On 1/15/2015 5:41 PM, Sean Dague wrote:
On 01/15/2015 06:25 PM, Joe Gordon wrote:
We can side step the dependency graphing and ordering issue by looking
at the list of curently installed packages via pip freeze and not
installing dependencies (pip install --no-deps)

After looking into this further here are the known issues:

* Partial capping won't work [0], so we need to pin all dependencies, we
can generate this list per file via "pip install -r" and "pip freeze",
but this doesn't address the issue of apt-get vs pip install. For
example in the stable gate we use suds 0.4.1 but only suds 0.4.0 is
available via pip.
* Not all packages are installed in are standard dsvm-tempest env, so
using pip-freeze from that isn't enough
* We need to run this per requirements file and move to using pip
install --no-deps everywhere. As the global-requirements sync wouldn't
work the first time since files don't list all transient dependencies yet.

So that's basically writing our own dependency system entirely, and
skipping pip's (vs. fudging around pip's issues). I expect that's going
to go poorly in the OpenStack ecosystem realm because a lot of very
repetitive manual analysis will need to be done on each project. And if
we want to bump a cap, regenerating all the graphs becomes another
manual process.

* We can still break if a package version is removed from pypi
* in pip-freeze we sometimes install versions lower then our minimum
version (python-libvirt!)

That's because python-libvirt is not in any requirements.txt file, so
we're taking the system version.

It's in test-requirements.txt, but not for long. [1]


[1] https://review.openstack.org/#/c/150148/



Matt Riedemann

OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe

Reply via email to