-
Notifications
You must be signed in to change notification settings - Fork 791
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
freeze environment in hub image #1562
Conversation
and more docstrings
Updates with last commit, after learning a bit about pip-compile. Now that
|
since all dependencies are actually pinned in requirements.txt until the freeze command updates them only kubernetes is left pinned, maybe even that shouldn't be?
no changes to environment at all, just the comment about why cryptography is installed
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Excellent work! I've considered:
- Renaming of some variables to be more descriptive
- More descriptive docstrings
- To perhaps treat packages that are outdated differently if they are not part of
requirements.in
and/orrequirements.txt
when reporting about them. Also, like you comment, what to do about updates when they are outside the bound of the pinning withinrequirements.in
? They may still have an update within the bound, so we are left not knowing for sure what goes on.
- specify custom compile command - more detailed docstrings - avoid using image to mean too many things
make it conditional on building in the dependencies wrapper
updates all dependencies
Builds fails due to sphinx 3.0.0 is out and that have introduced an issue for circleci. |
@minrk I tried this out and I love it, this is brilliant! |
separates our 'loose' dependencies that we specify from the pinned environment.
Adds a
dependencies
script to the hub image, which wraps runningpip-compile
andpip list --outdated
in the image to try to automate the process of keeping these things up-to-date.How it works:
./dependencies freeze
runspip-compile
in the final image to generate requirements.txt. This ensures the environment is the same without maintaining a separate image, at the expense of building the image more often than is strictly necessary./dependencies outdated
runspip list --outdated
in the final image (after installing from the current requirements.txt) and gives a report of what packages are out-of-dateFor example, running
./dependencies outdated
immediately after writing it gave me this output:I updated
requirements.in
to havejupyterhub-firstuseauthenticator==0.13.*
and re-ran
./dependencies freeze
, which produced ff9873bTODO:
pip-compile --upgrade-package X
?This only works within the ranges pinned in requirements.in, so suggests that we remove most pins there.