-
Notifications
You must be signed in to change notification settings - Fork 3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support wheel cache when using --require-hashes #11897
Conversation
Exciting! I will do my very best to try to get pip built locally using this (I would honestly have attacked this myself if I knew how to get the dev env working 😂) |
Nothing fancy really: |
9abf6b0
to
a1c78e5
Compare
Combined with #11872, one can use |
bd3673f
to
76d8341
Compare
I'd like to get this in 23.1. @ewdurbin if you can confirm it fixes the issue within the next week or so, that would be excellent. Please ask for help if you are still unsure how to test against the version with the PR. |
Thanks for the ping. PyCon prep has me pretty slammed but I need to do some warehouse work in the next day or so. I'll try running from this branch to confirm it works in dev. |
Hmmm, I guess I was tricked by the tox.ini in the past and never found success. Testing this now. |
Hmmmmm I must be holding it wrong, but with the refactor of our actions in https://github.com/pypi/warehouse/pull/13357/files I would have expected the pip cache to pick up the wheels from the new "deps" initial job, but no dice: https://github.com/pypi/warehouse/actions/runs/4596723814/jobs/8118550985 |
There was no cache available when |
6e3e346
to
7fb8feb
Compare
@ewdurbin I don't immediately understand what's wrong with your test. I rebased this PR in case there is some interaction with some previously unmerged pip 23.1 change. FWIW, I just tried this script which shows it works fine. #!/bin/bash
set -eaux -o pipefail
VENV=$(mktemp -d)
python -m venv $VENV
source $VENV/bin/activate
pip install -U git+https://github.com/pypa/pip@refs/pull/11897/head
REQS=$(mktemp)
export PIP_CACHE_DIR=$(mktemp -d)
export PIP_NO_BINARY=:all:
cat <<EOF > $REQS
lxml==4.9.2 \
--hash sha256:2455cfaeb7ac70338b3257f41e21f0724f4b5b0c0e7702da67ee6c3640835b67 \
--hash sha256:7b515674acfdcadb0eb5d00d8a709868173acece5cb0be3dd165950cbfdf5409
EOF
echo "======= first install builds from source"
pip install -r $REQS
echo "======= reinstall gets wheel from cache"
pip install --force-reinstall -r $REQS |
This one is now ready. |
"and re-downloading source." | ||
) | ||
req.link = direct_url_as_link(req.download_info) | ||
link = req.link |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hmm, I'm afraid this part still needs some work. If req.download_info contains an invalid hash, it re-downloads an URL with an invalid hash fragment, which means we never get a good cache entry.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ok, I resolved this by adding a new cached_wheel_source_link
field to InstallRequirement
. I also renamed original_link_is_in_wheel_cache
to is_wheel_from_cache
to better reflect its meaning.
16b2aa8
to
8abc7e9
Compare
So this is ready again 🟢 |
b0c5edf
to
2a471a7
Compare
link: Link, | ||
download_dir: str, | ||
hashes: Optional[Hashes], | ||
warn_on_hash_mismatch: bool = True, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not some that needs to change, I’m just suddenly curious how peopel choose between positive and negative flags. Personally I’d probably choose to implement this as suppress_hash_mismatch_warning=False
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In this case I think I wanted to avoid a double negation and save half a brain cycle when reading the only condition using this flag.
src/pip/_internal/req/req_install.py
Outdated
# When is_wheel_from_cache is True, it means that this InstallRequirement | ||
# is a local wheel file in the cache of locally built wheels. | ||
self.is_wheel_from_cache = False | ||
# When is_wheel_from_cache is True, this is the source link corresponding | ||
# to the cache entry, which was used to download and build the cached wheel. | ||
self.cached_wheel_source_link: Optional[Link] = None |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do we need two attributes for this? From what I can tell these are always set together and is_wheel_from_cache
can be entirely implied by cached_wheel_source_link is not None
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is indeed a logical next step in this refactoring. Done.
This more accurately reflects that it is not necessarily related to original_link, original_link being the direct URL link, and the wheel cache can also be populated from sdists URL discovered by the finder.
2a471a7
to
efe2d27
Compare
@sbidoul This is going to miss 23.1. If you want to get it included in that release, can you do anything in the next hour or two? Otherwise, I'll push it to 23.2. |
Wow, that was quick! Thanks. |
closes #5037
@ewdurbin would you like to test this and try to break it?
I'm not doing it for the bounty, as this is also one of the things in my way of actually using hashes. So hopefully we'll share a 🍺 if our paths cross one day.
TODO
pip wheel
(I think it works but the warning should be silenced)