From b9efb8df8b37216dc6122b9cbb5338c2aaa75e4d Mon Sep 17 00:00:00 2001 From: Kunal Mehta Date: Fri, 3 Jan 2025 11:55:37 -0500 Subject: [PATCH] Specify test dependencies using poetry So they are pinned and much easier to discover. Fixes #466. --- .github/workflows/ci.yml | 9 +-- .github/workflows/reprotest.yml | 6 +- Makefile | 12 +-- poetry.lock | 129 ++++++++++++++++++++++++++++++++ pyproject.toml | 15 ++++ test-requirements.txt | 4 - 6 files changed, 157 insertions(+), 18 deletions(-) create mode 100644 poetry.lock delete mode 100644 test-requirements.txt diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index cffe787..f0bf600 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -10,22 +10,19 @@ jobs: steps: - name: Bootstrap Debian system package dependencies run: | - apt-get update && apt-get install --yes --no-install-recommends make sudo git git-lfs ca-certificates + apt-get update && apt-get install --yes --no-install-recommends make sudo git git-lfs ca-certificates \ + python3-poetry - uses: actions/checkout@v4 with: lfs: true - name: Install additional packages and Python dependencies run: | - # Installs Python & bootstrap wheels, and initializes a virtualenv at .venv - make install-deps - ./.venv/bin/pip install -r test-requirements.txt + poetry install --no-ansi - name: Run linters run: | - . ./.venv/bin/activate make lint - name: Run tests except reprotest run: | - . ./.venv/bin/activate make test checksums: diff --git a/.github/workflows/reprotest.yml b/.github/workflows/reprotest.yml index 3263e53..4077607 100644 --- a/.github/workflows/reprotest.yml +++ b/.github/workflows/reprotest.yml @@ -15,7 +15,8 @@ jobs: steps: - name: Bootstrap Debian system package dependencies run: | - apt-get update && apt-get install --yes --no-install-recommends make sudo git git-lfs ca-certificates + apt-get update && apt-get install --yes --no-install-recommends make sudo git git-lfs ca-certificates \ + python3-poetry - uses: actions/checkout@v4 with: lfs: true @@ -23,7 +24,8 @@ jobs: run: | # Installs Python & bootstrap wheels, and initializes a virtualenv at .venv make install-deps - ./.venv/bin/pip install -r test-requirements.txt + # Install poetry deps into the .venv + poetry install --no-ansi - name: Test wheel reproducibility run: | # Necessary to enable git operations without permission issues diff --git a/Makefile b/Makefile index 68d9102..45b421a 100644 --- a/Makefile +++ b/Makefile @@ -3,13 +3,13 @@ SHELL := /bin/bash .PHONY: lint lint: - @ruff check . - @ruff format --check . + @poetry run ruff check . + @poetry run ruff format --check . .PHONY: fix fix: - @ruff check . --fix - @ruff format . + @poetry run ruff check . --fix + @poetry run ruff format . .PHONY: install-deps install-deps: ## Install initial wheel building dependencies @@ -28,11 +28,11 @@ build-wheels: ## Builds the wheels and adds them to the wheels subdirectory .PHONY: test test: ## Run simple test suite (skips reproducibility checks) - pytest -v tests/test_update_requirements.py tests/test_utils.py + poetry run pytest -v tests/test_update_requirements.py tests/test_utils.py .PHONY: reprotest reprotest: ## Runs only reproducibility tests for .whl files - pytest -vvs tests/test_reproducible_wheels.py + poetry run pytest -vvs tests/test_reproducible_wheels.py .PHONY: help help: ## Prints this message and exits diff --git a/poetry.lock b/poetry.lock new file mode 100644 index 0000000..49d5bee --- /dev/null +++ b/poetry.lock @@ -0,0 +1,129 @@ +# This file is automatically @generated by Poetry 1.8.2 and should not be changed by hand. + +[[package]] +name = "colorama" +version = "0.4.6" +description = "Cross-platform colored terminal text." +optional = false +python-versions = "!=3.0.*,!=3.1.*,!=3.2.*,!=3.3.*,!=3.4.*,!=3.5.*,!=3.6.*,>=2.7" +files = [ + {file = "colorama-0.4.6-py2.py3-none-any.whl", hash = "sha256:4f1d9991f5acc0ca119f9d443620b77f9d6b33703e51011c16baf57afb285fc6"}, + {file = "colorama-0.4.6.tar.gz", hash = "sha256:08695f5cb7ed6e0531a20572697297273c47b8cae5a63ffc6d6ed5c201be6e44"}, +] + +[[package]] +name = "iniconfig" +version = "2.0.0" +description = "brain-dead simple config-ini parsing" +optional = false +python-versions = ">=3.7" +files = [ + {file = "iniconfig-2.0.0-py3-none-any.whl", hash = "sha256:b6a85871a79d2e3b22d2d1b94ac2824226a63c6b741c88f7ae975f18b6778374"}, + {file = "iniconfig-2.0.0.tar.gz", hash = "sha256:2d91e135bf72d31a410b17c16da610a82cb55f6b0477d1a902134b24a455b8b3"}, +] + +[[package]] +name = "packaging" +version = "24.2" +description = "Core utilities for Python packages" +optional = false +python-versions = ">=3.8" +files = [ + {file = "packaging-24.2-py3-none-any.whl", hash = "sha256:09abb1bccd265c01f4a3aa3f7a7db064b36514d2cba19a2f694fe6150451a759"}, + {file = "packaging-24.2.tar.gz", hash = "sha256:c228a6dc5e932d346bc5739379109d49e8853dd8223571c7c5b55260edc0b97f"}, +] + +[[package]] +name = "pluggy" +version = "1.5.0" +description = "plugin and hook calling mechanisms for python" +optional = false +python-versions = ">=3.8" +files = [ + {file = "pluggy-1.5.0-py3-none-any.whl", hash = "sha256:44e1ad92c8ca002de6377e165f3e0f1be63266ab4d554740532335b9d75ea669"}, + {file = "pluggy-1.5.0.tar.gz", hash = "sha256:2cffa88e94fdc978c4c574f15f9e59b7f4201d439195c3715ca9e2486f1d0cf1"}, +] + +[package.extras] +dev = ["pre-commit", "tox"] +testing = ["pytest", "pytest-benchmark"] + +[[package]] +name = "pytest" +version = "8.3.4" +description = "pytest: simple powerful testing with Python" +optional = false +python-versions = ">=3.8" +files = [ + {file = "pytest-8.3.4-py3-none-any.whl", hash = "sha256:50e16d954148559c9a74109af1eaf0c945ba2d8f30f0a3d3335edde19788b6f6"}, + {file = "pytest-8.3.4.tar.gz", hash = "sha256:965370d062bce11e73868e0335abac31b4d3de0e82f4007408d242b4f8610761"}, +] + +[package.dependencies] +colorama = {version = "*", markers = "sys_platform == \"win32\""} +iniconfig = "*" +packaging = "*" +pluggy = ">=1.5,<2" + +[package.extras] +dev = ["argcomplete", "attrs (>=19.2)", "hypothesis (>=3.56)", "mock", "pygments (>=2.7.2)", "requests", "setuptools", "xmlschema"] + +[[package]] +name = "pytest-mock" +version = "3.14.0" +description = "Thin-wrapper around the mock package for easier use with pytest" +optional = false +python-versions = ">=3.8" +files = [ + {file = "pytest-mock-3.14.0.tar.gz", hash = "sha256:2719255a1efeceadbc056d6bf3df3d1c5015530fb40cf347c0f9afac88410bd0"}, + {file = "pytest_mock-3.14.0-py3-none-any.whl", hash = "sha256:0b72c38033392a5f4621342fe11e9219ac11ec9d375f8e2a0c164539e0d70f6f"}, +] + +[package.dependencies] +pytest = ">=6.2.5" + +[package.extras] +dev = ["pre-commit", "pytest-asyncio", "tox"] + +[[package]] +name = "ruff" +version = "0.8.5" +description = "An extremely fast Python linter and code formatter, written in Rust." +optional = false +python-versions = ">=3.7" +files = [ + {file = "ruff-0.8.5-py3-none-linux_armv6l.whl", hash = "sha256:5ad11a5e3868a73ca1fa4727fe7e33735ea78b416313f4368c504dbeb69c0f88"}, + {file = "ruff-0.8.5-py3-none-macosx_10_12_x86_64.whl", hash = "sha256:f69ab37771ea7e0715fead8624ec42996d101269a96e31f4d31be6fc33aa19b7"}, + {file = "ruff-0.8.5-py3-none-macosx_11_0_arm64.whl", hash = "sha256:b5462d7804558ccff9c08fe8cbf6c14b7efe67404316696a2dde48297b1925bb"}, + {file = "ruff-0.8.5-py3-none-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:d56de7220a35607f9fe59f8a6d018e14504f7b71d784d980835e20fc0611cd50"}, + {file = "ruff-0.8.5-py3-none-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:9d99cf80b0429cbebf31cbbf6f24f05a29706f0437c40413d950e67e2d4faca4"}, + {file = "ruff-0.8.5-py3-none-manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:7b75ac29715ac60d554a049dbb0ef3b55259076181c3369d79466cb130eb5afd"}, + {file = "ruff-0.8.5-py3-none-manylinux_2_17_ppc64.manylinux2014_ppc64.whl", hash = "sha256:c9d526a62c9eda211b38463528768fd0ada25dad524cb33c0e99fcff1c67b5dc"}, + {file = "ruff-0.8.5-py3-none-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:587c5e95007612c26509f30acc506c874dab4c4abbacd0357400bd1aa799931b"}, + {file = "ruff-0.8.5-py3-none-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:622b82bf3429ff0e346835ec213aec0a04d9730480cbffbb6ad9372014e31bbd"}, + {file = "ruff-0.8.5-py3-none-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:f99be814d77a5dac8a8957104bdd8c359e85c86b0ee0e38dca447cb1095f70fb"}, + {file = "ruff-0.8.5-py3-none-musllinux_1_2_aarch64.whl", hash = "sha256:c01c048f9c3385e0fd7822ad0fd519afb282af9cf1778f3580e540629df89725"}, + {file = "ruff-0.8.5-py3-none-musllinux_1_2_armv7l.whl", hash = "sha256:7512e8cb038db7f5db6aae0e24735ff9ea03bb0ed6ae2ce534e9baa23c1dc9ea"}, + {file = "ruff-0.8.5-py3-none-musllinux_1_2_i686.whl", hash = "sha256:762f113232acd5b768d6b875d16aad6b00082add40ec91c927f0673a8ec4ede8"}, + {file = "ruff-0.8.5-py3-none-musllinux_1_2_x86_64.whl", hash = "sha256:03a90200c5dfff49e4c967b405f27fdfa81594cbb7c5ff5609e42d7fe9680da5"}, + {file = "ruff-0.8.5-py3-none-win32.whl", hash = "sha256:8710ffd57bdaa6690cbf6ecff19884b8629ec2a2a2a2f783aa94b1cc795139ed"}, + {file = "ruff-0.8.5-py3-none-win_amd64.whl", hash = "sha256:4020d8bf8d3a32325c77af452a9976a9ad6455773bcb94991cf15bd66b347e47"}, + {file = "ruff-0.8.5-py3-none-win_arm64.whl", hash = "sha256:134ae019ef13e1b060ab7136e7828a6d83ea727ba123381307eb37c6bd5e01cb"}, + {file = "ruff-0.8.5.tar.gz", hash = "sha256:1098d36f69831f7ff2a1da3e6407d5fbd6dfa2559e4f74ff2d260c5588900317"}, +] + +[[package]] +name = "virtualenv" +version = "15.2.0" +description = "Virtual Python Environment builder" +optional = false +python-versions = "*" +files = [ + {file = "virtualenv-15.2.0-py2.py3-none-any.whl", hash = "sha256:e8e05d4714a1c51a2f5921e62f547fcb0f713ebbe959e0a7f585cc8bef71d11f"}, + {file = "virtualenv-15.2.0.tar.gz", hash = "sha256:1d7e241b431e7afce47e77f8843a276f652699d1fa4f93b9d8ce0076fd7b0b54"}, +] + +[metadata] +lock-version = "2.0" +python-versions = ">=3.11" +content-hash = "459c206d77063634259276ff35c57fcac9f8eb9c7f0c770e72b2a9a1a7a3bbdf" diff --git a/pyproject.toml b/pyproject.toml index 9e2ffd2..c3eb3d8 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -3,6 +3,21 @@ name = "securedrop-builder" version = "0.1.0" requires-python = ">=3.9" +[tool.poetry] +name = "securedrop-builder" +version = "0.1.0" +description = "" +authors = [] + +[tool.poetry.dependencies] +python = ">=3.11" + +[tool.poetry.group.dev.dependencies] +pytest = "*" +pytest-mock = "*" +ruff = "*" +virtualenv = "<16" + [tool.ruff] line-length = 100 diff --git a/test-requirements.txt b/test-requirements.txt deleted file mode 100644 index f07ee4b..0000000 --- a/test-requirements.txt +++ /dev/null @@ -1,4 +0,0 @@ -pytest -pytest-mock -virtualenv<16 -ruff \ No newline at end of file