-
-
Notifications
You must be signed in to change notification settings - Fork 607
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Reproducible build still not entirely repoducible #7885
Comments
Hello. That is an issue with how Pex (and possibly Pip?) convert an sdist (meaning a bunch of source code) into a wheel. If you look at PyPi, that particular dependency only provides an sdist https://pypi.org/project/python-crontab/#files. Pex can only work with wheels (aka bdist), so it must convert that sdist into a wheel. It’s not clear to me why this is sometimes being built as I have other things I need to work on for at least this week so can't get to it right away. If you'd like, I'd be happy to support you submitting a patch. |
Is there something I can do as a workaround on my side to prevent this from happening? |
If possible, try an alternative library. In general, both bdist and sdist should be reproducible, per these Pex tests: So, this might be something specific to that library that is causing the issue. It's possible that the test is not comprehensive enough for sdist wheels, but it has never flaked the past month so I think this might be something particular about this sdist. -- Otherwise, jumpstart the patch to fix this. The first step would be to get the test failing by first replacing that sdist test to use |
Closing this because this is a Pex issue, not Pants. All conversation should move to pex-tool/pex#735, and I put a work in progress that gets a consistently failing test at pex-tool/pex#734. FYI this might be a few weeks before we land this fix back into Pants because we first need to fix the issue in Pex, and then release Pex with the fix, upgrade Pants to use the new version of Pex, and release that new version of Pants. The best way to speed this all up would be to pull down pex-tool/pex#734, run |
@Eric-Arellano
Subsequent builds produce artifacts with slightly different dependencies
My Pants.ini
My 3rd party deps
Artifacts are almost the same, the only difference is in included dependency. Sometimes it is
cp37
, and sometimespy3
. Which happens randomly, like a coin flip.python_crontab-2.3.6-cp37-none-any.whl # OR python_crontab-2.3.6-py3-none-any.whl
I have only noticed this happening for python_crontab library, but my set of deps is quite small.
P.S. I guess my build is now deterministic, I will definitely get one of the two possible artifacts :)
But that keeps AWS lambda unhappy, since it uses base64(sha256) to track changes, which triggers unnecessary deployments
The text was updated successfully, but these errors were encountered: