[ML-374] Fix openssf issue where a pip dependency is detected as not …

…being pinned by a hash. (#373) * update spark to 3.3.3 Signed-off-by: minmingzhu <minming.zhu@intel.com> * make pip install a specific version of the package. Signed-off-by: minmingzhu <minming.zhu@intel.com> * Update dev_cron.yml * Update dev_cron.yml * Update dev_cron.yml * Update dev_cron.yml * add pip hash requirements.txt Signed-off-by: minmingzhu <minming.zhu@intel.com> * Update dev_cron.yml * Update dev_cron.yml * Update dev_cron.yml * Update dev_cron.yml --------- Signed-off-by: minmingzhu <minming.zhu@intel.com>
oap-project · Mar 7, 2024 · 904d683 · 904d683
1 parent 3bfc535
commit 904d683
Show file tree

Hide file tree

Showing 2 changed files with 39 additions and 1 deletion.
diff --git a/dev/test-cluster/requirements.txt b/dev/test-cluster/requirements.txt
@@ -0,0 +1,38 @@
+#
+# This file is autogenerated by pip-compile with Python 3.9
+# by the following command:
+#
+#    pip-compile --generate-hashes requirements.in
+#
+numpy==1.21.2 \
+    --hash=sha256:09858463db6dd9f78b2a1a05c93f3b33d4f65975771e90d2cf7aadb7c2f66edf \
+    --hash=sha256:209666ce9d4a817e8a4597cd475b71b4878a85fa4b8db41d79fdb4fdee01dde2 \
+    --hash=sha256:298156f4d3d46815eaf0fcf0a03f9625fc7631692bd1ad851517ab93c3168fc6 \
+    --hash=sha256:30fc68307c0155d2a75ad19844224be0f2c6f06572d958db4e2053f816b859ad \
+    --hash=sha256:423216d8afc5923b15df86037c6053bf030d15cc9e3224206ef868c2d63dd6dc \
+    --hash=sha256:426a00b68b0d21f2deb2ace3c6d677e611ad5a612d2c76494e24a562a930c254 \
+    --hash=sha256:466e682264b14982012887e90346d33435c984b7fead7b85e634903795c8fdb0 \
+    --hash=sha256:51a7b9db0a2941434cd930dacaafe0fc9da8f3d6157f9d12f761bbde93f46218 \
+    --hash=sha256:52a664323273c08f3b473548bf87c8145b7513afd63e4ebba8496ecd3853df13 \
+    --hash=sha256:550564024dc5ceee9421a86fc0fb378aa9d222d4d0f858f6669eff7410c89bef \
+    --hash=sha256:5de64950137f3a50b76ce93556db392e8f1f954c2d8207f78a92d1f79aa9f737 \
+    --hash=sha256:640c1ccfd56724f2955c237b6ccce2e5b8607c3bc1cc51d3933b8c48d1da3723 \
+    --hash=sha256:7fdc7689daf3b845934d67cb221ba8d250fdca20ac0334fea32f7091b93f00d3 \
+    --hash=sha256:805459ad8baaf815883d0d6f86e45b3b0b67d823a8f3fa39b1ed9c45eaf5edf1 \
+    --hash=sha256:92a0ab128b07799dd5b9077a9af075a63467d03ebac6f8a93e6440abfea4120d \
+    --hash=sha256:9f2dc79c093f6c5113718d3d90c283f11463d77daa4e83aeeac088ec6a0bda52 \
+    --hash=sha256:a5109345f5ce7ddb3840f5970de71c34a0ff7fceb133c9441283bb8250f532a3 \
+    --hash=sha256:a55e4d81c4260386f71d22294795c87609164e22b28ba0d435850fbdf82fc0c5 \
+    --hash=sha256:a9da45b748caad72ea4a4ed57e9cd382089f33c5ec330a804eb420a496fa760f \
+    --hash=sha256:b160b9a99ecc6559d9e6d461b95c8eec21461b332f80267ad2c10394b9503496 \
+    --hash=sha256:b342064e647d099ca765f19672696ad50c953cac95b566af1492fd142283580f \
+    --hash=sha256:b5e8590b9245803c849e09bae070a8e1ff444f45e3f0bed558dd722119eea724 \
+    --hash=sha256:bf75d5825ef47aa51d669b03ce635ecb84d69311e05eccea083f31c7570c9931 \
+    --hash=sha256:c01b59b33c7c3ba90744f2c695be571a3bd40ab2ba7f3d169ffa6db3cfba614f \
+    --hash=sha256:d96a6a7d74af56feb11e9a443150216578ea07b7450f7c05df40eec90af7f4a7 \
+    --hash=sha256:dd0e3651d210068d13e18503d75aaa45656eef51ef0b261f891788589db2cc38 \
+    --hash=sha256:e167b9805de54367dcb2043519382be541117503ce99e3291cc9b41ca0a83557 \
+    --hash=sha256:e42029e184008a5fd3d819323345e25e2337b0ac7f5c135b7623308530209d57 \
+    --hash=sha256:f545c082eeb09ae678dd451a1b1dbf17babd8a0d7adea02897a76e639afca310 \
+    --hash=sha256:fde50062d67d805bc96f1a9ecc0d37bfc2a8f02b937d2c50824d186aa91f2419
+    # via -r requirements.in
diff --git a/dev/test-cluster/setup-python3.sh b/dev/test-cluster/setup-python3.sh
@@ -3,7 +3,7 @@
 sudo apt-get update -q
 sudo apt-get install -y -q python3-pip python3-setuptools python3-wheel
 
-pip3 install --user numpy -q
+pip3 install --user -q -r requirements.txt
 
 sudo update-alternatives --install /usr/bin/python python /usr/bin/python3 10