Note the canonical active version of this project lives at http://github.com/whitmo/CheesePrism
A simple application for managing a static python package index. It borrows heavily from BasketWeaver and cheese_emporium. It leverages pip and setuptools/distribute for various package management tasks.
There are 3 main ways to get your CheesePrism up and running depending on your particular needs.
'Strap it:
Download the most current strap file that contains CheesePrism and all of it's dependencies from the strappery:
$ curl https://github.com/downloads/whitmo/Strap/CheesePrism.strap.pybundle $ python CheesePrism.strap.pybundle new-prism-envIf you are already in an activated virtualenv, the prism is installed there.
Pip install the package from pypi:
Activate your virtual env. Then either check out the code to your chosen location:
$ git clone git://github.com/SurveyMonkey/CheesePrism.gitand install:
$ cd CheesePrism; pip install -e ./Pip install the source:
Use pip to clone and install directly to
$VIRTUAL_ENV/src
:$ pip install git+git://github.com/SurveyMonkey/CheesePrism.git#egg=CheesePrism $ cd $VIRTUAL_ENV/src/cheeseprism
If you have installed the source, to run the tests, first install the test requirements:
$ cd CheesePrism $ pip install -r tests-require.txt
Then:
$ nosetests -vv
This will run tests and spit out coverage.
The following will start the application and a static file server for CheesePrism suitable for testing and development:
$ paster serve development.ini
You will need to install PasteScript
in order to run this command (easy_install PasteScript
).
If you have not installed the source (ie. you installed the package or from the strap file), you will need to copy the development.ini to a convient location.
You will also need to set the ini key cheeseprism.file_root
to the
directory you wish your index files to live in.
This directory may not exist yet, or could be an empty directory. If the directory contains well formed archives, it will build the index from what it finds there.
CheesePrism
doesn't pretend that it or python servers in general
excel at serving flat files.
For a more durable and performantized setup, you will want to split the serving between a wsgi host for the management application and a industrial strength file server (say nginx).
See doc/sample-nginx.conf
and replace alias CheesePrism/files;
and
alias CheesePrism/static
with your fileroot and static filepath.
.. todo:: have start up announce static and file_root (and document)
Use the prod.ini (edited for your setup) for simplest serving. Be sure
to remove such things as pyramid.includes = pyramid_debugtoolbar
if security is a concern:
$ paster serve prod.ini
Sane people use something like upstart or supervisord to manage this process.
CheesePrism understand the upload interface of pypi. This means for
python2.6 and better you can setup your ~/.pypirc
and then upload to
your prism as you would pypi:
[distutils] index-servers = pypi local [pypi] username:user password:secret [local] # your prism of fromage username:user password:secret repository:http://mycheese/simple
The you can upload a source ala:
$ cd /src/MyAwesomePyPkg $ python setup.py sdist upload -r local
Note: The prism currently has the most basic support for pypi's basic auth scheme. This mainly exists for the purpose of grabbing the identity of who puports to be uploading a package, rather than any actual security. If you need more, it should provide a starting point for extension (see pyramid documentation for more information on extending pyramid apps).
Now your package is available for install from your prism:
$ pip install -i http://mycheese/index/ MyAwesomePyPkg
All dependencies of MyAwesomePyPkg
will also come from your prism,
so make sure they are there (coming feature will inspect your release
and do the needful).
There are 3 main ways to load files:
If you put archives into the file root of your index and restart the app, it will generate index entries for them. There are plans to make this automagical soon so a restart is not required.
Through the 'Load Requirements' page you may upload a pip requirements files that CheesePrism will use to populate your index. Easiest way to create a pip requirements file for a virtualenv?:
$ pip freeze -l > myawesomerequirement.txtUse the "Find Package" page to search pypi and load packages into the index. Currently this utilizes some state change on GET but does remain idempotent (to be fixed soon).
There is also rudimentary read only json api:
$ curl GET http://mycheese/index/index.json
The resulting json is a hash of objects keyed by md5 hashes of each archive. Let's imagine our index only holds webob:
{u'1b6795baf23f6c1553186a0a8b1a2621':{u'added': 1325609450.792506, u'filename': u'WebOb-1.2b2.zip', u'name': u'WebOb', u'version': u'1.2b2'}}
Files may be added to the index from pypi via a not so RESTful interface
that will soon go away. Provided name
and version
exist in PyPi, the
following will download the file from pypi and register it with the index:
$ curl GET http://mycheese/package/{name}/{version}
Some features we plan to implement in the near future:
Multi-index support: The general idea is that you can evolve indexes rather like requirements files but by explicit limiting of membership in a group rather than specification that requires talking to an external index. One archive might exist in multiple indexes (but always serve from same location to preserve pip caching).
This would include a ui for select member archives to compose an new index as well as cloning and extending an existing index.
Less crap work: automatic dependency loading for releases and packages loaded via find packages. A file watcher for the repo that rebuilds the appropriate parts of the index when files are added and removed.
Better readonly api: versions.json for each package with the data in index.json provided in a more easily consumable fashion.
Better REST: Make
POST /packages/{name}/{version}
to grab a package from PyPi. MakeGET /packages/{name}/{version}
provide data about the package and indicate whether the package current lives in index or not.Proper sphinx documentation: yup.
Pull requests welcome!
I'm on freenode at #pyramid, #surveymonkey, or #distutils as
whit
most days if you have questions or comments.