Get deps from pypi during build #3310
Conversation
There was a problem hiding this comment.
Thanks for working on this @joemarshall !
I'm wondering if we actually want to manage the dependency resolution ourselves. The other alternative could be to use something like pip-tools to generate a dependency tree and output the requirements.txt with pinned versions that can then be built.
I guess here we could do a more accurate resolution for the emscripten_wasm32 platform, but I'm a bit concerned about the feature creap. In particular,
a) it might be better to list the output of packages to build, so the user can double-check them before actually building them. So I wonder even if we implement this, if wouldn't be better to write a requirements.txt files with some new CLI command and then run build on that input.
b) there are a lot of ways in which dependency resolution could produce results different to what the user wanted. So we need to consider whether we want to deal with such issues in the future, or if we consider this out of scope, and rather rely on some existing tool to do some of this.
Overall I agree this is useful functionality, and I'm not opposed to this PR, but I just want to be sure we also consider existing alternatives (if any) that would allow solving part of this use case.
|
|
||
|
|
||
| @contextmanager | ||
| def stream_redirected(to=os.devnull, stream=None): |
There was a problem hiding this comment.
Maybe you could use contextlib.redirect_stderr and redirect_stdout to avoid re-implementing it.
There was a problem hiding this comment.
contextlib doesn't redirect subprocess output - that's why this one is needed. Otherwise one would need to delve into anywhere subprocess is called (i.e. deep inside build) to redirect that.
There was a problem hiding this comment.
Could you please write a comment about this for the people who read this code in the future?
|
I was a bit torn about doing it like this with resolvelib (which is basically the resolution logic from pip made into a library) vs pip-tools (which uses more of pip internals, but is basically a similar thing). I think the pain with pip-tools is that there are a bunch of use cases that it doesn't easily support which are really super-useful for emscripten. In particular:
It's easy enough to make this logic output pinned requirements.txt files if required (and building from them is pretty trivial anyway given we support pypi builds already), but I do think having the core bit that calls resolvelib and makes wheels at the same time is important to support correctly resolving for emscripten. I have to moan about python packaging again btw, I get that in theory different builds could have different build-time generated dependencies, and that there are all sorts of build tools, but the fact that there is no standard metadata file included in an sdist which just specifies dependencies for each platform makes me sad. Having to compile wheels in order to find dependencies is a bit awful... |
The problem I ran into is things that are sdist only, or don't have pyodide specific wheels. There's no reliable way to determine requirements for an sdist other than to compile it. So then my script to generate the requirements.txt had to build all the non-pure python packages anyway, before it could output a set of resolutions, and having it done in one go saves doubling time spent compiling. Basically I think anything that makes the requirements.txt files will It could in theory be a separate pyodide command that does this, although that would lose the benefit of being able to build everything for a project from scratch whilst only building wheels once. Dunno how important that is? |
|
@rth Any thoughts on the above: I had a bit of a play with pip-tools again, but until there's a full cross-build environment for pyodide including support for using pyodide built-in packages in pip, it just isn't trivial to do this using pip-tools. I tried with pyodide pyenv but pip didn't really work for me there. You end up hacking an isolated virtual environment and then hacking sys to change the values of sys_platform etc., then telling it a whole load of packages are unsafe, and the unsafe list has to include any dependencies of any packages that you already have, as it still traverses dependencies of unsafe packages. It freaks me out slightly as you end up relying on the internal behaviour of pip-tools, which in turn is tied to the internal behaviour of pip, both of which don't really support running as libraries as opposed to scripts. Personally I think that one script in pyodide build that does the downloading and building of dependencies (and of requirements.txt files) using libraries that are meant to be used for dependency resolution is probably less fragile and less work to maintain than a script to hack a virtual environment so that pip-tools works, which will end up needing maintenance as pip-tools upgrades things or changes behaviour. It would be possible with a load of work on cross-env and pyodide to get things to a state where one could just build entirely using pip, but I think that's some way off? I really want reliable package building for complex dependency trees to be there soon, as it just makes everything so much simpler when porting anything complicated that uses multiple libraries across. |
I looked into this a bit and I agree it looks quite complicated and fragile. If there is an alternative to writing some complicated hack to make pip's internals understand what we need then it is preferable. It would be cool to get editable installs working correctly though. Currently with my venvs we can do editable installs of pure Python packages, but not of binary packages. |
|
|
||
|
|
||
| if TYPE_CHECKING: | ||
| APBase = AbstractProvider[Requirement, Candidate, str] |
There was a problem hiding this comment.
What goes wrong if you write AbstractProvider[Requirement, Candidate, str] when not TYPE_CHECKING?
for more information, see https://pre-commit.ci
for more information, see https://pre-commit.ci
|
@hoodmane I got round to doing the review changes for this. I also added thorough tests which serve a very basic fake pypi to test things like unresolvable requirements and complicated extra handling. I think at the moment it feels like it is reliable enough to merge. I have a couple of todos that would be worth putting in which is to read and resolve requirements.txt files, and to write out a flat requirements.txt but ideally I'd like to put those in a separate pr? |
|
Sounds good to me. This pr is already quite large any additional features would be best left to follow ups. I'll try to look this over one more time and merge it in a bit. |
|
Or you could merge it if you like. |
There was a problem hiding this comment.
Thanks, @joemarshall. I have minor comments about some details. I wasn't following the full conversation in this PR, so I'll let others approve.
| if not package_path.is_dir(): | ||
| # a pure-python wheel has been downloaded - just copy to dist folder | ||
| shutil.copy(str(package_path), str(curdir / "dist")) | ||
| print(f"Successfully fetched: {package_path.name}") | ||
| return | ||
| return curdir / "dist" / package_path.name |
There was a problem hiding this comment.
Maybe make this into a variable and reuse in both shutil.copy and return value?
|
|
||
|
|
||
| @contextmanager | ||
| def stream_redirected(to=os.devnull, stream=None): |
There was a problem hiding this comment.
Could you please write a comment about this for the people who read this code in the future?
| ) | ||
| def test_host_in_node_test(runtime, fn, tmp_path): | ||
| if runtime.startswith("node"): | ||
| fn(tmp_path) |
|
Hi @hoodmane , I've done the review changes above now, if you could merge that would be great, I don't have merge access to this repo. |
There was a problem hiding this comment.
Thanks again for your work @joemarshall. Please update the changelog, and some remaining test issues need to be fixed.
|
@ryanking13 Thanks, done that now. |
|
Damn, something broken in node tests, I'll sort that tomorrow |
|
@ryanking13 tests run in ci correctly now |
This switches to passing the source and build directories as arguments. It adds an output-directory argument to pyodide build allowing us to indicate where the output wheel should go independent of the build directory. I also did some cleanup of the logic added in pyodide#3310
This switches to passing the source and build directories as arguments. It adds an output-directory argument to pyodide build allowing us to indicate where the output wheel should go independent of the build directory. I also did some cleanup of the logic added in #3310
…ide#3746) This switches to passing the source and build directories as arguments. It adds an output-directory argument to pyodide build allowing us to indicate where the output wheel should go independent of the build directory. I also did some cleanup of the logic added in pyodide#3310
Description
Further extension to the work on pyodide build. This adds two new arguments:
--build-dependenciesGet dependency list from wheel and build (or download) wheels for all dependencies alongside the main wheel.
--skip-dependency NAMESkip a dependency - NAME can be either a package name, or the path to a json package list file in either repodata.json format (ie. Built in pyodide packages) or jupyterlite all.json format (i.e. jupyterlite wheel folder).
It uses resolvelib to do dependency resolution because it can handle backtracking etc. If you call pyodide build to build something then chuck all the wheel files into jupyterlite pypi directory it should now be able to load without hitting pypi (as piplite uses the version provided locally by default).
Needs tests but I thought it worth chucking up as soon as it was working for people to see
Checklists