Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Hello,
- The recent release of setuptools 42.0.0 has broken the method used by
- the configure-mirrors role to ensure easy_install (the older method to
- install python packages, before pip became in widespread use [1])
- would only access the infra PyPi mirror.
- The prior mirror setup code would set the "allow_hosts" whitelist to
- the mirror host exclusively in pydistutils.cfg. This would avoid
- easy_install "leaking" access outside the specified mirror.
- Change [2] in setuptools means that pip is now used to fetch packages.
- Since it does not implement the constraints of the "allow_hosts"
- setting, specifying this option has become an error condition. This
- is reported as:
- the `allow-hosts` option is not supported when using pip to install requirements
- It has been pointed out [3] that this prior code would break any
- dependency_links [4] that might be specified for the package (as the
- external URLs will not match the whitelist). Overall, there is no
- desire to work-around this behaviour as easy_install is considered
- deprecated for any current use.
- In short, this means the only solution is to remove the now-conflicting
- configuration from pydistutils.cfg. Due to the urgency of
- this update, it has been merged with [5] before our usual 2-week
- deprecation notice.
- The result of this is that older setuptools (perhaps in a virtualenv)
- with jobs still using easy_install may not correctly access the
- specified mirror. Assuming jobs have access to PyPi, they would still
- work, although without the benefits of a local mirror. If such jobs
- are firewalled from usptream they may now fail. We consider the
- chance of jobs using this legacy install method in this situation to
- be very low.
- Please contact zuul-discuss [6] with any concerns.
- We now return you to your regularly scheduled programming :)
- [1] https://packaging.python.org/discussions/pip-vs-easy-install/
- [2] https://github.com/pypa/setuptools/commit/d6948c636f5e657ac56911b71b7a459d326d8389
- [3] https://github.com/pypa/setuptools/issues/1916
- [4] https://python-packaging.readthedocs.io/en/latest/dependencies.html
- [5] https://review.opendev.org/695821
- [6] http://lists.zuul-ci.org/cgi-bin/mailman/listinfo/zuul-discuss
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement