Skip to content
This repository has been archived by the owner on Jan 5, 2024. It is now read-only.

Support dev only and sync #92

Merged
merged 3 commits into from
Aug 26, 2021
Merged

Support dev only and sync #92

merged 3 commits into from
Aug 26, 2021

Conversation

sssoleileraaa
Copy link
Contributor

Description

Closes #153

See test plan: freedomofpress/securedrop-log#24

Allie Crevier added 2 commits August 25, 2021 15:44
@sssoleileraaa sssoleileraaa mentioned this pull request Aug 25, 2021
Closed
include requirements dir
f3c876c 
Signed-off-by: Allie Crevier <allie@freedom.press>
@sssoleileraaa sssoleileraaa force-pushed the support-dev-only-and-sync branch from 9083196 to f3c876c Compare August 25, 2021 23:08
kushaldas
kushaldas approved these changes Aug 26, 2021
View reviewed changes
Copy link
Contributor

@kushaldas kushaldas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Note: The dev-requirements.txt file gets an update in the relatest tests here as importlib-metadata has an update.

Test new venv target:

  1. Create a dev env
    • make venv && source .venv/bin/activate creates dev env with all dev deps installed

Test updating existing requirements.txt file

  1. Run make requirements
    • Verify that you see no local changes since the dependency specification is already met (redis==3.3.11)
  2. Update dependency specification to redis>=3.3.11 and run make requirements
    • Verify that you see no local changes since the dependency specification is already met (3.3.11 is >= 3.3.11)
  3. Add a new dependency spec: zipp<3 to requirements.in and run make requirements
    • Verify that you see the new dependency pinned in requirements.txt
    • NEW SYNC BEHAVIOR Verify that you see the existing previously dev-only dependency downgraded in dev-requirements.txt to match what's in prod

Test creating new requirements.txt file

  1. Make sure to undo chnages from previous test
  2. rm -r requirements/requirements.txt
  3. make requirements
    • Verify that you see no local changes since the only dependency specification is redis==3.3.11 which matches what we have on remote
  4. rm -r requirements/requirements.txt
  5. Update dependency specification to redis>=3.3.11 and run make requirements
    • Verify that you see the latest version of redis pinned in requirements.txt
    • NEW SYNC BEHAVIOR Verify that you see the same version of redis in dev-requirements.txt to match what's in prod

Test updating a single dependency

  1. Update dependency specification to redis>=3.3.11,<3.5 and run PACKAGE=redis make update-dependency
    • Verify that you see version 3.4.1 of redis pinned in requirements.txt
    • NEW SYNC BEHAVIOR Verify that you see the same version of redis in dev-requirements.txt to match what's in prod
  2. Try to add a new dependency that doesn't exist in requirements.in by running PACKAGE=pytest make update-dependency
    • Verify that you see no local changes

Test updating all dev-only dependencies

  1. make update-dev-only-dependencies
    • Verify that you see no local changes since the only dev dependency is already the latest
  2. Add six<1 and redis (with no ==, <=, or >=) to dev-requirements.in and run make update-dev-only-dependencies
    • Verify that redis is still pinned to the same version as prod
    • Verify six==0.9.2 is pinned in dev-requirements.txt
  3. Update six<1 to just six and run make update-dev-only-dependencies
    • Verify latest version of six is pinned in dev-requirements.txt

@kushaldas kushaldas merged commit 7d6dc21 into main Aug 26, 2021
@kushaldas kushaldas deleted the support-dev-only-and-sync branch August 26, 2021 09:17
conorsch pushed a commit to freedomofpress/securedrop-builder that referenced this pull request Sep 1, 2021
Update proxy reqs path
c2977c1 
Recent nightlies of `securedrop-proxy` were broken, due to missing
imports [0]. In a recent PR [1], the requirements files within the
securedrop-proxy repo (and therefore tarball) were moved, and the
package build logic depends on those locations.

To my great surprise and disappoint, dh_virtualenv evidently will not
complain if a `--requirements` file does not exist. The build will be
called successful. That's unacceptable, so I've modified the
debian/rules file to test for existence as a workaround. If folks agree
this is a sane solution, we should update the rules files for the other
packages to match.

[0] https://github.com/freedomofpress/securedrop-proxy/issues/94
[1] freedomofpress/securedrop-proxy#92
@conorsch conorsch mentioned this pull request Sep 1, 2021
Merged
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@kushaldas kushaldas kushaldas approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[securedrop-proxy] make sure to use same versions of prod packages in the dev env
2 participants
@sssoleileraaa @kushaldas