https://pantsbuild.org/ logo
Join Slack
Powered by
Plugin Question about updating from explicit const...
# plugins
a
Plugin Question about updating from explicit constraints to the resolved lockfiles: I'm trying to update our pants-docker plugin to install pip dependencies into a virtual-env (in the docker container) previously I would get the 
PythonSetup.requirement_constraints
to find the lockfile & copy that into the docker image, and then emit a pip install command using the constraints. I think I can do the same thing with the resolved lock files(s) but... I'm not sure how to get the name/contents of that file? I can find the normalized_value of 
PythonRequirementResolveField
but unless it's specified (I think?) it just is 'python-default'? should I just hardcode something in there? or... something? idk? is there.. an example how pex installs pip stuff? Also very open to the idea that i'm totally barking up the wrong tree! thanks!
Oh I guess what I’ll do is upgrade to the most recent version and then see what I need to do to change the functionality
h
Hi! Sorry for the delay, Nate! How many lockfiles are you currently using? If n == 1, this becomes much easier
a
right now it's one but we do have medium term plans to pull in another project to this repo! (I am going to upgrade as far as I can without worring about this so hopefully later today I can get to where this breaks) @hundreds-father-404 no worries about the delay!
h
Okay. The easiest migration path is to look up 
PythonSubsystem.resolves
to get the path to your 
n == 1
lockfile. Then treat it like you treated constraints.txt I recommend adding an AssertionError if n > 1, so that you know to redo this plugin when you have multiple resolves
🙏 1
a
rad that seems like a path forward!
h
are you using Pex lockfiles? Is that going to mess you up that it's not requirements-txt style? Generally, you can invoke 
pex3 lock export
by using Pex directly to convert to requirements.txt, although it's a lossy operation
although it's a lossy operation
I think the main challenge is platform-agnosticism. Pex lockfiles work with multiple platforms, whereas I want to say 
pex3 lock export
only works with the specified platform (defaulting to current). You may want to specify 
--platform
to Pex
a
hmmmm I would prefer to use requirements.txt style lockfiles so I can emit: 
pip install package==xyz -c lockfile.txt
into my dockerfile?
(but it looks like the lockfile I generated works for pip:
Copy code
(test) [nate@ragin-cajun pants-docker]$ pip install flask -c 3rdparty/python/default.lock
seems to work
h
until Pants 2.15, you can use Pex as the lockfile generator via 
[python].lockfile_generator
. But it has several issues, including sometimes issues with nonsensical environment markers for transitive deps, and not supporting 
[python-repos]
a
sorry not totally up on... how a a pex lockfile works but it currently seems compatible enough? is my alternative to set 
PANTS_GENERATE_LOCKFILES_CUSTOM_COMMAND
to use pip-compile to generate something?
h
I wouldn't expect 
pip install
to work with it.. is 
default.lock
a JSON file?
PANTS_GENERATE_LOCKFILES_CUSTOM_COMMAND
That solely impacts the comment in the header, not actually what Pants runs
a
my pants.toml just has 'enable_resolves=true' and my default.lock looks like this:
Copy code
ansicolors==1.1.8
attrs==22.1.0; python_version >= "3.7"
certifi==2022.9.24; python_version >= "3.7" and python_version < "4"
oh... it generated that using poetry - and is switching to pex I see (i'm currently working on 2.11 - which means my plugin code using 
PythonRequirementFileSourcesField
no longer works
h
ah yeah, 2.11 I think still uses Poetry by default because Pex was too immature
a
hmmm so I guess fundamentally I want to install all these packages into a docker image, with all of the transitive dependencies set to a pinned version, right now we generate a constraints file with pip-compile, I guess I'm gonna read over the 3rd party dependencies stuff to see what our options are
I guess - if I am going to enable lockfile support, which seems recommended - I still need to get a full accounting of the pinned (transitive) 3rd party dependencies. So I guess I could continue to use the requirement_constraints generated using pip-compile, or parse the pex lockfile to extract the versions that I want, and constrain pip using that? would there be some way to add a 
pip-tools
additional variant to the lockfile_generator option? would that entail a huge amount of work to be compatible with pex_binaries etc? (which is also able to generate hashes)
h
bump that you can use Pex to export into a requirements.txt style file, with every transitive dep pinned and with 
--hash
would there be some way to add a pip-tools additional variant to the lockfile_generator option? would that entail a huge amount of work to be compatible with pex_binaries etc? (which is also able to generate hashes)
we tried using pip-compile before switching to Poetry, then developing Pex. It had several issues, including that it does not attempt to support other platforms. A Linux-generated lockfile may fail on macOS
a
ok - sorry I wasn't following above, I think that makes sense I'll let you know if I have other questions
❤️ 1
sorry! I know this is kind of annoying cause a lot of this is just in the source, but if you know off the top of your head how to call the pex tool? Naively searching for a binary called 'Pex' didn't seem to work, and the pex plugin code seems complicated/it's a little hard to find the rule I want when I'm not sure what the specific appropriate request/response type would be?
Open in Slack
PreviousNext
Powered by