-
Notifications
You must be signed in to change notification settings - Fork 325
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Latest Pipenv changed behaviour on virtualenv isolation = dependencies are skipped to install #382
Comments
Hotfix: RHEL ubi8 based builder images with the Pipenv version lock patch applied can be sourced from: |
Thank you! Could you please also open an upstream issue? A simple reproducer:
|
@fridex is that something we should port to thoth‘s S2I Images? |
BTW, for most of the use cases Thoth's micropipenv should be a very good alternative: https://github.com/thoth-station/micropipenv and it is included in all our S2I images, for example: https://quay.io/repository/thoth-station/s2i-thoth-ubi8-py36?tab=info And Fedora ;) https://fedora.pkgs.org/rawhide/fedora-x86_64/micropipenv-0.1.6-1.fc33.noarch.rpm.html |
In case of micropipenv (#368), there could be just one virtual environment for the actual application and micropipenv could be installed from an rpm (during the builder container image build so that it is already included #278). Anyway, worth to discuss this behavior with Pipenv upstream to see their bits on this - especially long term behavior they expect to support. |
I can confirm the reproducer. It works with the old version ( I have tried to coax the correct behaviour from the new version by using the flag |
Issue reported upstream: pypa/pipenv#4301 |
The issue is already fixed upstream: pypa/pipenv#4284 |
And the fix has been released in a new version of pipenv! |
The latest release of Pipenv https://github.com/pypa/pipenv/releases/tag/v2020.5.28 has changed the behaviour of
pipenv install
pypa/pipenv#3057. As a result, Pipenv no longer installs packages that can be located in its path. This breaks s2i builds, since Pipenv is run in a different context than the actual applications. Let me illustrate:Trying to install any package, that is already present in the global env, results in Pipenv skipping this package installation into the pipenv's virtual env. That includes all the dependencies of Pipenv itself like
six
orimportlib_metadata
orcertifi
. And these packages are used as a dependency in many bigger libraries, which transitively makes them misbehave and break...Let's assume we have an app using
certifi
andchardet
. The first named is a Pipenv dependency and the second one is not:Now let's see where are the packages installed and what our python path actually is:
As you can see, each of the packages is located in different location. One is reachable for the python runtime and one is not.
This issue means that any new build (based on s2i Python with Pipenv and started after the Pipenv update) of an application that shares a single (or more) dependency with Pipenv will fail at build time or at runtime for a really inexplicable reason - because a dependency which is specified in the Pipfile doesn't get installed.
It took me really long to trace this issue all the way back to Pipenv, I'm not sure how to solve this without locking
pipenv
version though.The text was updated successfully, but these errors were encountered: