https://pantsbuild.org/ logo
Join Slack
Powered by
Hi Guys, after going through the docs and trying a...
# general
v
Hi Guys, after going through the docs and trying a bunch of things and searching in this channel, I am looking for a solution to my problem below: I have a particular package in the Pipfile as follows
Copy code
package = {version = "==1.0", editable = true, git = "https://${GITHUB_TOKEN}@github.com/githuborg/package@package-1.0"}
This works fine locally to generate Pipfile.lock, but when trying to package using pants, it keeps throwing this error and I am not able to find a solution:
Copy code
ERROR: Could not find a version that satisfies the requirement package==1.0
ERROR: No matching distribution found for package==1.0
I am sorry if this is a repeated question and if this is quite straightforward, but can someone help me with this? The env variable 
GITHUB_TOKEN
is something that is available in the local environment and will also be available to run in CI as well, as we have a CI pipeline for the project. I tried adding the following in pants.toml to get it to work, but it did not help:
Copy code
[subprocess-environment]
env_vars.add = ["GITHUB_TOKEN"]
b
Pants has a great debugging tool for most kinds of process issues like these. 
pants --keep-sandboxes=on_failure ...
Run your command with that flag and Pants won't cleanup the sandbox of any Process that failed. You can then try and re-run the command, see the output, twiddle bits, etc... and find out what's truly going on under the hood
1
l
v
Thanks, checking this now
Ok, looks like pants is trying to find the particular package using the pypi url itself and it fails after it hits the retry limit 
WARNING: Retrying (Retry(total=4, connect=None, read=None, redirect=None, status=None)) after connection broken by 'ProtocolError('Connection aborted.', RemoteDisconnected('Remote end closed connection without response'))’
I am not able to figure out how to force pants to look at a particular private github repo url for this package dependency
e
Pants doesn't even try. There is no consultation of either the 
"git"
or 
"ref"
lock keys here: https://github.com/pantsbuild/pants/blob/b625f09342aadd96a2882a32acce97d285034d64/src/python/pants/backend/python/macros/pipenv_requirements.py#L71-L88 So this is a bug in Pants Pipfile.lock handling @victorious-keyboard-86089.
v
Oh ok, thanks for letting me know. I was breaking my head wondering what I am doing wrong 😅 But, I also tried by specifically adding a 
python_requirement
to 
BUILD
as follows:
Copy code
python_requirement(
    name="package",
    requirements=["package@ git+<https://env>(GITHUB_TOKEN)@github.com/git_org/package@package-1.0"],
    dependencies=[":root#protobuf"],
)
This too kept failing after hitting max retries. I figured that it is not able to get the git url with the correct token for some reason. But I cannot really add the token directly anywhere and have to pass it as an environment variable. How do you suggest I go about this? Unfortunately, we are currently not allowed to use 
git+ssh
urls, which we were using previously and was working.
Just thought of this, what if I switch from pipenv to poetry? Does that handle this scenario? Has anyone tried or knows about it?
I believe this is the relevant code snippet in handling git urls as part of poetry requirements, but I don’t see any token handling. So does this assume support for public git only? 🤔 https://github.com/pantsbuild/pants/blob/b625f09342aadd96a2882a32acce97d285034d64/src/python/pants/backend/python/macros/poetry_requirements.py#[…]1
e
Thrashing to Poetry is unlikely to help here, Pants is still in the middle.
@victorious-keyboard-86089 as a sanity check, can pip handle that requirement?
v
Yes, running this works
Copy code
pip install package@ git+https://$GITHUB_TOKEN@github.com/git_org/package@package-1.0
e
I don't believe the 
env(...)
function is interpolated in strings by Pants: https://www.pantsbuild.org/docs/targets#environment-variables Have you tried an f-string?
v
Oops, I might have missed that 😬
e
Any way you want to construct the string is fine, just don't rely on magic to guess that's a function call buried in there.
v
Lol genuinely missed it, I tried way too many permutations and I remember it working once, after which it didn’t again. I think now I know why. Will let you know if that works (I think it will now). Thanks!
e
Ok, great.
So, Pex supports interpolation of 
$ENV_VAR
in requirement strings just like Pip. As long as Pants doesn't get in the way, you should just be able to use that + subprocess_environment instead of the env function.
v
So that would mean I run 
pants generate-lockfile
and have all dependencies in a requirements file and ditch pipenv?
e
My comment about 
$ENV
support is a bit orthogonal I think. For all I know, pipenv also supports env vars in (portions of) requirements.
But yes, one option is to ditch Pipenv. More generally using a Python venv manager (Pipenv, poetry, pdm, etc) with Pants doesn't make a whole lot of sense unless it supports legacy muscle memory or supports a transition period.
👍 1
v
Plot twist:
Copy code
File "BUILD", line 12
    requirements=["package@ git+<https://env>("GITHUB_TOKEN")@github.com/git_org/package@package-1.0"],
                                             ^
SyntaxError: invalid syntax
This is throwing syntax error now
l
do you just need to escape it? 
\"GITHUB_TOKEN\"
e
Yeah, @victorious-keyboard-86089 you're in knots at this point. That's a bare string again with an embedded env function.
v
😅
do you just need to escape it? 
\"GITHUB_TOKEN\"
Tried it, went back to
Copy code
ERROR: Could not find a version that satisfies the requirement package
ERROR: No matching distribution found for package
@enough-analyst-54434 What about updating the function 
parse_pipenv_requirements
and supporting 
"git"
and related keys of Pipfile.lock? I can perhaps work on it, but only in a month or so
The other option would be the one you suggested to generate lock files using a requirements file. Wondering if this string issue will occur there also? 🤔
e
As to the latter, I'm not sure. If the 
python_requirements
target works with pip-style 
$ENV_VAR
(no use of 
env
function), then requirements.txt should also work just fine.
👍 1
As to the former, @victorious-keyboard-86089 if you file a tracking issue for the Pipfile.lock git support and use that to track your progress, that would be great. Folks can help out as needed there
v
Got it, thanks @enough-analyst-54434
Open in Slack
PreviousNext
Powered by