off-by: Rein van 't Veer <[email protected]>

…iption Signed-off-by: Rein van 't Veer <[email protected]>

…ub-dependencies and resolve potential conflicts Signed-off-by: Rein van 't Veer <[email protected]>

Signed-off-by: Rein van 't Veer <[email protected]>

Signed-off-by: Rein van 't Veer <[email protected]> Signed-off-by: reinvantveer <[email protected]>

…iption Signed-off-by: Rein van 't Veer <[email protected]> Signed-off-by: reinvantveer <[email protected]>

Signed-off-by: Rein van 't Veer <[email protected]> Signed-off-by: reinvantveer <[email protected]>

…iption Signed-off-by: Rein van 't Veer <[email protected]> Signed-off-by: reinvantveer <[email protected]>

Signed-off-by: Rein van 't Veer <[email protected]> Signed-off-by: reinvantveer <[email protected]>

…iption Signed-off-by: Rein van 't Veer <[email protected]> Signed-off-by: reinvantveer <[email protected]>

Signed-off-by: Rein van 't Veer <[email protected]> Signed-off-by: reinvantveer <[email protected]>

…iption Signed-off-by: Rein van 't Veer <[email protected]> Signed-off-by: reinvantveer <[email protected]>

Signed-off-by: Rein van 't Veer <[email protected]> Signed-off-by: reinvantveer <[email protected]>

… vulnerability checks in base site-packages Signed-off-by: Rein van 't Veer <[email protected]> Signed-off-by: reinvantveer <[email protected]>

Signed-off-by: Rein van 't Veer <[email protected]> Signed-off-by: reinvantveer <[email protected]>

…iption Signed-off-by: Rein van 't Veer <[email protected]> Signed-off-by: reinvantveer <[email protected]>

Signed-off-by: Rein van 't Veer <[email protected]> Signed-off-by: reinvantveer <[email protected]>

…iption Signed-off-by: Rein van 't Veer <[email protected]> Signed-off-by: reinvantveer <[email protected]>

Signed-off-by: Rein van 't Veer <[email protected]> Signed-off-by: reinvantveer <[email protected]>

…iption Signed-off-by: Rein van 't Veer <[email protected]> Signed-off-by: reinvantveer <[email protected]>

Signed-off-by: Rein van 't Veer <[email protected]> Signed-off-by: reinvantveer <[email protected]>

…iption Signed-off-by: Rein van 't Veer <[email protected]> Signed-off-by: reinvantveer <[email protected]>

Signed-off-by: Rein van 't Veer <[email protected]> Signed-off-by: reinvantveer <[email protected]>

… vulnerability checks in base site-packages Signed-off-by: Rein van 't Veer <[email protected]> Signed-off-by: reinvantveer <[email protected]>

Signed-off-by: Rein van 't Veer <[email protected]> Signed-off-by: reinvantveer <[email protected]>

…iption Signed-off-by: Rein van 't Veer <[email protected]> Signed-off-by: reinvantveer <[email protected]>

Signed-off-by: Rein van 't Veer <[email protected]> Signed-off-by: reinvantveer <[email protected]>

…iption Signed-off-by: Rein van 't Veer <[email protected]> Signed-off-by: reinvantveer <[email protected]>

…to pipenv_dependency_management # Conflicts: # images/ansible-operator/Dockerfile

reinvantveer · 2021-02-05T08:32:13Z

@reinvantveer looks like you need to rebase onto the latest master.

@estroz I'm in a spot of trouble here. I tried rebasing using git pull --rebase but now I apparently have 380 commits in this PR. How do I fix this? I'm a little in over my head here.

It appears I'm stuck in some kind of loop with failing rebases, merges, missing signoffs, forced pushes. I have no idea on how to get out of this.

reinvantveer · 2021-02-05T18:43:25Z

I'll try in a new PR

openshift-ci-robot requested review from jmrodri and joelanford February 4, 2021 07:13

reinvantveer mentioned this pull request Feb 4, 2021

Provide a way to replicate Ansible/Python environment of Docker image #4237

Closed

reinvantveer changed the title ~~Pipenv dependency management~~ WIP: Pipenv dependency management Feb 4, 2021

openshift-ci-robot added the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Feb 4, 2021

reinvantveer force-pushed the pipenv_dependency_management branch from 984be31 to ff9f845 Compare February 4, 2021 17:02

openshift-ci-robot added needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. and removed needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. labels Feb 4, 2021

reinvantveer changed the title ~~WIP: Pipenv dependency management~~ Pipenv dependency management Feb 4, 2021

openshift-ci-robot removed the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Feb 4, 2021

estroz reviewed Feb 4, 2021

View reviewed changes

images/ansible-operator/Dockerfile Show resolved Hide resolved

Eric Stroczynski and others added 16 commits February 5, 2021 09:16

(helm/v1,ansible/v1) fix download URLs and order of binary checks (op…

34838a1

…erator-framework#4407) Signed-off-by: Eric Stroczynski <[email protected]> Signed-off-by: Rein van 't Veer <[email protected]>

generate: respect project version when getting package name (operator…

856aa15

…-framework#4431) Signed-off-by: Rein van 't Veer <[email protected]>

Bug 1921727: Bundle validate should not fail because of warnings. (op…

6d392e4

…erator-framework#4449) Bumped to operator-framework/api. Signed-off-by: jesus m. rodriguez <[email protected]> Signed-off-by: Rein van 't Veer <[email protected]>

Bug fix: helm operator uninstall is not properly checking for existin…

7ebd5e1

…g release (operator-framework#3431) Signed-off-by: Rein van 't Veer <[email protected]>

Pin docker base images (operator-framework#4417)

d58ec3e

Signed-off-by: Rein van 't Veer <[email protected]>

run bundle{-upgrade}: validate --mode before running a bundle (op…

d7203be

…erator-framework#4462) Signed-off-by: Eric Stroczynski <[email protected]> Signed-off-by: Rein van 't Veer <[email protected]>

internal/plugins: add manifests and scorecard plugin keys to all …

fba8938

…projects (operator-framework#4419) Signed-off-by: Rein van 't Veer <[email protected]>

upgrade Python to v 3.8 (operator-framework#4413)

111b390

* upgrade Python to v 3.8 * add change notes * add python to installation guide Signed-off-by: reinvantveer <[email protected]> Signed-off-by: Rein van 't Veer <[email protected]>

explain what/why of the change

2f34128

Signed-off-by: Rein van 't Veer <[email protected]>

update to reflect pinning all images, rename change file to fit descr…

bfe1f9a

…iption Signed-off-by: Rein van 't Veer <[email protected]>

move Python package versions to pipenv dependency management to pin s…

a26b5f9

…ub-dependencies and resolve potential conflicts Signed-off-by: Rein van 't Veer <[email protected]>

WIP: pipenv check stubles over pyyaml

641a4e4

Signed-off-by: Rein van 't Veer <[email protected]>

reinvantveer and others added 25 commits February 5, 2021 09:26

explain what/why of the change

28cc5a3

Signed-off-by: Rein van 't Veer <[email protected]> Signed-off-by: reinvantveer <[email protected]>

update to reflect pinning all images, rename change file to fit descr…

f6c2e51

…iption Signed-off-by: Rein van 't Veer <[email protected]> Signed-off-by: reinvantveer <[email protected]>

explain what/why of the change

4d309d2

Signed-off-by: Rein van 't Veer <[email protected]> Signed-off-by: reinvantveer <[email protected]>

update to reflect pinning all images, rename change file to fit descr…

fbeb39d

…iption Signed-off-by: Rein van 't Veer <[email protected]> Signed-off-by: reinvantveer <[email protected]>

explain what/why of the change

5deebc0

Signed-off-by: Rein van 't Veer <[email protected]> Signed-off-by: reinvantveer <[email protected]>

update to reflect pinning all images, rename change file to fit descr…

2f41daf

…iption Signed-off-by: Rein van 't Veer <[email protected]> Signed-off-by: reinvantveer <[email protected]>

explain what/why of the change

d15e9dc

Signed-off-by: Rein van 't Veer <[email protected]> Signed-off-by: reinvantveer <[email protected]>

update to reflect pinning all images, rename change file to fit descr…

d02b2a5

…iption Signed-off-by: Rein van 't Veer <[email protected]> Signed-off-by: reinvantveer <[email protected]>

WIP: pipenv check stubles over pyyaml

24d7951

Signed-off-by: Rein van 't Veer <[email protected]> Signed-off-by: reinvantveer <[email protected]>

use env vars to force pipenv to clear caches; install packages and do…

8e73bae

… vulnerability checks in base site-packages Signed-off-by: Rein van 't Veer <[email protected]> Signed-off-by: reinvantveer <[email protected]>

explain what/why of the change

1c1cc96

Signed-off-by: Rein van 't Veer <[email protected]> Signed-off-by: reinvantveer <[email protected]>

update to reflect pinning all images, rename change file to fit descr…

cc0369f

…iption Signed-off-by: Rein van 't Veer <[email protected]> Signed-off-by: reinvantveer <[email protected]>

explain what/why of the change

919729d

Signed-off-by: Rein van 't Veer <[email protected]> Signed-off-by: reinvantveer <[email protected]>

update to reflect pinning all images, rename change file to fit descr…

fd0e6b2

…iption Signed-off-by: Rein van 't Veer <[email protected]> Signed-off-by: reinvantveer <[email protected]>

explain what/why of the change

42fe116

Signed-off-by: Rein van 't Veer <[email protected]> Signed-off-by: reinvantveer <[email protected]>

update to reflect pinning all images, rename change file to fit descr…

ba370a7

…iption Signed-off-by: Rein van 't Veer <[email protected]> Signed-off-by: reinvantveer <[email protected]>

explain what/why of the change

0a059e2

Signed-off-by: Rein van 't Veer <[email protected]> Signed-off-by: reinvantveer <[email protected]>

update to reflect pinning all images, rename change file to fit descr…

f9a7e4c

…iption Signed-off-by: Rein van 't Veer <[email protected]> Signed-off-by: reinvantveer <[email protected]>

WIP: pipenv check stubles over pyyaml

d1d57ef

Signed-off-by: Rein van 't Veer <[email protected]> Signed-off-by: reinvantveer <[email protected]>

use env vars to force pipenv to clear caches; install packages and do…

b33a2cd

… vulnerability checks in base site-packages Signed-off-by: Rein van 't Veer <[email protected]> Signed-off-by: reinvantveer <[email protected]>

explain what/why of the change

799f936

Signed-off-by: Rein van 't Veer <[email protected]> Signed-off-by: reinvantveer <[email protected]>

update to reflect pinning all images, rename change file to fit descr…

d1b556e

…iption Signed-off-by: Rein van 't Veer <[email protected]> Signed-off-by: reinvantveer <[email protected]>

explain what/why of the change

d6959ca

Signed-off-by: Rein van 't Veer <[email protected]> Signed-off-by: reinvantveer <[email protected]>

update to reflect pinning all images, rename change file to fit descr…

03a435d

…iption Signed-off-by: Rein van 't Veer <[email protected]> Signed-off-by: reinvantveer <[email protected]>

Merge remote-tracking branch 'origin/pipenv_dependency_management' in…

8b36288

…to pipenv_dependency_management # Conflicts: # images/ansible-operator/Dockerfile

reinvantveer closed this Feb 5, 2021

reinvantveer deleted the pipenv_dependency_management branch February 5, 2021 18:41

reinvantveer mentioned this pull request Feb 5, 2021

Pipenv #4494

Merged

2 tasks

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Pipenv dependency management #4477

Pipenv dependency management #4477

Uh oh!

reinvantveer commented Feb 4, 2021 •

edited

Loading

Uh oh!

reinvantveer commented Feb 4, 2021

Uh oh!

reinvantveer commented Feb 4, 2021

Uh oh!

Uh oh!

estroz commented Feb 4, 2021

Uh oh!

reinvantveer commented Feb 5, 2021 •

edited

Loading

Uh oh!

reinvantveer commented Feb 5, 2021

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

20 participants

Pipenv dependency management #4477

Pipenv dependency management #4477

Uh oh!

Conversation

reinvantveer commented Feb 4, 2021 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

reinvantveer commented Feb 4, 2021

Uh oh!

reinvantveer commented Feb 4, 2021

Uh oh!

Uh oh!

estroz commented Feb 4, 2021

Uh oh!

reinvantveer commented Feb 5, 2021 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

reinvantveer commented Feb 5, 2021

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

20 participants

reinvantveer commented Feb 4, 2021 •

edited

Loading

reinvantveer commented Feb 5, 2021 •

edited

Loading