Always run pip installer to get implicit deps #186
Conversation
|
I'm a little bit confused about what this does that just @dstufft would you be willing to give us some advice on whether it's sane / smart to always invoke |
|
It installs |
|
I'm on my phone but a quick glance suggests the impetus for this change is that get-pip.py installs pip/setuptools/wheel but ensurepip only installs pip/setuptools. Expanding your later command to also include setuptools and wheel should solve this also I think. I will take a closer look when I get home. |
|
Oh, we also have #170, where folks are suggesting that we need newer (Definitely appreciate the input ❤️ ❤️ ❤️) |
|
Just did a quick PoC of the suggested approach, following along with how pip version management is done. There's a version difference between the Happy to update this PR when we know which direction we'd like to take this 😄 |
|
That'll be because pip excludes pre-releases by default. |
|
Ah, # Add any implicit installations to the end of our args
if implicit_pip:
args += ["pip"]
if implicit_setuptools:
args += ["setuptools"]
if implicit_wheel:
args += ["wheel"](which just installs the latest release of each) Seems roughly sane (and I think the way we fetch the latest |
|
In that case I think the current way of getting the package versions might need a tweak, because as I pointed out above, right now it happily grabs pre-release versions. # curl -fsSL 'https://pypi.python.org/pypi/pip/json' | awk -F '"' '$2 == "version" { print $4 }'
9.0.1
# curl -fsSL 'https://pypi.python.org/pypi/setuptools/json' | awk -F '"' '$2 == "version" { print $4 }'
34.3.3
# curl -fsSL 'https://pypi.python.org/pypi/wheel/json' | awk -F '"' '$2 == "version" { print $4 }'
0.30.0a0A look at the docs claims that it will fetch the stable version by default but that does not appear to be happening:
In the meantime, I'll update this PR with the version that grabs pre-releases and we can go forward from there. |
|
I'll squash this down once we're happy with it 😉 |
|
Is it permissable to use tools such as |
|
Yeah, I think the main issue I see is that the alpha is listed as the actual "latest release" for |
|
Try |
|
Aha! Perfect! I'll get a commit going, thanks 😁 |
|
You're a hero, @dstufft ❤️ (thanks for all you do! 👍) |
|
I feel obligated to mention that URL is technically not "production" which mostly just means there's no alerting if it goes down, but that should be fairly rare to get downtime of that URL that actually makes it unavailable. |
|
Yeah, I figured as much when I checked out https://pypi.org (and saw the warning), but it's only going to be used from our |
|
Anything more to do on this one @tianon? |
…ls/wheel behavior there
- `docker`: experimental multiarch (docker-library/docker#52) - `golang`: experimental multiarch (docker-library/golang#158) - `nextcloud`: 10.0.5, 11.0.3, 9.0.58, update via container updates (nextcloud/docker#65) - `postgres`: ensure `postgres` user's HOME has decent permissions (docker-library/postgres#277) - `python`: fix `pip` install to also install `setuptools` and `wheel` (docker-library/python#186, docker-library/python#187)
|
I'm a bit concerned about tracking the https://github.com/pypa/setuptools/blame/master/CHANGES.rst |
|
Hmm, good point @JayH5. @yosifkit and I took a look at Python's (Then, since we'll be using |
Always run pip installer to get implicit deps
Unconditionally executing the contents of this
ifblock results in the installation ofwheel(consistent with <= 3.3 images) without over-zealous overhead:Fixes #141, #170