Bring up to equivalent quality as Python images

[JayH5]

Ports over roughly the following PRs:

• Fix two versions of pip being installed, and add a basic test to ensure the pip version we request is the pip version we get python#121
• Install tk-dev and tcl-dev before building python python#127
• Revert "dpkg-divert" and change PATH instead python#137
• Add a few simple Python 3 templates based on existing Dockerfiles python#139
• Update to 3.6.0a4 (and add "--force-reinstall" to pip) python#144

Also adds SHA256 checksum checks for the PyPy tarball downloads.

Apologies that this is kind of big but I'm keen that this stuff doesn't get left behind.

[JayH5]

There are currently failing tests because the tests check for python/python3 before they do pypy/pypy3 here: https://github.com/docker-library/official-images/blob/master/test/tests/run-python-in-container.sh#L8 . This is only a problem now because we aren't uninstalling Python anymore.

As far as I can see, 2 obvious ways to fix this would be:

1. Change the test to look for pypy/pypy3 first.
2. Add a symlink in the PyPy images from pypy/pypy3 to /usr/local/bin/python//usr/local/bin/python3

[JayH5]

Note that I'm not installing these in the slim images, as the same is not done in the Python slim images.

You can check for the necessary libraries doing something like:

find /usr/local -type f -iname '*.so' | xargs ldd | grep 'not found'

On the non-slim Python/PyPy images this returns nothing. On the slim PyPy images this returns:

        libtcl8.6.so => not found
        libtk8.6.so => not found
        libgdbm.so.3 => not found

On the slim Python images it returns:

        libtk8.6.so => not found
        libtcl8.6.so => not found
        libX11.so.6 => not found

Not sure if missing gdbm is an issue...

[yosifkit]

We could open a new issue to research the missing libgdbm to see if it is a problem. It is missing from the current slim images as well, so it is unrelated to your changes.

[yosifkit]

As for the test change vs symlink, I would think fixing the test is the correct way. On the other had, do users of pypy expect python to be a symlink to pypy?

[yosifkit]

👍 Overall looks like a great improvement.

[JayH5]

Normally one would make a virtualenv I guess, and then this wouldn't be a problem, but that's a bit less common inside a container. I've found it occasionally handy to have pypy available as python-- sometimes a script does python -c 'print("blah")' or something. But most of the time I find myself running stuff that is pip-installed that will automatically use PyPy.

So I'm not really sure.. it's usually not necessary I don't think.

It's maybe worth noting that the python:3 images symlink python3 as python, so there is sort of some precedent.

[yosifkit]

📗 💚 LGTM

[tianon]

Where does this value come from, and how is it expected to be updated? With Python, these values come directly from upstream and are updated via update.sh automatically (anything else is too error prone).

If upstream doesn't provide any means of verification, I'd rather not create our own (and thus just trust https and bitbucket as we've done, and as upstream officially provides).

[JayH5]

It's from the downloads page: http://pypy.org/download.html#checksums

I didn't realise this stuff was updated via a script. I could work something into update.sh that does something like this (accounting for versions and such):

curl http://pypy.org/download.html \
  | grep -E '[a-f0-9]{64}  pypy2-v5.4.0-linux64.tar.bz2' \
  | cut -d' ' -f1

What do you think? Or is it just not worth the effort?

[JayH5]

I've added a command to fetch the checksum to update.sh.

[JayH5]

Merged from master and updated to PyPy 5.4.1

[tianon]

Thanks @JayH5! 👍

LGTM