fix: Adapt to support latest pipenv version
#718
Conversation
|
would be awesome if this PR could be reviewed fast. |
lib/pipenv.js
Outdated
| @@ -32,7 +32,14 @@ async function pipfileToRequirements() { | |||
| try { | |||
| res = await spawn( | |||
| 'pipenv', | |||
| ['lock', '--requirements', '--keep-outdated'], | |||
| ['lock', '--keep-outdated'], | |||
There was a problem hiding this comment.
does it make sense to retain this command spawn if its result is anyway overridden by the new requirements --hash command?
There was a problem hiding this comment.
pipenv lock command
generates Pipfile.lock file
https://pipenv.pypa.io/en/latest/cli/#pipenv-lock
pipenv requirements command
requires a Pipfile.lock file to run
https://pipenv.pypa.io/en/latest/cli/#pipenv-requirements
but I guess when running this plugin the Pipfile.lock is already there on place so it should be ok to remove as you say. but I am a bit to new to python and this plugin to be 100% sure to be honest.
There was a problem hiding this comment.
i see. so perhaps it's needed if some repo lacks the lock file?
There was a problem hiding this comment.
This is a needed fix. With the deprecated --requirements param I get this error:
Error: pipenv lock --requirements --keep-outdated Exited with code 2
I removed this parameter on my local code and works.
|
Any update on this issue? I am impacted by this issue and it looks like the PR is languishing while waiting for a review. |
|
Thanks a lot, @andidev - it looks like there are some failing tests, but I believe it's a problem with the whole test suite in general. I'll try to stabilize it in the coming days and we can come back to this PR |
|
Hey @andidev 👋 I think the tests should be pretty stable now, do you think you could rebase against the current main branch? Thanks in advance 🙇 |
andidev
dismissed stale reviews from Zwirek009, douglasmoraisdev, and xncbf
via
03e2bcf
andidev
force-pushed
the
support-latest-pipenv
branch
from
9d15ee4 to
03e2bcf
Compare
|
@pgrzesik done! |
|
Hey @andidev, thanks a lot. It looks like the tests on CI are failing, could you please look into that? |
andidev
force-pushed
the
support-latest-pipenv
branch
from
03e2bcf to
cda6faa
Compare
|
@pgrzesik yeah so it was some prettier stuff not formatted. |
|
Hey @andidev - it failed on prettier in the first job, but other too also failed with tests that failed, please see: https://github.com/serverless/serverless-python-requirements/actions/runs/3155560666/jobs/5138325172 As for autoformatting on commit - that's a good suggestion for an improvement 👍 |
|
Looks like |
|
@andidev Created a PR for your fork to fix the pipenv tests - was missing a
Had a successful run on my fork (ignore the commit message failure): https://github.com/rwestergren/serverless-python-requirements/actions/runs/3165785814/jobs/5155070848 |
andidev
force-pushed
the
support-latest-pipenv
branch
from
29a0a43 to
b317d6f
Compare
|
So it should be possible to merge now. @rwestergren thanks! |
There was a problem hiding this comment.
Thanks a lot @andidev and @rwestergren 🙇 I have a few questions before we finalize this PR, the major one around it being a potentially breaking change.
| @@ -45,7 +45,7 @@ jobs: | |||
| run: python -m pip install --force setuptools wheel | |||
|
|
|||
| - name: Install pipenv / poetry | |||
| run: python -m pip install pipenv==2021.11.5 poetry | |||
There was a problem hiding this comment.
Maybe at this point we could remove the pinned pipenv version here - I added it temporarily to stabilize tests and be able to merge other PRs
lib/pipenv.js
Outdated
| cwd: this.servicePath, | ||
| } | ||
| ); | ||
| res = await spawn('pipenv', ['lock', '--keep-outdated'], { |
There was a problem hiding this comment.
This feels to me like a change that might be potentially breaking for people on some older pipenv versions. Do you know if there's a minimal pipenv version needed for these two commands?
There was a problem hiding this comment.
It's definitely breaking for some older versions as there was no requirements command. Could you please verify which version of pipenv is now required? We should specify it in docs
tests/pipenv/Pipfile.lock
Outdated
| @@ -0,0 +1,281 @@ | |||
| { | |||
There was a problem hiding this comment.
Is there a reason to commit lock here? I think we could leave it out
There was a problem hiding this comment.
Lock file is needed for the tests, otherwise Pipfile.lock must exist to use --keep-outdated!
There was a problem hiding this comment.
So, that changes the previous behavior where lock file was not needed? What if we just start a new project with intention of managing the dependencies with Pipfile? Is it going to fail too on the first run?
There was a problem hiding this comment.
These tests are for pipenv specifically and I'm not familiar with a scenario where lock isn't expected. To my knowledge, it should always be created at first usage.
There was a problem hiding this comment.
The very basic scenario is where you are just starting out the project for the first time and you don't have Pipfile.lock generated yet.
I've just tested it locally and this PR breaks in that scenario. We need to have a way to still support situations where someone is just starting out. In old implementation, in such case, it's progressing correctly and it generates Pipfile.lock. cc @andidev
There was a problem hiding this comment.
I was looking into it a bit more, and it seems like there's not good workflow at the moment for fresh projects that do not have Pipfile.lock generated yet. I think one option would be to first check for existence of Pipfile.lock, if it's avaialble, we should run the commands as proposed in this PR. If it's not present, we should skip adding the --keep-outdated flag as it crashes the lock command when there's not Pipfile.lock. What do you think?
There was a problem hiding this comment.
It seems to me both commands actually require a Pipfile.lock
[pipenv-test]$ pipenv requirements --hash
...
FileNotFoundError: [Errno 2] No such file or directory: '/tmp/pipenv-test/Pipfile.lock'At this point, I personally think a lockfile should be a prerequisite for pipenv support in this project, since it generally seems to be for pipenv itself.
There was a problem hiding this comment.
I agree that pipenv requirements --hash requires Pipfile.lock, as its generating requirements.txt from the lockfile.
The problem that I'm bringing up is the fact that if we accept the PR as-is, then we're breaking the functionality for users that are using the file on a new project or want to remove Pipfile.lock in order to regenerate it during deploy. In previous (current) implementation, if lockfile is not present, it is generated automatically for you. In proposed implementation, you run into an error and in order to resolve it, you need to somehow manually generate Pipfile.lock e.g. by running pipfile lock command. It seems to me like this is a way worse experience and I don't see why we wouldn't want to support generating lockfile if it doesn't exist.
What do you think @rwestergren @andidev?
|
What's the current status of this? Currently using @andidev's feature branch, merging this PR would unblock me. |
|
Hey @evanatlas, there are still some outstanding issues with the proposed implementation that are blocking finalization. @andidev Do you think you'll have time to address them in the coming days? If not, I can pick it up and finalize this PR probably by the end of the week. Let me know 💯 |
pgrzesik
force-pushed
the
support-latest-pipenv
branch
from
ce329e6 to
2f1e440
Compare
pgrzesik
force-pushed
the
support-latest-pipenv
branch
2 times, most recently
from
96b32ee to
a9e5ef0
Compare
|
@pgrzesik |
|
Thanks, @andidev, as you can see I kinda already did, I'm planning to release a new major version of the plugin in the coming days so I wanted to include that as it will include a breaking change for people on older |
pgrzesik
force-pushed
the
support-latest-pipenv
branch
8 times, most recently
from
6f1b801 to
6576dbc
Compare
pgrzesik
force-pushed
the
support-latest-pipenv
branch
from
6576dbc to
1766993
Compare
pgrzesik
changed the title
pipenv version
|
Thanks everyone for addressing this issue. I'm looking forward to the release. |
As mentioned in issue #716
pipenv lock --requirements --keep-outdatedcommand no longer works and throws an error since--requirementsflag has been deprecated and is now removed in latest version of pipenv (versions larger then or equal to 2022.8.13).In this fix
pipenv requirements --hashis now called afterpipenv lock --keep-outdatedinstead of passing the removed--requirementsflag.Tested to serverless deploy with this fix and it works.