From 971fa1eae2a995ed1080dd7de6394603ffc3c145 Mon Sep 17 00:00:00 2001 From: Jacob Floyd Date: Wed, 26 Oct 2022 18:52:08 -0500 Subject: [PATCH 1/9] inform pants about 3rd party dependencies and constraints --- BUILD | 39 ++++++++++- contrib/core/BUILD | 1 + contrib/runners/winrm_runner/BUILD | 5 ++ lockfiles/st2-constraints.txt | 68 ++++++++++++++++++++ pants.toml | 6 +- requirements-pants.txt | 100 +++++++++++++++++++++++++++++ 6 files changed, 215 insertions(+), 4 deletions(-) create mode 100644 contrib/runners/winrm_runner/BUILD create mode 100644 lockfiles/st2-constraints.txt create mode 100644 requirements-pants.txt diff --git a/BUILD b/BUILD index 389d4a2126..c7b9b8b0a5 100644 --- a/BUILD +++ b/BUILD @@ -1,5 +1,42 @@ python_requirements( - name="root", + name="reqs", + source="requirements-pants.txt", + module_mapping={ + "gitpython": ["git"], + "python-editor": ["editor"], + "python-json-logger": ["pythonjsonlogger"], + "python-statsd": ["statsd"], + "sseclient-py": ["sseclient"], + "oslo.config": ["oslo_config"], + "RandomWords": ["random_words"], + }, + overrides={ + # flex uses pkg_resources w/o declaring the dep + "flex": { + "dependencies": [ + "//:reqs#setuptools", + ] + }, + # do not use the prance[flex] extra as that pulls in an old version of flex + "prance": { + "dependencies": [ + "//:reqs#flex", + ] + }, + # stevedore uses pkg_resources w/o declaring the dep + "stevedore": { + "dependencies": [ + "//:reqs#setuptools", + ] + }, + # tooz needs one or more backends (tooz is used by the st2 coordination backend) + "tooz": { + "dependencies": [ + "//:reqs#redis", + "//:reqs#zake", + ] + }, + }, ) python_test_utils( diff --git a/contrib/core/BUILD b/contrib/core/BUILD index 24a2f3fe28..61a6e0293e 100644 --- a/contrib/core/BUILD +++ b/contrib/core/BUILD @@ -3,4 +3,5 @@ python_sources() python_requirements( name="reqs", source="requirements-tests.txt", + module_mapping={"mail-parser": ["mailparser"]}, ) diff --git a/contrib/runners/winrm_runner/BUILD b/contrib/runners/winrm_runner/BUILD new file mode 100644 index 0000000000..b4b926ade7 --- /dev/null +++ b/contrib/runners/winrm_runner/BUILD @@ -0,0 +1,5 @@ +python_requirement( + name="winrm", + requirements=["pywinrm"], + modules=["winrm"], +) diff --git a/lockfiles/st2-constraints.txt b/lockfiles/st2-constraints.txt new file mode 100644 index 0000000000..22c4de97af --- /dev/null +++ b/lockfiles/st2-constraints.txt @@ -0,0 +1,68 @@ +# Add/remove version constraints for transitive dependencies in this file +# (transitive dependencies are dependencies of our direct dependencies). +# Then run `./pants generate-lockfiles --resolve=st2` to regenerate the lockfile. +# +# Direct dependencies should be recorded in `requirements-pants.txt`, not here. + +# ############################################ # +# pinned transitive deps from requirements.txt # +# ############################################ # +# +# required by jinja2: +# fixed-requirements.txt: +# Fix MarkupSafe to < 2.1.0 as 2.1.0 removes soft_unicode +# >=0.23 was from jinja2 +MarkupSafe<2.1.0,>=0.23 +# +# required by kombu: +#amqp==5.0.6 +# +# required by cryptography, paramiko, passlib: +#bcrypt==3.2.0 +# +# required by bcrypt, cryptography, pynacl, zstandard: +#cffi<1.15.0 +# +# required by orquesta, prance, requests: +# fixed-requirements.txt: +# requests 2.23 requires chardet < 3.1.0 +#chardet<3.1.0 +# +# required by jsonpath-rw, networkx: +# fixed-requireements.txt: +# networkx requires decorator>=4.3,<5 which should resolve to version 4.4.2 +# but the wheel on pypi does not say it supports python3.8, so pip gets +# confused. For now, pin decorator to work around pip's confusion. +#decorator==4.4.2 +# +# required by eventlet, pymongo: +# fixed-requireements.txt: +# NOTE: 2.0 version breaks pymongo work with hosts +#dnspython>=1.16.0,<2.0.0 +# +# required by eventlet: +#greenlet==1.0.0 +# +# required by argcomplete, click, debtcollector, kombu, pluggy, prettytable, +# pytest, virtualenv: +#importlib-metadata==3.10.1 +# +# required by tooz: +#oslo.utils<5.0,>=4.0.0 +#tenacity>=3.2.1,<7.0.0 +# +# required by st2-auth-backend-flat-file: +#passlib==1.7.4 +# +# required by pymongo, urllib3: +# fixed-requireements.txt: +# pyOpenSSL 22.0.0 requires cryptography>=35.0 +#pyOpenSSL<=21.0.0 +# +# required by oslo.utils, packaging: +#pyparsing<3 +# +# required by gitpython, importlib-metadata: +# fixed-requireements.txt: +# importlib-metadata requires typing-extensions but v4.2.0 requires py3.7+ +#typing-extensions<4.2 diff --git a/pants.toml b/pants.toml index 1e128d6442..b4f3a70d79 100644 --- a/pants.toml +++ b/pants.toml @@ -35,9 +35,9 @@ pants_ignore.add = [ "st2common/tests/fixtures/requirements-used-for-tests.txt", "/fixed-requirements.txt", "/test-requirements.txt", - # keep requirements.txt for now. We might ignore it if we need an alternate interrim - # file that is decoupled from our legacy requirements files generation. - # "/requirements.txt", + # ignore requirements.txt for now, preferring interrim files that are decoupled from + # legacy requirements files generation: requirements-pants.txt & lockfiles/st2-constraints.txt + "/requirements.txt", ] [source] diff --git a/requirements-pants.txt b/requirements-pants.txt new file mode 100644 index 0000000000..93c7c72415 --- /dev/null +++ b/requirements-pants.txt @@ -0,0 +1,100 @@ +# Add/remove direct 3rd party dependencies here, with version constraints if necessary. +# Then run `./pants generate-lockfiles --resolve=st2` to regenerate the lockfile. +# +# Please do not add transitive dependencies in this file (ie dependencies of our dependencies). +# Use `lockfiles/st2-constraints.txt` to constrain the version of these transitive dependencies. +# +# Please keep this list alphabetical, with tooz backends in a separate list. + +apscheduler +argcomplete +ciso8601 +cryptography +# eventlet 0.31+ and gunicorn 20.1.0 are not compatible +eventlet<0.31 +# flex parses the openapi 2 spec in our router +flex +# gitpython & gitdb are used for pack management +gitdb +gitpython +gunicorn +jinja2 +jsonpath-rw +jsonschema +kombu +lockfile +mock +mongoengine +# Note: networkx v2.6 dropped support for Python3.6 +# networkx version is constrained in orquesta. +networkx +orjson +orquesta @ git+https://github.com/StackStorm/orquesta.git@v1.5.0 +# NOTE: Recent version substantially affect the performance and add big import time overhead +# See https://github.com/StackStorm/st2/issues/4160#issuecomment-394386433 for details +oslo.config>=1.12.1,<1.13 +paramiko +# prance is used by st2-validate-api-spec to validate the openapi spec +# prance needs flex, but do not use the extra as that gets an old version. +prance +prettytable +# For st2client: prompt-toolkit v2+ does not have prompt_toolkit.token.Token +prompt-toolkit<2 +psutil +pymongo +# pyrabbit used in an integration test +pyrabbit +pytest +python-dateutil +python-editor +# pythonjsonlogger referenced in st2actions/conf/logging.conf +python-json-logger +python-statsd +pytz +PyYAML +# RandomWords used in some tests +RandomWords +requests[security] +retrying +routes +semver +# setuptools provides pkg_resources +setuptools +simplejson +six +# NOTE: we use sseclient-py instead of sseclient because sseclient +# has various issues which sometimes hang the connection for a long time, etc. +sseclient-py +# bandit doesn't work w/ stevedore 3+ +stevedore<3 +# For backward compatibility reasons, flat file backend is installed by default +st2-auth-backend-flat-file @ git+https://github.com/StackStorm/st2-auth-backend-flat-file.git@master +st2-auth-ldap @ git+https://github.com/StackStorm/st2-auth-ldap.git@master +st2-rbac-backend @ git+https://github.com/StackStorm/st2-rbac-backend.git@master +# tabulate used by tools/log_watcher.py +tabulate +tooz +udatetime +ujson +unittest2 +virtualenv +webob +webtest +# zstandard is used for micro benchmarks +zstandard + +# tooz backends +redis +zake + +# was in fixed-requirements.txt, but not in requirements-pants.txt +# keyczar is used by a python2-only test. +#python-keyczar + +########### + +# not needed with switch to pytest +#nose +#nose-timer +#nose-parallel +#rednose From 06db5213373e1f7cce3a63067933f2e3743ca9fc Mon Sep 17 00:00:00 2001 From: Jacob Floyd Date: Fri, 28 Oct 2022 12:18:57 -0500 Subject: [PATCH 2/9] cleanup comments --- lockfiles/st2-constraints.txt | 1 - pants.toml | 2 +- requirements-pants.txt | 1 - 3 files changed, 1 insertion(+), 3 deletions(-) diff --git a/lockfiles/st2-constraints.txt b/lockfiles/st2-constraints.txt index 22c4de97af..e8c9a5097b 100644 --- a/lockfiles/st2-constraints.txt +++ b/lockfiles/st2-constraints.txt @@ -1,6 +1,5 @@ # Add/remove version constraints for transitive dependencies in this file # (transitive dependencies are dependencies of our direct dependencies). -# Then run `./pants generate-lockfiles --resolve=st2` to regenerate the lockfile. # # Direct dependencies should be recorded in `requirements-pants.txt`, not here. diff --git a/pants.toml b/pants.toml index b4f3a70d79..3ddbf7b88f 100644 --- a/pants.toml +++ b/pants.toml @@ -35,7 +35,7 @@ pants_ignore.add = [ "st2common/tests/fixtures/requirements-used-for-tests.txt", "/fixed-requirements.txt", "/test-requirements.txt", - # ignore requirements.txt for now, preferring interrim files that are decoupled from + # ignore requirements.txt for now, preferring interim files that are decoupled from # legacy requirements files generation: requirements-pants.txt & lockfiles/st2-constraints.txt "/requirements.txt", ] diff --git a/requirements-pants.txt b/requirements-pants.txt index 93c7c72415..e6772460bb 100644 --- a/requirements-pants.txt +++ b/requirements-pants.txt @@ -1,5 +1,4 @@ # Add/remove direct 3rd party dependencies here, with version constraints if necessary. -# Then run `./pants generate-lockfiles --resolve=st2` to regenerate the lockfile. # # Please do not add transitive dependencies in this file (ie dependencies of our dependencies). # Use `lockfiles/st2-constraints.txt` to constrain the version of these transitive dependencies. From b790022d9d81b96cdef9f63f9978a46d606a0240 Mon Sep 17 00:00:00 2001 From: Jacob Floyd Date: Fri, 28 Oct 2022 12:20:54 -0500 Subject: [PATCH 3/9] simplify reqs overrides --- BUILD | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/BUILD b/BUILD index c7b9b8b0a5..f09d6237ee 100644 --- a/BUILD +++ b/BUILD @@ -11,8 +11,8 @@ python_requirements( "RandomWords": ["random_words"], }, overrides={ - # flex uses pkg_resources w/o declaring the dep - "flex": { + # flex and stevedore uses pkg_resources w/o declaring the dep + ("flex", "stevedore"): { "dependencies": [ "//:reqs#setuptools", ] @@ -23,12 +23,6 @@ python_requirements( "//:reqs#flex", ] }, - # stevedore uses pkg_resources w/o declaring the dep - "stevedore": { - "dependencies": [ - "//:reqs#setuptools", - ] - }, # tooz needs one or more backends (tooz is used by the st2 coordination backend) "tooz": { "dependencies": [ From 8c174ae58c75ca87cf7c0616fcc6d92855ad78cb Mon Sep 17 00:00:00 2001 From: Jacob Floyd Date: Fri, 28 Oct 2022 13:02:02 -0500 Subject: [PATCH 4/9] pants: remove gitpython from module mapping It is already available in the default_module_mapping --- BUILD | 1 - 1 file changed, 1 deletion(-) diff --git a/BUILD b/BUILD index f09d6237ee..4b37c06b59 100644 --- a/BUILD +++ b/BUILD @@ -2,7 +2,6 @@ python_requirements( name="reqs", source="requirements-pants.txt", module_mapping={ - "gitpython": ["git"], "python-editor": ["editor"], "python-json-logger": ["pythonjsonlogger"], "python-statsd": ["statsd"], From 4ba4cc999cd27a1aa80c1ad67bd2a52f9882d157 Mon Sep 17 00:00:00 2001 From: Jacob Floyd Date: Fri, 28 Oct 2022 13:43:52 -0500 Subject: [PATCH 5/9] enable many of the transitive dep constraints --- lockfiles/st2-constraints.txt | 65 +++++++++++++++++++++-------------- 1 file changed, 39 insertions(+), 26 deletions(-) diff --git a/lockfiles/st2-constraints.txt b/lockfiles/st2-constraints.txt index e8c9a5097b..417e05ac80 100644 --- a/lockfiles/st2-constraints.txt +++ b/lockfiles/st2-constraints.txt @@ -12,56 +12,69 @@ # Fix MarkupSafe to < 2.1.0 as 2.1.0 removes soft_unicode # >=0.23 was from jinja2 MarkupSafe<2.1.0,>=0.23 -# + # required by kombu: -#amqp==5.0.6 -# +# lockfile had 5.1.1 without this +amqp==5.0.6 + # required by cryptography, paramiko, passlib: -#bcrypt==3.2.0 -# +# lockfile had 4.0.1 without this +bcrypt==3.2.0 + # required by bcrypt, cryptography, pynacl, zstandard: -#cffi<1.15.0 -# +# lockfile had 1.15.1 without this +cffi<1.15.0 + # required by orquesta, prance, requests: # fixed-requirements.txt: # requests 2.23 requires chardet < 3.1.0 +# lockfile had 3.0.4 without this +# left commented since orquesta already constrains the version. #chardet<3.1.0 -# + # required by jsonpath-rw, networkx: # fixed-requireements.txt: # networkx requires decorator>=4.3,<5 which should resolve to version 4.4.2 # but the wheel on pypi does not say it supports python3.8, so pip gets # confused. For now, pin decorator to work around pip's confusion. +# lockfile had 4.4.2 without this (so this is just a pin) #decorator==4.4.2 -# + # required by eventlet, pymongo: # fixed-requireements.txt: # NOTE: 2.0 version breaks pymongo work with hosts -#dnspython>=1.16.0,<2.0.0 -# +# lockfile had 1.16 without this +dnspython>=1.16.0,<2.0.0 + # required by eventlet: +# lockfile had 1.1.3.post0 without this (so this is just a pin) #greenlet==1.0.0 -# + # required by argcomplete, click, debtcollector, kombu, pluggy, prettytable, # pytest, virtualenv: +# lockfile had 4.8.3 without this (this pin actually causes conflicts) #importlib-metadata==3.10.1 -# + # required by tooz: -#oslo.utils<5.0,>=4.0.0 -#tenacity>=3.2.1,<7.0.0 -# +# lockfile had 4.13 without this +oslo.utils<5.0,>=4.0.0 +# lockfile had 8.1 without this +tenacity>=3.2.1,<7.0.0 + # required by st2-auth-backend-flat-file: +# lockfile had 1.7.4 without this (so this is just a pin) #passlib==1.7.4 -# -# required by pymongo, urllib3: -# fixed-requireements.txt: -# pyOpenSSL 22.0.0 requires cryptography>=35.0 -#pyOpenSSL<=21.0.0 -# -# required by oslo.utils, packaging: + +# pyOpenSSL required by pymongo[ocsp], redis[ocsp], urllib3[secure] +# but we don't use any of those, so skip copying from fixed-requirements.txt + +# required by httplib2, oslo.utils, packaging: +# It looks like <3 was only needed for python2 compatibility. +# lockfile had 3.0.7 without this. #pyparsing<3 -# -# required by gitpython, importlib-metadata: + +# required by async-timeout, gitpython, importlib-metadata, redis: # fixed-requireements.txt: # importlib-metadata requires typing-extensions but v4.2.0 requires py3.7+ -#typing-extensions<4.2 +# lockfile had 4.1.1 without this. +typing-extensions<4.2 From 702dd95fb247d6ed38e351beaedb727740975b26 Mon Sep 17 00:00:00 2001 From: Jacob Floyd Date: Fri, 28 Oct 2022 17:17:30 -0500 Subject: [PATCH 6/9] improve documentation in st2-constraints.txt --- lockfiles/st2-constraints.txt | 115 ++++++++++++++++++++++------------ 1 file changed, 74 insertions(+), 41 deletions(-) diff --git a/lockfiles/st2-constraints.txt b/lockfiles/st2-constraints.txt index 417e05ac80..1383a2af96 100644 --- a/lockfiles/st2-constraints.txt +++ b/lockfiles/st2-constraints.txt @@ -3,78 +3,111 @@ # # Direct dependencies should be recorded in `requirements-pants.txt`, not here. +# please document each version constraint as follows: +# +# REQUIRED BY: , , ... +# REASON: +# NOTE: +# DROPS RESOLVED VERSION: +# + # ############################################ # # pinned transitive deps from requirements.txt # # ############################################ # -# -# required by jinja2: -# fixed-requirements.txt: -# Fix MarkupSafe to < 2.1.0 as 2.1.0 removes soft_unicode -# >=0.23 was from jinja2 + +# REQUIRED BY: jinja2 +# REASON: Fix MarkupSafe to < 2.1.0 as 2.1.0 removes soft_unicode >=0.23 was from jinja2 +# NOTE: try to remove constraint later. +# DROPS RESOLVED VERSION: unknown MarkupSafe<2.1.0,>=0.23 -# required by kombu: -# lockfile had 5.1.1 without this +# REQUIRED BY: kombu +# REASON: unknown -- this looks like a lockfile-style pin +# NOTE: try to remove constraint later. +# DROPS RESOLVED VERSION: 5.1.1 amqp==5.0.6 -# required by cryptography, paramiko, passlib: -# lockfile had 4.0.1 without this +# REQUIRED BY: cryptography, paramiko, passlib +# REASON: unknown -- this looks like a lockfile-style pin +# NOTE: try to remove constraint later. +# DROPS RESOLVED VERSION: 4.0.1 bcrypt==3.2.0 -# required by bcrypt, cryptography, pynacl, zstandard: -# lockfile had 1.15.1 without this +# REQUIRED BY: bcrypt, cryptography, pynacl, zstandard +# REASON: unknown +# NOTE: try to remove constraint later. +# DROPS RESOLVED VERSION: 1.15.1 cffi<1.15.0 -# required by orquesta, prance, requests: -# fixed-requirements.txt: -# requests 2.23 requires chardet < 3.1.0 -# lockfile had 3.0.4 without this -# left commented since orquesta already constrains the version. +# REQUIRED BY: orquesta, prance, requests +# REASON: requests 2.23 requires chardet < 3.1.0 +# NOTE: orquesta already constrains this, so this is just documentation. +# DROPS RESOLVED VERSION: 3.0.4 #chardet<3.1.0 -# required by jsonpath-rw, networkx: -# fixed-requireements.txt: +# REQUIRED BY: jsonpath-rw, networkx +# REASON: # networkx requires decorator>=4.3,<5 which should resolve to version 4.4.2 # but the wheel on pypi does not say it supports python3.8, so pip gets # confused. For now, pin decorator to work around pip's confusion. -# lockfile had 4.4.2 without this (so this is just a pin) +# NOTE: Since pants/pex use a newer version of pip, this is not an issue. +# DROPS RESOLVED VERSION: 4.4.2 #decorator==4.4.2 -# required by eventlet, pymongo: -# fixed-requireements.txt: -# NOTE: 2.0 version breaks pymongo work with hosts -# lockfile had 1.16 without this +# REQUIRED BY: eventlet, pymongo +# REASON: 2.0 version breaks pymongo work with hosts +# NOTE: try to remove this later +# DROPS RESOLVED VERSION: 1.16 dnspython>=1.16.0,<2.0.0 -# required by eventlet: -# lockfile had 1.1.3.post0 without this (so this is just a pin) +# REQUIRED BY: eventlet +# REASON: unknown -- this looks like a lockfile-style pin +# NOTE: We are having a hard time upgrading eventlet, so this pin is commented +# out to see if that will help. If any tests fail, uncomment this. +# DROPS RESOLVED VERSION: 1.1.3.post0 #greenlet==1.0.0 -# required by argcomplete, click, debtcollector, kombu, pluggy, prettytable, -# pytest, virtualenv: -# lockfile had 4.8.3 without this (this pin actually causes conflicts) +# REQUIRED BY: argcomplete, click, debtcollector, kombu, pluggy, prettytable, +# pytest, virtualenv +# REASON: unknown +# NOTE: This pinned version (3.10.1) actually conflicts with other requirements. +# So, it is commented out. If there are issues with newer versions, +# update this with a range of valid versions. +# DROPS RESOLVED VERSION: 4.8.3 #importlib-metadata==3.10.1 -# required by tooz: -# lockfile had 4.13 without this +# REQUIRED BY: tooz +# REASON: unknown +# NOTE: try to remove constraint later. +# DROPS RESOLVED VERSION: 4.13 oslo.utils<5.0,>=4.0.0 -# lockfile had 8.1 without this + +# REQUIRED BY: tooz +# REASON: unknown +# NOTE: try to remove constraint later. +# DROPS RESOLVED VERSION: 8.1 tenacity>=3.2.1,<7.0.0 -# required by st2-auth-backend-flat-file: -# lockfile had 1.7.4 without this (so this is just a pin) +# REQUIRED BY: st2-auth-backend-flat-file +# REASON: unknown -- this looks like a lockfile-style pin +# NOTE: st2-auth-backend-flat-file has a version range >=1.7.1,<1.8.0 +# If we need to narrow that range, we should do so in: +# https://github.com/StackStorm/st2-auth-backend-flat-file/blob/master/requirements.txt +# DROPS RESOLVED VERSION: 1.7.4 #passlib==1.7.4 -# pyOpenSSL required by pymongo[ocsp], redis[ocsp], urllib3[secure] +# pyOpenSSL required by: pymongo[ocsp], redis[ocsp], urllib3[secure] # but we don't use any of those, so skip copying from fixed-requirements.txt -# required by httplib2, oslo.utils, packaging: -# It looks like <3 was only needed for python2 compatibility. -# lockfile had 3.0.7 without this. +# REQUIRED BY: httplib2, oslo.utils, packaging +# REASON: unknown -- It looks like <3 was only needed for python2 compatibility. +# NOTE: this is still here, commented, until we can validate that all test are +# passing without it. +# DROPS RESOLVED VERSION: 3.0.7 #pyparsing<3 -# required by async-timeout, gitpython, importlib-metadata, redis: -# fixed-requireements.txt: -# importlib-metadata requires typing-extensions but v4.2.0 requires py3.7+ -# lockfile had 4.1.1 without this. +# REQUIRED BY: async-timeout, gitpython, importlib-metadata, redis +# REASON: importlib-metadata requires typing-extensions but v4.2.0 requires py3.7+ +# NOTE: try to remove constraint later. +# DROPS RESOLVED VERSION: 4.1.1 typing-extensions<4.2 From fb2bd1de42582b8cadff4883966788519fb51a2e Mon Sep 17 00:00:00 2001 From: Jacob Floyd Date: Mon, 31 Oct 2022 13:08:37 -0500 Subject: [PATCH 7/9] add BUILD comments about future removal of module_mapping --- BUILD | 2 ++ contrib/core/BUILD | 2 ++ contrib/runners/winrm_runner/BUILD | 2 ++ 3 files changed, 6 insertions(+) diff --git a/BUILD b/BUILD index 4b37c06b59..67c925d4cf 100644 --- a/BUILD +++ b/BUILD @@ -1,6 +1,8 @@ python_requirements( name="reqs", source="requirements-pants.txt", + # module_mapping can be removed once pants is released with + # https://github.com/pantsbuild/pants/pull/17390 module_mapping={ "python-editor": ["editor"], "python-json-logger": ["pythonjsonlogger"], diff --git a/contrib/core/BUILD b/contrib/core/BUILD index 61a6e0293e..a71b6ad328 100644 --- a/contrib/core/BUILD +++ b/contrib/core/BUILD @@ -3,5 +3,7 @@ python_sources() python_requirements( name="reqs", source="requirements-tests.txt", + # module_mapping can be removed once pants is released with + # https://github.com/pantsbuild/pants/pull/17390 module_mapping={"mail-parser": ["mailparser"]}, ) diff --git a/contrib/runners/winrm_runner/BUILD b/contrib/runners/winrm_runner/BUILD index b4b926ade7..a6be53dbd1 100644 --- a/contrib/runners/winrm_runner/BUILD +++ b/contrib/runners/winrm_runner/BUILD @@ -1,5 +1,7 @@ python_requirement( name="winrm", requirements=["pywinrm"], + # modules can be removed once pants is released with + # https://github.com/pantsbuild/pants/pull/17390 modules=["winrm"], ) From 3fcd0cba6efaf9077ec730f0447bc9e51cfacdb9 Mon Sep 17 00:00:00 2001 From: Jacob Floyd Date: Thu, 3 Nov 2022 22:32:06 -0500 Subject: [PATCH 8/9] add missing direct dependency --- requirements-pants.txt | 2 ++ 1 file changed, 2 insertions(+) diff --git a/requirements-pants.txt b/requirements-pants.txt index e6772460bb..f712a48a10 100644 --- a/requirements-pants.txt +++ b/requirements-pants.txt @@ -16,6 +16,8 @@ flex # gitpython & gitdb are used for pack management gitdb gitpython +# st2common/tests/integration/test_util_green.py requires greenlet (as does eventlet) +greenlet gunicorn jinja2 jsonpath-rw From fefc94df7640f923690b1d296a7e0389513886b4 Mon Sep 17 00:00:00 2001 From: Jacob Floyd Date: Wed, 26 Oct 2022 19:41:13 -0500 Subject: [PATCH 9/9] update changelog entry --- CHANGELOG.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.rst b/CHANGELOG.rst index d2ac9493f4..e7b64c505d 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -10,7 +10,7 @@ Added * Continue introducing `pants `_ to improve DX (Developer Experience) working on StackStorm, improve our security posture, and improve CI reliability thanks in part to pants' use of PEX lockfiles. This is not a user-facing addition. - #5778 + #5778 #5789 Contributed by @cognifloyd