On 01/15/2015 06:25 PM, Joe Gordon wrote:
> We can side step the dependency graphing and ordering issue by looking
> at the list of curently installed packages via pip freeze and not
> installing dependencies (pip install --no-deps)
> 
> After looking into this further here are the known issues:
> 
> * Partial capping won't work [0], so we need to pin all dependencies, we
> can generate this list per file via "pip install -r" and "pip freeze",
> but this doesn't address the issue of apt-get vs pip install. For
> example in the stable gate we use suds 0.4.1 but only suds 0.4.0 is
> available via pip.
> * Not all packages are installed in are standard dsvm-tempest env, so
> using pip-freeze from that isn't enough
> * We need to run this per requirements file and move to using pip
> install --no-deps everywhere. As the global-requirements sync wouldn't
> work the first time since files don't list all transient dependencies yet.

So that's basically writing our own dependency system entirely, and
skipping pip's (vs. fudging around pip's issues). I expect that's going
to go poorly in the OpenStack ecosystem realm because a lot of very
repetitive manual analysis will need to be done on each project. And if
we want to bump a cap, regenerating all the graphs becomes another
manual process.

> * We can still break if a package version is removed from pypi
> * in pip-freeze we sometimes install versions lower then our minimum
> version (python-libvirt!)

That's because python-libvirt is not in any requirements.txt file, so
we're taking the system version.

        -Sean

-- 
Sean Dague
http://dague.net

__________________________________________________________________________
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

Reply via email to