Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ansible pip installs disobey project constraints #1897

Open
TheTechromancer opened this issue Oct 30, 2024 · 0 comments
Open

Ansible pip installs disobey project constraints #1897

TheTechromancer opened this issue Oct 30, 2024 · 0 comments
Labels
bug Something isn't working

Comments

@TheTechromancer
Copy link
Collaborator

TheTechromancer commented Oct 30, 2024
edited
Loading

The version constraints in your pyproject.toml do get packaged and published to PyPI as part of your project's metadata. However, when you do pip install --upgrade <package> after installation, pip doesn't automatically respect these constraints from your package's dependencies.

Here are a few approaches to handle this:

  1. If you're installing additional packages programmatically, you can use the package metadata to access your pinned versions:
from importlib.metadata import requires
package_requirements = requires('your-package-name')
# This will give you the requirements as specified in pyproject.toml
  1. A more robust solution would be to define these additional installations as "extras" in your pyproject.toml:
[tool.poetry.dependencies]
python = "^3.8"
some-package = "==1.2.3"  # pinned version

[tool.poetry.extras]
additional = ["extra-package"]
  1. If you must install packages programmatically, you can enforce version constraints using pip's constraint file:
import subprocess
import pkg_resources

def safe_install_package(package_name):
    # Get the pinned version from your package's requirements
    dist = pkg_resources.get_distribution('your-package-name')
    constraints = [str(r) for r in dist.requires()]
    
    # Write constraints to a temporary file
    with open('constraints.txt', 'w') as f:
        f.write('\n'.join(constraints))
    
    # Install using constraints
    subprocess.check_call([
        'pip', 'install',
        '-c', 'constraints.txt',
        package_name
    ])

Could you share more about why you need to install additional packages at runtime? There might be better architectural solutions depending on your specific use case.

Also, consider using install_requires vs extras_require in your package setup - this way users can choose to install these additional dependencies when they first install your package:

pip install your-package[additional]

This would help avoid the version conflicts you're experiencing by making all dependencies explicit at install time.
@TheTechromancer TheTechromancer added the bug Something isn't working label Oct 30, 2024
@TheTechromancer TheTechromancer mentioned this issue Oct 30, 2024
Open
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@TheTechromancer