-
-
Notifications
You must be signed in to change notification settings - Fork 419
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Pin test dependencies #5715
Pin test dependencies #5715
Conversation
Codecov Report
@@ Coverage Diff @@
## main #5715 +/- ##
=======================================
Coverage 89.83% 89.84%
=======================================
Files 608 608
Lines 51881 51881
=======================================
+ Hits 46608 46611 +3
+ Misses 5273 5270 -3 see 4 files with indirect coverage changes Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here. |
I like this! I recently learnt about the Dependency submissions API, which might be related to this in terms of purpose. Having the constraints already there should make it super easy to integrate! |
@Czaki can you elaborate on what kind of token I need to create? Is this a personal access token or something else? Detailed instructions appreciated. 😊 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@Czaki thanks for this! Almost ready I think!
python3.9 -m pip install -U pip pip-tools | ||
python3.10 -m pip install -U pip pip-tools | ||
|
||
python3.8 -m piptools compile --upgrade -o resources/constraints/constraints_py3.8.txt setup.cfg resources/constraints/version_denylist.txt --extra pyqt5 --extra pyqt6_experimental --extra pyside2 --extra pyside6_experimental --extra testing --allow-unsafe --strip-extras --resolver=backtracking |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@Czaki could you add a long comment here to explain what these lines and each of the options do? They are very long and scary. 😅
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
python3.8 -m piptools compile
- callpip-compile
but ensure proper intepretter--upgrade
upgrade to the latest possible version. Without thispip-compile
will take a look to output files and reuse versions (so will ad something on when adding dependency.-o resources/constraints/constraints_py3.8.txt
- output filesetup.cfg resources/constraints/version_denylist.txt
- source files. theresources/constraints/version_denylist.txt - contains our test specific constraints like
pytes-cov`--extra pyqt5
etc - names of extra sections fromsetup.cfg
that should be checked for the dependencies list (maybe we could create a super extra section to collect them all in)--allow-unsafe
- allow to put in constraints things like setuptools (look at the end of one of the generated files). It will be the default behavior in the future.--strip-extras
- pip constrains format does not allow to specify extras (likedask[array]
) so we need to use this option--resolver=backtracking
- future default resolver. It fasters. Lower probability of long CI run.
Did you want to put this comment in yml file?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It sounds kind of ridiculous, yes, but kind of yes? I wonder if it would work with a multiline string with trailing yaml comments?
Co-authored-by: Juan Nunez-Iglesias <jni@fastmail.com>
Go to napari Settings > Third-party Access > Personal access tokens > Settings Then allow Fine-grained personal access tokens but keep "Require administrator approval" Go to personal Settings > Developer Settings > Personal access tokens > Fine-grained tokens Generate new Token Set resource owner to napari. Set long lime of expiration. Use "Only select repositories" Here is an example of the configuration for PartSeg, as the napari repository do not allow currently for these tokens: Then in repository permissions, set Pull request permissions to Read and Write: Click "generate token". Such toke could also solve the problem of not starting CI on updating vendor dependency PR. |
@Czaki out of curiosity, why are the pip install and examples tests using 3.9 instead of 3.10? |
@Czaki is |
Was renamed to
At some moment there was the decision to not use the latest supported, but one before. When we enable python 3.11 test then we should switch it to python 3.10 |
Awesome, thank you @Czaki ! |
@Carreau This PR may conflict with parts of your work. What did you think about it? |
Love this - going to merge because we have two approving reviews but we can always revert if @Carreau has issues |
Path to `check_updated_packages.py` was set incorrectly in #5715. This fixes the path.
#5777) # Description This PR reenables using fine-grained Personal access tokens to trigger tests in PR created by workflow. The previous problem was caused by a lack of **code** permission in tokens. ![permissions](https://user-images.githubusercontent.com/3826210/234532611-5c713481-13f0-4401-8c83-f5fed43c4aba.png) But when setting these permissions, they are not named **code** but **contents**: ![permission name](https://user-images.githubusercontent.com/3826210/234532254-a0d5fb98-f3a9-4153-a866-15dc7b5c2617.png) # References Previous PRs: #5715 #5774
# Description <!-- What does this pull request (PR) do? Why is it necessary? --> <!-- Tell us about your new feature, improvement, or fix! --> <!-- If your change includes user interface changes, please add an image, or an animation "An image is worth a thousand words!" --> <!-- You can use https://www.cockos.com/licecap/ or similar to create animations --> In this PR I add constraints files for napari test dependencies and workflow to perform every week update of dependencies. The motivation for this PR is to avoid regular failures not related to PR context but caused by some dependency release. Also, this PR will provide dependency versions on which napari works during release time. This PR is inspired by workflow from PartSeg that example output could be found here 4DNucleome/PartSeg#932 (but here is not listening all updated dependencies) This PR will require adding `GHA_TOKEN` to repository secrets with the following permissions: ![obraz](https://user-images.githubusercontent.com/3826210/233028398-daa24aeb-3af9-455d-b8c4-b722a3c0d413.png) # References <!-- What resources, documentation, and guides were used in the creation of this PR? --> ## Type of change <!-- Please delete options that are not relevant. --> - [ ] Bug-fix (non-breaking change which fixes an issue) - [x] New feature (non-breaking change which adds functionality) - [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected) - [ ] This change requires a documentation update # How has this been tested? <!-- Please describe the tests that you ran to verify your changes. --> - [ ] example: the test suite for my feature covers cases x, y, and z - [ ] example: all tests pass with my change - [ ] example: I check if my changes works with both PySide and PyQt backends as there are small differences between the two Qt bindings. ## Final checklist: - [ ] My PR is the minimum possible work for the desired functionality - [ ] I have commented my code, particularly in hard-to-understand areas - [ ] I have made corresponding changes to the documentation - [ ] I have added tests that prove my fix is effective or that my feature works - [ ] If I included new strings, I have used `trans.` to make them localizable. For more information see our [translations guide](https://napari.org/developers/translations.html). --------- Co-authored-by: Juan Nunez-Iglesias <jni@fastmail.com>
Path to `check_updated_packages.py` was set incorrectly in #5715. This fixes the path.
# Description <!-- What does this pull request (PR) do? Why is it necessary? --> <!-- Tell us about your new feature, improvement, or fix! --> <!-- If your change includes user interface changes, please add an image, or an animation "An image is worth a thousand words!" --> <!-- You can use https://www.cockos.com/licecap/ or similar to create animations --> In this PR I add constraints files for napari test dependencies and workflow to perform every week update of dependencies. The motivation for this PR is to avoid regular failures not related to PR context but caused by some dependency release. Also, this PR will provide dependency versions on which napari works during release time. This PR is inspired by workflow from PartSeg that example output could be found here 4DNucleome/PartSeg#932 (but here is not listening all updated dependencies) This PR will require adding `GHA_TOKEN` to repository secrets with the following permissions: ![obraz](https://user-images.githubusercontent.com/3826210/233028398-daa24aeb-3af9-455d-b8c4-b722a3c0d413.png) # References <!-- What resources, documentation, and guides were used in the creation of this PR? --> ## Type of change <!-- Please delete options that are not relevant. --> - [ ] Bug-fix (non-breaking change which fixes an issue) - [x] New feature (non-breaking change which adds functionality) - [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected) - [ ] This change requires a documentation update # How has this been tested? <!-- Please describe the tests that you ran to verify your changes. --> - [ ] example: the test suite for my feature covers cases x, y, and z - [ ] example: all tests pass with my change - [ ] example: I check if my changes works with both PySide and PyQt backends as there are small differences between the two Qt bindings. ## Final checklist: - [ ] My PR is the minimum possible work for the desired functionality - [ ] I have commented my code, particularly in hard-to-understand areas - [ ] I have made corresponding changes to the documentation - [ ] I have added tests that prove my fix is effective or that my feature works - [ ] If I included new strings, I have used `trans.` to make them localizable. For more information see our [translations guide](https://napari.org/developers/translations.html). --------- Co-authored-by: Juan Nunez-Iglesias <jni@fastmail.com>
Path to `check_updated_packages.py` was set incorrectly in #5715. This fixes the path.
# Description <!-- What does this pull request (PR) do? Why is it necessary? --> <!-- Tell us about your new feature, improvement, or fix! --> <!-- If your change includes user interface changes, please add an image, or an animation "An image is worth a thousand words!" --> <!-- You can use https://www.cockos.com/licecap/ or similar to create animations --> In this PR I add constraints files for napari test dependencies and workflow to perform every week update of dependencies. The motivation for this PR is to avoid regular failures not related to PR context but caused by some dependency release. Also, this PR will provide dependency versions on which napari works during release time. This PR is inspired by workflow from PartSeg that example output could be found here 4DNucleome/PartSeg#932 (but here is not listening all updated dependencies) This PR will require adding `GHA_TOKEN` to repository secrets with the following permissions: ![obraz](https://user-images.githubusercontent.com/3826210/233028398-daa24aeb-3af9-455d-b8c4-b722a3c0d413.png) # References <!-- What resources, documentation, and guides were used in the creation of this PR? --> ## Type of change <!-- Please delete options that are not relevant. --> - [ ] Bug-fix (non-breaking change which fixes an issue) - [x] New feature (non-breaking change which adds functionality) - [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected) - [ ] This change requires a documentation update # How has this been tested? <!-- Please describe the tests that you ran to verify your changes. --> - [ ] example: the test suite for my feature covers cases x, y, and z - [ ] example: all tests pass with my change - [ ] example: I check if my changes works with both PySide and PyQt backends as there are small differences between the two Qt bindings. ## Final checklist: - [ ] My PR is the minimum possible work for the desired functionality - [ ] I have commented my code, particularly in hard-to-understand areas - [ ] I have made corresponding changes to the documentation - [ ] I have added tests that prove my fix is effective or that my feature works - [ ] If I included new strings, I have used `trans.` to make them localizable. For more information see our [translations guide](https://napari.org/developers/translations.html). --------- Co-authored-by: Juan Nunez-Iglesias <jni@fastmail.com>
Path to `check_updated_packages.py` was set incorrectly in #5715. This fixes the path.
# Description <!-- What does this pull request (PR) do? Why is it necessary? --> <!-- Tell us about your new feature, improvement, or fix! --> <!-- If your change includes user interface changes, please add an image, or an animation "An image is worth a thousand words!" --> <!-- You can use https://www.cockos.com/licecap/ or similar to create animations --> In this PR I add constraints files for napari test dependencies and workflow to perform every week update of dependencies. The motivation for this PR is to avoid regular failures not related to PR context but caused by some dependency release. Also, this PR will provide dependency versions on which napari works during release time. This PR is inspired by workflow from PartSeg that example output could be found here 4DNucleome/PartSeg#932 (but here is not listening all updated dependencies) This PR will require adding `GHA_TOKEN` to repository secrets with the following permissions: ![obraz](https://user-images.githubusercontent.com/3826210/233028398-daa24aeb-3af9-455d-b8c4-b722a3c0d413.png) # References <!-- What resources, documentation, and guides were used in the creation of this PR? --> ## Type of change <!-- Please delete options that are not relevant. --> - [ ] Bug-fix (non-breaking change which fixes an issue) - [x] New feature (non-breaking change which adds functionality) - [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected) - [ ] This change requires a documentation update # How has this been tested? <!-- Please describe the tests that you ran to verify your changes. --> - [ ] example: the test suite for my feature covers cases x, y, and z - [ ] example: all tests pass with my change - [ ] example: I check if my changes works with both PySide and PyQt backends as there are small differences between the two Qt bindings. ## Final checklist: - [ ] My PR is the minimum possible work for the desired functionality - [ ] I have commented my code, particularly in hard-to-understand areas - [ ] I have made corresponding changes to the documentation - [ ] I have added tests that prove my fix is effective or that my feature works - [ ] If I included new strings, I have used `trans.` to make them localizable. For more information see our [translations guide](https://napari.org/developers/translations.html). --------- Co-authored-by: Juan Nunez-Iglesias <jni@fastmail.com>
Path to `check_updated_packages.py` was set incorrectly in #5715. This fixes the path.
Description
In this PR I add constraints files for napari test dependencies and workflow to perform every week update of dependencies.
The motivation for this PR is to avoid regular failures not related to PR context but caused by some dependency release.
Also, this PR will provide dependency versions on which napari works during release time.
This PR is inspired by workflow from PartSeg that example output could be found here 4DNucleome/PartSeg#932 (but here is not listening all updated dependencies)
This PR will require adding
GHA_TOKEN
to repository secrets with the following permissions:References
Type of change
How has this been tested?
as there are small differences between the two Qt bindings.
Final checklist:
trans.
to make them localizable.For more information see our translations guide.