Pipenv dependency management #4477

reinvantveer · 2021-02-04T07:13:44Z

Description of the change:
Use Pipenv - the Python packaging authority recommended way - as a dependency resolution managemente system and vulnerability checker to install Python dependencies.

This PR is part of #4237 to work towards a more user-friendly way of doing reproducible local builds

Motivation for the change:
Python package dependency is best managed using a fit-for-purpose package manager that checks for dependency conflicts, separates wanted dependencies from required subdependencies and that is able to check for vulnerabilities. The proposed solution is fully backwards compatible.

Checklist

If the pull request includes user-facing changes, extra documentation is required:

Add a new changelog fragment in changelog/fragments (see changelog/fragments/00-template.yaml)
Add or update relevant sections of the docs website in website/content/en/docs

reinvantveer · 2021-02-04T07:16:35Z

Note that the commit list is rather long simply because I rebased and merged from upstream, but the Python version pinning and Docker image pinning were already merged.

reinvantveer · 2021-02-04T17:49:15Z

Yay, passed!

images/ansible-operator/Dockerfile

estroz · 2021-02-04T19:24:59Z

@reinvantveer looks like you need to rebase onto the latest master.

…erator-framework#4407) Signed-off-by: Eric Stroczynski <estroczy@redhat.com> Signed-off-by: Rein van 't Veer <reinvantveer@gmail.com>

…-framework#4431) Signed-off-by: Rein van 't Veer <reinvantveer@gmail.com>

… a previous operator version doesn't exist (operator-framework#4448) * `run bundle-upgrade` should handle error gracefully when a previous operator version doesn't exist Signed-off-by: rashmigottipati <chowdary.grashmi@gmail.com> Signed-off-by: Rein van 't Veer <reinvantveer@gmail.com>

…erator-framework#4449) Bumped to operator-framework/api. Signed-off-by: jesus m. rodriguez <jesusr@redhat.com> Signed-off-by: Rein van 't Veer <reinvantveer@gmail.com>

…g release (operator-framework#3431) Signed-off-by: Rein van 't Veer <reinvantveer@gmail.com>

Signed-off-by: Rein van 't Veer <reinvantveer@gmail.com>

…erator-framework#4462) Signed-off-by: Eric Stroczynski <ericstroczynski@gmail.com> Signed-off-by: Rein van 't Veer <reinvantveer@gmail.com>

…projects (operator-framework#4419) Signed-off-by: Rein van 't Veer <reinvantveer@gmail.com>

…ework#4445) internal/generatel/clusterserviceversion/bases/definitions: make the owned CRD generator package- and type-aware so multiple packages containing the same type names can be used. Signed-off-by: Eric Stroczynski <ericstroczynski@gmail.com> Signed-off-by: Rein van 't Veer <reinvantveer@gmail.com>

* upgrade Python to v 3.8 * add change notes * add python to installation guide Signed-off-by: reinvantveer <reinvantveer@gmail.com> Signed-off-by: Rein van 't Veer <reinvantveer@gmail.com>

This commit modifies the suggested format for finalizers from <finalizer-name>.<qualified-group> to <qualified-group>/<finalizer-name>, which is the recommended format in k8s docs. This change is not breaking because technically any name format is allowed Signed-off-by: Eric Stroczynski <ericstroczynski@gmail.com> Signed-off-by: Rein van 't Veer <reinvantveer@gmail.com>

…-framework#4471) * Fixed invalid object names generated for long package names * TrimDNS1123Label would trim strings but end up creating invalid DNS1123 strings. * FormatOperatorNameDNS1123 would return strings that were invalid if they begin or end with non-alphanumeric or hyphens. * Handle capitals and use more efficient trim mechanism * React to new expectation. Fixes operator-framework#4470 Signed-off-by: jesus m. rodriguez <jmrodri@gmail.com> Signed-off-by: Rein van 't Veer <reinvantveer@gmail.com>

Signed-off-by: Rein van 't Veer <reinvantveer@gmail.com>

…iption Signed-off-by: Rein van 't Veer <reinvantveer@gmail.com>

…ub-dependencies and resolve potential conflicts Signed-off-by: Rein van 't Veer <reinvantveer@gmail.com>

Signed-off-by: Rein van 't Veer <reinvantveer@gmail.com>