Custom sources for python distribution binaries #8015
Comments
|
Timing is wild, I was just about to submit an issue with this same request. I would love support for changing the URL that |
|
Yep! |
|
Described at https://docs.astral.sh/uv/configuration/environment/ |
|
Thank you for the quick response! Additionally, is there support for providing |
|
You can use |
|
so I'm currently trying to install https://github.com/indygreg/python-build-standalone/releases/download/20241008/cpython-3.12.7+20241008-x86_64_v3-unknown-linux-gnu-pgo+lto-full.tar.zst with I have it downloaded in I set When I attempt to run > echo $UV_PYTHON_INSTALL_MIRROR
file:///home/<user>/downloads/python_standaloneCould you provide help/guidance as to how I should proceed? Thanks for your help I also tried with I'm on Ubuntu 22.04 LTS (jammy) if that matters |
|
Can you share verbose logs? i.e. Your uv version needs to support that managed download, so you might just be on a uv version that only has metadata for 3.12.6 and not 3.12.7 yet? |
> RUST_LOG=uv-trace uv python install -v 3.12.7
DEBUG uv 0.4.18
TRACE Checking lock for `/home/<user>/.local/share/uv/python` at `/home/<user>/.local/share/uv/python/.lock`
DEBUG Acquired lock for `/home/<user>/.local/share/uv/python`
Searching for Python versions matching: Python 3.12.7
TRACE ld path: /lib64/ld-linux-x86-64.so.2
TRACE stdout output from `ld`: ""
TRACE stderr output from `ld`: "/lib64/ld-linux-x86-64.so.2: missing program name\nTry '/lib64/ld-linux-x86-64.so.2 --help for more information.\n"
TRACE stdout ouput from `ldd --version`: ld.so (Ubuntu GLIBC 2.35-0ubuntu3.8) stable release version 2.35.\nCopyright ...
TRACE Found manylinux 2.35 in stdout of `ldd --version`
DEBUG Released lock at `/home/<user>/.local/share/uv/python/.lock`
error: No download found for request: cpython-3.12.7-linux-x86_64-gnu
|
|
3.12.7 was added in #7880 which is in uv 0.4.19 |
|
Tried again with https://github.com/indygreg/python-build-standalone/releases/download/20240909/cpython-3.12.6+20240909-x86_64-unknown-linux-gnu-pgo+lto-full.tar.zst instead this time. > uv python install 3.12.6
Searching for Python versions matching: Python 3.12.6
cpython-3.12.6-linux-x86_64-gnu
error: Failed to install cpython-3.12.6-linux-x86_64-gnu
Caused by: Failed to extract archive: cpython-3.12.6+20240909-x86_64-unknown-linux-gnu-install_only_stripped.tar.gz
Caused by: Invalid gzip header
cpython-3.12.6-linux-x86_64-gnu |
|
does |
|
Sorry this isn't well documented — yes, we only support the target defined in our download metadata. We could probably support more in the future, it's just more complicated. |
|
Basically the reason you can't, is that we generate JSON metadata from GitHub release uv/crates/uv-python/download-metadata.json Lines 398 to 409 in f6fd849 then encode it as static Rust code for performance uv/crates/uv-python/src/downloads.inc Lines 471 to 484 in f6fd849 then when you ask for a custom mirror we transform the static URL uv/crates/uv-python/src/downloads.rs Lines 577 to 585 in 891c91d This is quite a naive implementation, but it's intended to unblock core functionality not be fully feature complete. |
|
Is there any specific reason why the generated json only includes the |
|
something weird is happening still, it looks like
> echo $UV_PYTHON_INSTALL_MIRROR
file:///home/<user>/downloads/python_standalone> RUST_LOG=uv-trace uv python install -v 3.12.6
DEBUG uv 0.4.18
TRACE Checking lock for `/home/<user>/.local/share/uv/python` at `/home/<user>/.local/share/uv/python/.lock`
DEBUG Acquired lock for `/home/<user>/.local/share/uv/python`
Searching for Python versions matching: Python 3.12.6
TRACE ld path: /lib64/ld-linux-x86-64.so.2
TRACE stdout output from `ld`: ""
TRACE stderr output from `ld`: "/lib64/ld-linux-x86-64.so.2: missing program name\nTry '/lib64/ld-linux-x86-64.so.2 --help for more information.\n"
TRACE Tried to find musl version by running `"/lib64/ld-linux-x86-64.so.2"`, but failed: Could not find musl version in output of: `/lib64/ld-linux-x86-64.so.2`
TRACE Tried to find libc version from possible symlink at "/lib64/ld-linux-x86-64.so.2", but failed: Failed to find glibc version in the filename of linker: `/lib/x86_64-linux-gnu/ld-linux-x86-64.so.2`
TRACE stdout ouput from `ldd --version`: ld.so (Ubuntu GLIBC 2.35-0ubuntu3.8) stable release version 2.35.\nCopyright ...
TRACE Found manylinux 2.35 in stdout of `ldd --version`
DEBUG Using request timeout of 30s
TRACE Handling request for https://github.com/indygreg/python-build-standalone/releases/download/20240909/cpython-3.12.6+20240909-x86_64-unknown-linux-gnu-install_only_stripped.tar.gz
TRACE Request for https://github.com/indygreg/python-build-standalone/releases/download/20240909/cpython-3.12.6+20240909-x86_64-unknown-linux-gnu-install_only_stripped.tar.gz is unauthenticated, checking cache
TRACE No credentials in cache for URL https://github.com/indygreg/python-build-standalone/releases/download/20240909/cpython-3.12.6+20240909-x86_64-unknown-linux-gnu-install_only_stripped.tar.gz
TRACE Attempting unauthenticated request for https://github.com/indygreg/python-build-standalone/releases/download/20240909/cpython-3.12.6+20240909-x86_64-unknown-linux-gnu-install_only_stripped.tar.gz
DEBUG Downloading https://github.com/indygreg/python-build-standalone/releases/download/20240909/cpython-3.12.6+20240909-x86_64-unknown-linux-gnu-install_only_stripped.tar.gz to temporary location: /home/<user>/.local/share/uv/python/.cache/.tmpYs2Aii
DEBUG Extracting cpython-3.12.6%2B20240909-x86_64-unknown-linux-gnu-install_only_stripped.tar.gz
error: Failed to install cpython-3.12.6-linux-x86_64-gnu
Caused by: Failed to extract archive: cpython-3.12.6+20240909-x86_64-unknown-linux-gnu-install_only_stripped.tar.gz
Caused by: Invalid gzip header
DEBUG Released lock at `/home/<user>/.local/share/uv/python/.lock` |
|
On my machine, I get something like this if I specify an arbitrary directory: |
|
Similarly: |
|
Figured it out my filename was urlencoded so was actually Thanks for all of your help |
|
That makes sense. We can add more documentation around this. |
|
I'm a bit confused. We're currently migrating to Currently, I'm just adding the following to my [tool.uv]
index-url = "https://<user>:<password>@<host>"Which is working properly. I have been unable to find a way to configure this authentication in order to avoid just hardcoding the credentials for obvious reasons. Is this somehow related to this issue? Also, is this the way I should be doing this? EDIT: I believe what I'm referring to is this PR #7741 |
|
Just took a look at #7741 and I am wondering why the environment variables can't be specified in the |
|
@guillemc23 sorry this issue is about downloading Python distributions — not index URLs for packages. Could you open a new issue for your question instead? |
Opened PR with a create mirror script to make it easier #8548 |
|
maybe relevant #10203 |
|
I'd be interested in something slightly different: rather than just hosting indygreg's tarballs internally, I'd like to use my own builds of python, but I'm content to host those builds with whatever URL pattern Would something like that be in scope for this issue, or should I file a separate one? |
|
@zanieb I can probably work on this or find someone who can, if you all can bounce some design ideas with us. If you'd rather we just pitch something that works too, I just want to make sure you're open to the idea first. |
|
I'm a little hesitant since we don't have a well-defined or stable format for the We also store all the metadata statically via templated Rust right now so it's a bit of a larger change to be able to read that from a file. I'm sort of into adding support for reading that metadata dynamically, e.g., it's also useful for updating Python without updating uv — but we'll need to have some sort of versioning scheme and I think if you're rolling your own distributions there's no guarantee they'll work well. |
|
Yeah, I've been looking at how that gets included statically. I can patch uv with my own json and get it to use our builds, but reading from a file and getting that configured from settings or environment variables is a bit more plumbing. What's been changing about the format for distributions? Is that something we could help define/standardize? I also noticed there's no room in the schema for extra version numbers after patch, which we do use (build numbers, in case we rebuild a version), but could probably get by without if that's weird to add. |
The most recent example I can think of is astral-sh/python-build-standalone#373 It's less that they're changing a lot, and more that I'm hesitant to promise they won't :) the Another concern is that we need to apply patches to the distribution at install time. These may or may not be relevant for custom distributions? I think the best place to start is experimental support for dynamic metadata in uv without stability promises. Then we can iterate on standardization or versioning of the format?
Like, you want to be able to have multiple builds of versions side-by-side in your metadata? I'm not particularly opposed, but it may complicate our Python request logic? |
|
@leifwalsh That is exactly what I'm requesting at #10203 |
|
I think there's a bit of a difference between a local metadata file and a remote one — then we start having to deal with caching and network overheads. I agree in the long-run we'd want both though. |
Fair!
Oh, I didn't realize that. Can you point me toward those patches? The builds we produce work (well enough for our purposes, in a somewhat constrained environment e.g. Linux only) after untarring.
That sounds like a good plan to me. I'd be happy to live without stability promises for a bit. Should we move discussion to #10203 and start planning it there? (@MeitarR thanks! Sorry I couldn't find that as easily as this one.)
Yeah, I admit this is odd and probably not worth considering as a real requirement, but we produce builds like 3.13.1.40 and 3.13.1.45 - they're just distinct build events for 3.13.1, but as a simple way to not worry about reproducibility, we keep them both and let projects stick with whichever was the latest build last time they updated things. This nearly fits in the Prerelease struct, but not quite because all of those variants (alpha, beta, RC) sort earlier than None.
Either way you have to await something, right? :) |
|
The patches are invoked at uv/crates/uv/src/commands/python/install.rs Lines 312 to 317 in 11f2882 |
|
Thanks! Ok yeah, we do some stuff to sysconfig before uploading our builds, and we have some other things that do the externally managed stuff. That makes sense, thanks. And, @MeitarR now I see that's literally the issue you linked to before I joined this issue, I think I just misread what you were asking for the first time. Sorry! |
Many companies have policies around sourcing artifacts from internal sources only. I'm seeing in the docs that uv uses pre-built third-party distributions from the python-build-standalone project. Is it possible to configure uv to point to an alternate private index for python version distributions?
I imagine as long as there's a well-defined API for how uv queries and returns binaries, the actual source from which these are downloaded should probably not matter much?
Apologies if this is a duplicate, I searched around but didn't spot an existing issue.
The text was updated successfully, but these errors were encountered: