From 11058efc133d8f15ecf373b13cb94d1d85387416 Mon Sep 17 00:00:00 2001 From: Christian von Schultz Date: Sun, 2 Jul 2023 15:22:32 +0200 Subject: [PATCH 1/2] feat: Add setting generate_hashes for requirements Add the new parameter `generate_hashes` (default True) to `compile_pip_requirements()`, letting the user control whether to put `--hash` entries in the requirements lock file generated. In particular if the generated file is supposed to be used as a constraints file the hashes don't make much sense. Fixes bazelbuild/rules_python#894. --- docs/pip.md | 5 +++-- python/pip_install/requirements.bzl | 4 +++- .../dependency_resolver/dependency_resolver.py | 1 - tests/compile_pip_requirements/BUILD.bazel | 16 ++++++++++++++++ .../requirements_nohashes_lock.txt | 10 ++++++++++ 5 files changed, 32 insertions(+), 4 deletions(-) create mode 100644 tests/compile_pip_requirements/requirements_nohashes_lock.txt diff --git a/docs/pip.md b/docs/pip.md index 8ad5b6903a..6b96607bc0 100644 --- a/docs/pip.md +++ b/docs/pip.md @@ -29,8 +29,8 @@ whl_library_alias(name, name, extra_args, extra_deps, py_binary, py_test, requirements_in, - requirements_txt, requirements_darwin, requirements_linux, +compile_pip_requirements(name, extra_args, extra_deps, generate_hashes, py_binary, py_test, + requirements_in, requirements_txt, requirements_darwin, requirements_linux, requirements_windows, visibility, tags, kwargs) @@ -57,6 +57,7 @@ be checked into it to ensure that all developers/users have the same dependency | name | base name for generated targets, typically "requirements". | none | | extra_args | passed to pip-compile. | [] | | extra_deps | extra dependencies passed to pip-compile. | [] | +| generate_hashes | whether to put hashes in the requirements_txt file. | True | | py_binary | the py_binary rule to be used. | <function py_binary> | | py_test | the py_test rule to be used. | <function py_test> | | requirements_in | file expressing desired dependencies. | None | diff --git a/python/pip_install/requirements.bzl b/python/pip_install/requirements.bzl index 86fd408647..84ee203ffd 100644 --- a/python/pip_install/requirements.bzl +++ b/python/pip_install/requirements.bzl @@ -21,6 +21,7 @@ def compile_pip_requirements( name, extra_args = [], extra_deps = [], + generate_hashes = True, py_binary = _py_binary, py_test = _py_test, requirements_in = None, @@ -49,6 +50,7 @@ def compile_pip_requirements( name: base name for generated targets, typically "requirements". extra_args: passed to pip-compile. extra_deps: extra dependencies passed to pip-compile. + generate_hashes: whether to put hashes in the requirements_txt file. py_binary: the py_binary rule to be used. py_test: the py_test rule to be used. requirements_in: file expressing desired dependencies. @@ -88,7 +90,7 @@ def compile_pip_requirements( loc.format(requirements_darwin) if requirements_darwin else "None", loc.format(requirements_windows) if requirements_windows else "None", "//%s:%s.update" % (native.package_name(), name), - ] + extra_args + ] + (["--generate-hashes"] if generate_hashes else []) + extra_args deps = [ requirement("build"), diff --git a/python/pip_install/tools/dependency_resolver/dependency_resolver.py b/python/pip_install/tools/dependency_resolver/dependency_resolver.py index ceb20db7ef..e277cf97c1 100644 --- a/python/pip_install/tools/dependency_resolver/dependency_resolver.py +++ b/python/pip_install/tools/dependency_resolver/dependency_resolver.py @@ -153,7 +153,6 @@ def _locate(bazel_runfiles, file): os.environ["CUSTOM_COMPILE_COMMAND"] = update_command os.environ["PIP_CONFIG_FILE"] = os.getenv("PIP_CONFIG_FILE") or os.devnull - sys.argv.append("--generate-hashes") sys.argv.append("--output-file") sys.argv.append(requirements_file_relative if UPDATE else requirements_out) sys.argv.append( diff --git a/tests/compile_pip_requirements/BUILD.bazel b/tests/compile_pip_requirements/BUILD.bazel index 87ffe706dd..661eaa1e90 100644 --- a/tests/compile_pip_requirements/BUILD.bazel +++ b/tests/compile_pip_requirements/BUILD.bazel @@ -33,6 +33,22 @@ compile_pip_requirements( requirements_txt = "requirements_lock.txt", ) +compile_pip_requirements( + name = "requirements_nohashes", + data = [ + "requirements.in", + "requirements_extra.in", + ], + extra_args = [ + "--allow-unsafe", + "--resolver=backtracking", + ], + generate_hashes = False, + requirements_in = "requirements.txt", + requirements_txt = "requirements_nohashes_lock.txt", +) + + genrule( name = "generate_os_specific_requirements_in", srcs = [], diff --git a/tests/compile_pip_requirements/requirements_nohashes_lock.txt b/tests/compile_pip_requirements/requirements_nohashes_lock.txt new file mode 100644 index 0000000000..2b08a8eb6c --- /dev/null +++ b/tests/compile_pip_requirements/requirements_nohashes_lock.txt @@ -0,0 +1,10 @@ +# +# This file is autogenerated by pip-compile with Python 3.9 +# by the following command: +# +# bazel run //:requirements_nohashes.update +# +pip==22.3.1 + # via -r requirements.in +setuptools==65.6.3 + # via -r requirements_extra.in From 611458cb839e61aeb87826e32d1c5eb0c97402b5 Mon Sep 17 00:00:00 2001 From: Christian von Schultz Date: Sun, 2 Jul 2023 15:38:57 +0200 Subject: [PATCH 2/2] Remove extra line (buildifier fix) Buildifier thinks there's an empty line too much. Fix the complaint. --- tests/compile_pip_requirements/BUILD.bazel | 1 - 1 file changed, 1 deletion(-) diff --git a/tests/compile_pip_requirements/BUILD.bazel b/tests/compile_pip_requirements/BUILD.bazel index 661eaa1e90..ad5ee1a9d7 100644 --- a/tests/compile_pip_requirements/BUILD.bazel +++ b/tests/compile_pip_requirements/BUILD.bazel @@ -48,7 +48,6 @@ compile_pip_requirements( requirements_txt = "requirements_nohashes_lock.txt", ) - genrule( name = "generate_os_specific_requirements_in", srcs = [],