Project

Profile

Help

Story #2041

closed

As a user, I can whitelist packages to sync with standard python syntax

Added by amacdona@redhat.com over 8 years ago. Updated almost 4 years ago.

Status:
MODIFIED
Priority:
Normal
Assignee:
Sprint/Milestone:
-
Start date:
Due date:
% Done:

100%

Estimated time:
Platform Release:
3.0.0
Target Release - Python:
Groomed:
Yes
Sprint Candidate:
No
Tags:
Sprint:
Quarter:

Description

This story is to use the syntax from python requirements[0] files to specify which packages should be synced. This story does NOT include directly uploading a requirements.txt (though that feature could be discussed in another issue)

Note:
It doesn't make sense for Pulp to support all of the possible syntaxes in a requirements file (like specifying a local file).

Background:

At the time of writing, pulp-python only supports a whitelist of project names, but this whitelist should become more granular and flexible.

Specifiers [1][2]

It would be ideal to support multiple levels of filtering:

  • project name
  • version specifiers (including gt, lt, range)
  • specific python distributions (specified by hash) [3]

Allowing users to specify python distributions by hashes [3] will significantly improve 2 of our use cases:

  • reproducible, deterministic builds
  • improved security

Related Ideas:

These ideas are related to the implementation of this story, but if they are accepted, they should be filed separately.

  1. Create a whitelist from a requirements.txt
  2. Create a whitelist from a Pipfile (pipenv)
  3. Create a whitelist from a Pipfile.lock (pipenv)
  4. Create a whitelist from a python toml file

[0]: https://pip.pypa.io/en/stable/user_guide/#requirements-files
[1]: https://www.python.org/dev/peps/pep-0440/
[2]: https://www.python.org/dev/peps/pep-0508/
[3]: https://pip-python3.readthedocs.io/en/latest/reference/pip_install.html#hash-checking-mode


Related issues

Related to Python Support - Story #2040: As a user, I can choose which package types to syncCLOSED - DUPLICATE

Actions
Actions #1

Updated by amacdona@redhat.com over 8 years ago

  • Related to Story #138: As a user, I can express how many old versions of a package to keep during sync added
Actions #2

Updated by amacdona@redhat.com over 8 years ago

requirements.txt format is also the output of `pip freeze`, so it would be very simple to convert an environment into a repository.

Actions #3

Updated by amacdona@redhat.com over 8 years ago

  • Subject changed from As a user, I can pass package names as requirements.txt to As a user, I can pass project names as requirements.txt
Actions #4

Updated by semyers over 8 years ago

  • Groomed changed from No to Yes

Whoa this is a cool idea. I love it.

Does pip make it easy to get at the requirements.txt parser so we don't have to write one? :)

Actions #5

Updated by amacdona@redhat.com over 8 years ago

  • Sprint Candidate changed from No to Yes
Actions #6

Updated by bizhang about 8 years ago

  • Status changed from NEW to POST
  • Assignee set to bizhang
Actions #7

Updated by pcreech about 8 years ago

  • Status changed from POST to NEW
  • Assignee deleted (bizhang)
Actions #8

Updated by amacdona@redhat.com about 8 years ago

  • Sprint Candidate changed from Yes to No
Actions #9

Updated by bizhang over 6 years ago

  • Tags Pulp 3 added
Actions #10

Updated by amacdona@redhat.com over 6 years ago

  • Subject changed from As a user, I can pass project names as requirements.txt to As a user, I can whitelist packages to sync with standard python syntax
  • Description updated (diff)
Actions #11

Updated by amacdona@redhat.com over 6 years ago

  • Related to Story #2040: As a user, I can choose which package types to sync added
Actions #12

Updated by bizhang over 6 years ago

  • Related to deleted (Story #138: As a user, I can express how many old versions of a package to keep during sync)
Actions #13

Updated by bizhang over 6 years ago

  • Status changed from NEW to POST
  • Assignee set to bizhang

Added by werwty over 6 years ago

Revision fecf6314 | View on GitHub

As a user, I can whitelist packages to sync with standard python syntax

closes #2041 https://pulp.plan.io/issues/2041

Actions #14

Updated by werwty over 6 years ago

  • Status changed from POST to MODIFIED
  • % Done changed from 0 to 100
Actions #15

Updated by bmbouter over 5 years ago

  • Tags deleted (Pulp 3)
Actions #16

Updated by dalley almost 4 years ago

  • Platform Release set to 3.0.0

Also available in: Atom PDF