Pin test dependencies #5715
Merged
Pin test dependencies #5715
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Codecov Report
@@ Coverage Diff @@
## main #5715 +/- ##
=======================================
Coverage 89.83% 89.84%
=======================================
Files 608 608
Lines 51881 51881
=======================================
+ Hits 46608 46611 +3
+ Misses 5273 5270 -3 see 4 files with indirect coverage changes Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here. |
jaimergp
reviewed
Apr 12, 2023
jaimergp
reviewed
Apr 12, 2023
jaimergp
reviewed
Apr 12, 2023
|
I like this! I recently learnt about the Dependency submissions API, which might be related to this in terms of purpose. Having the constraints already there should make it super easy to integrate! |
brisvag
added
tests
|
@Czaki can you elaborate on what kind of token I need to create? Is this a personal access token or something else? Detailed instructions appreciated. 😊 |
jni
reviewed
Apr 19, 2023
| python3.9 -m pip install -U pip pip-tools | ||
| python3.10 -m pip install -U pip pip-tools | ||
|
|
||
| python3.8 -m piptools compile --upgrade -o resources/constraints/constraints_py3.8.txt setup.cfg resources/constraints/version_denylist.txt --extra pyqt5 --extra pyqt6_experimental --extra pyside2 --extra pyside6_experimental --extra testing --allow-unsafe --strip-extras --resolver=backtracking |
There was a problem hiding this comment.
@Czaki could you add a long comment here to explain what these lines and each of the options do? They are very long and scary. 😅
There was a problem hiding this comment.
python3.8 -m piptools compile- callpip-compilebut ensure proper intepretter--upgradeupgrade to the latest possible version. Without thispip-compilewill take a look to output files and reuse versions (so will ad something on when adding dependency.-o resources/constraints/constraints_py3.8.txt- output filesetup.cfg resources/constraints/version_denylist.txt- source files. theresources/constraints/version_denylist.txt - contains our test specific constraints likepytes-cov`--extra pyqt5etc - names of extra sections fromsetup.cfgthat should be checked for the dependencies list (maybe we could create a super extra section to collect them all in)--allow-unsafe- allow to put in constraints things like setuptools (look at the end of one of the generated files). It will be the default behavior in the future.--strip-extras- pip constrains format does not allow to specify extras (likedask[array]) so we need to use this option--resolver=backtracking- future default resolver. It fasters. Lower probability of long CI run.
Did you want to put this comment in yml file?
There was a problem hiding this comment.
It sounds kind of ridiculous, yes, but kind of yes? I wonder if it would work with a multiline string with trailing yaml comments?
Co-authored-by: Juan Nunez-Iglesias <jni@fastmail.com>
Go to napari Settings > Third-party Access > Personal access tokens > Settings Then allow Fine-grained personal access tokens but keep "Require administrator approval"
Go to personal Settings > Developer Settings > Personal access tokens > Fine-grained tokens Generate new Token Set resource owner to napari. Set long lime of expiration. Use "Only select repositories" Here is an example of the configuration for PartSeg, as the napari repository do not allow currently for these tokens: Then in repository permissions, set Pull request permissions to Read and Write: Click "generate token". Such toke could also solve the problem of not starting CI on updating vendor dependency PR. |
kephale
added a commit
to kephale/nesoi
that referenced
this pull request
Apr 20, 2023
|
@Czaki out of curiosity, why are the pip install and examples tests using 3.9 instead of 3.10? |
|
@Czaki is |
Was renamed to
At some moment there was the decision to not use the latest supported, but one before. When we enable python 3.11 test then we should switch it to python 3.10 |
|
Awesome, thank you @Czaki ! |
|
@Carreau This PR may conflict with parts of your work. What did you think about it? |
|
Love this - going to merge because we have two approving reviews but we can always revert if @Carreau has issues |
12 tasks
jni
pushed a commit
that referenced
this pull request
Apr 23, 2023
Path to `check_updated_packages.py` was set incorrectly in #5715. This fixes the path.
12 tasks
jni
pushed a commit
that referenced
this pull request
Apr 26, 2023
#5777) # Description This PR reenables using fine-grained Personal access tokens to trigger tests in PR created by workflow. The previous problem was caused by a lack of **code** permission in tokens.  But when setting these permissions, they are not named **code** but **contents**:  # References Previous PRs: #5715 #5774
1 task
7 tasks
This was referenced May 23, 2023
Czaki
added a commit
that referenced
this pull request
Jun 19, 2023
# Description <!-- What does this pull request (PR) do? Why is it necessary? --> <!-- Tell us about your new feature, improvement, or fix! --> <!-- If your change includes user interface changes, please add an image, or an animation "An image is worth a thousand words!" --> <!-- You can use https://www.cockos.com/licecap/ or similar to create animations --> In this PR I add constraints files for napari test dependencies and workflow to perform every week update of dependencies. The motivation for this PR is to avoid regular failures not related to PR context but caused by some dependency release. Also, this PR will provide dependency versions on which napari works during release time. This PR is inspired by workflow from PartSeg that example output could be found here 4DNucleome/PartSeg#932 (but here is not listening all updated dependencies) This PR will require adding `GHA_TOKEN` to repository secrets with the following permissions:  # References <!-- What resources, documentation, and guides were used in the creation of this PR? --> ## Type of change <!-- Please delete options that are not relevant. --> - [ ] Bug-fix (non-breaking change which fixes an issue) - [x] New feature (non-breaking change which adds functionality) - [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected) - [ ] This change requires a documentation update # How has this been tested? <!-- Please describe the tests that you ran to verify your changes. --> - [ ] example: the test suite for my feature covers cases x, y, and z - [ ] example: all tests pass with my change - [ ] example: I check if my changes works with both PySide and PyQt backends as there are small differences between the two Qt bindings. ## Final checklist: - [ ] My PR is the minimum possible work for the desired functionality - [ ] I have commented my code, particularly in hard-to-understand areas - [ ] I have made corresponding changes to the documentation - [ ] I have added tests that prove my fix is effective or that my feature works - [ ] If I included new strings, I have used `trans.` to make them localizable. For more information see our [translations guide](https://napari.org/developers/translations.html). --------- Co-authored-by: Juan Nunez-Iglesias <jni@fastmail.com>
Czaki
added a commit
that referenced
this pull request
Jun 19, 2023
Path to `check_updated_packages.py` was set incorrectly in #5715. This fixes the path.
Czaki
added a commit
that referenced
this pull request
Jun 21, 2023
# Description <!-- What does this pull request (PR) do? Why is it necessary? --> <!-- Tell us about your new feature, improvement, or fix! --> <!-- If your change includes user interface changes, please add an image, or an animation "An image is worth a thousand words!" --> <!-- You can use https://www.cockos.com/licecap/ or similar to create animations --> In this PR I add constraints files for napari test dependencies and workflow to perform every week update of dependencies. The motivation for this PR is to avoid regular failures not related to PR context but caused by some dependency release. Also, this PR will provide dependency versions on which napari works during release time. This PR is inspired by workflow from PartSeg that example output could be found here 4DNucleome/PartSeg#932 (but here is not listening all updated dependencies) This PR will require adding `GHA_TOKEN` to repository secrets with the following permissions:  # References <!-- What resources, documentation, and guides were used in the creation of this PR? --> ## Type of change <!-- Please delete options that are not relevant. --> - [ ] Bug-fix (non-breaking change which fixes an issue) - [x] New feature (non-breaking change which adds functionality) - [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected) - [ ] This change requires a documentation update # How has this been tested? <!-- Please describe the tests that you ran to verify your changes. --> - [ ] example: the test suite for my feature covers cases x, y, and z - [ ] example: all tests pass with my change - [ ] example: I check if my changes works with both PySide and PyQt backends as there are small differences between the two Qt bindings. ## Final checklist: - [ ] My PR is the minimum possible work for the desired functionality - [ ] I have commented my code, particularly in hard-to-understand areas - [ ] I have made corresponding changes to the documentation - [ ] I have added tests that prove my fix is effective or that my feature works - [ ] If I included new strings, I have used `trans.` to make them localizable. For more information see our [translations guide](https://napari.org/developers/translations.html). --------- Co-authored-by: Juan Nunez-Iglesias <jni@fastmail.com>
Czaki
added a commit
that referenced
this pull request
Jun 21, 2023
Path to `check_updated_packages.py` was set incorrectly in #5715. This fixes the path.
Czaki
added a commit
that referenced
this pull request
Jun 21, 2023
# Description <!-- What does this pull request (PR) do? Why is it necessary? --> <!-- Tell us about your new feature, improvement, or fix! --> <!-- If your change includes user interface changes, please add an image, or an animation "An image is worth a thousand words!" --> <!-- You can use https://www.cockos.com/licecap/ or similar to create animations --> In this PR I add constraints files for napari test dependencies and workflow to perform every week update of dependencies. The motivation for this PR is to avoid regular failures not related to PR context but caused by some dependency release. Also, this PR will provide dependency versions on which napari works during release time. This PR is inspired by workflow from PartSeg that example output could be found here 4DNucleome/PartSeg#932 (but here is not listening all updated dependencies) This PR will require adding `GHA_TOKEN` to repository secrets with the following permissions:  # References <!-- What resources, documentation, and guides were used in the creation of this PR? --> ## Type of change <!-- Please delete options that are not relevant. --> - [ ] Bug-fix (non-breaking change which fixes an issue) - [x] New feature (non-breaking change which adds functionality) - [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected) - [ ] This change requires a documentation update # How has this been tested? <!-- Please describe the tests that you ran to verify your changes. --> - [ ] example: the test suite for my feature covers cases x, y, and z - [ ] example: all tests pass with my change - [ ] example: I check if my changes works with both PySide and PyQt backends as there are small differences between the two Qt bindings. ## Final checklist: - [ ] My PR is the minimum possible work for the desired functionality - [ ] I have commented my code, particularly in hard-to-understand areas - [ ] I have made corresponding changes to the documentation - [ ] I have added tests that prove my fix is effective or that my feature works - [ ] If I included new strings, I have used `trans.` to make them localizable. For more information see our [translations guide](https://napari.org/developers/translations.html). --------- Co-authored-by: Juan Nunez-Iglesias <jni@fastmail.com>
Czaki
added a commit
that referenced
this pull request
Jun 21, 2023
Path to `check_updated_packages.py` was set incorrectly in #5715. This fixes the path.
Czaki
added a commit
that referenced
this pull request
Jun 21, 2023
# Description <!-- What does this pull request (PR) do? Why is it necessary? --> <!-- Tell us about your new feature, improvement, or fix! --> <!-- If your change includes user interface changes, please add an image, or an animation "An image is worth a thousand words!" --> <!-- You can use https://www.cockos.com/licecap/ or similar to create animations --> In this PR I add constraints files for napari test dependencies and workflow to perform every week update of dependencies. The motivation for this PR is to avoid regular failures not related to PR context but caused by some dependency release. Also, this PR will provide dependency versions on which napari works during release time. This PR is inspired by workflow from PartSeg that example output could be found here 4DNucleome/PartSeg#932 (but here is not listening all updated dependencies) This PR will require adding `GHA_TOKEN` to repository secrets with the following permissions:  # References <!-- What resources, documentation, and guides were used in the creation of this PR? --> ## Type of change <!-- Please delete options that are not relevant. --> - [ ] Bug-fix (non-breaking change which fixes an issue) - [x] New feature (non-breaking change which adds functionality) - [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected) - [ ] This change requires a documentation update # How has this been tested? <!-- Please describe the tests that you ran to verify your changes. --> - [ ] example: the test suite for my feature covers cases x, y, and z - [ ] example: all tests pass with my change - [ ] example: I check if my changes works with both PySide and PyQt backends as there are small differences between the two Qt bindings. ## Final checklist: - [ ] My PR is the minimum possible work for the desired functionality - [ ] I have commented my code, particularly in hard-to-understand areas - [ ] I have made corresponding changes to the documentation - [ ] I have added tests that prove my fix is effective or that my feature works - [ ] If I included new strings, I have used `trans.` to make them localizable. For more information see our [translations guide](https://napari.org/developers/translations.html). --------- Co-authored-by: Juan Nunez-Iglesias <jni@fastmail.com>
Czaki
added a commit
that referenced
this pull request
Jun 21, 2023
Path to `check_updated_packages.py` was set incorrectly in #5715. This fixes the path.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
In this PR I add constraints files for napari test dependencies and workflow to perform every week update of dependencies.
The motivation for this PR is to avoid regular failures not related to PR context but caused by some dependency release.
Also, this PR will provide dependency versions on which napari works during release time.
This PR is inspired by workflow from PartSeg that example output could be found here 4DNucleome/PartSeg#932 (but here is not listening all updated dependencies)
This PR will require adding
GHA_TOKENto repository secrets with the following permissions:References
Type of change
How has this been tested?
as there are small differences between the two Qt bindings.
Final checklist:
trans.to make them localizable.For more information see our translations guide.