pipenv cache is skipped when it should not be #1398
Comments
|
Hi! Thank you for filing an issue - I agree the current pipenv caching handling here is broken. So thinking about this a bit, I'm leaning towards treating lockfiles as deterministic (since well, that's the whole point of them), and not having any forced-invalidation behaviour in the buildpack at all for this. It would then be up to Pipenv to ensure it puts deterministic things in the lockfile (and not eg a branch name without a corresponding SHA). Pipenv might very well do that already - however, I don't use Pipenv, and I haven't had a chance to play around with this. And even if Pipenv doesn't lock to a SHA in the lockfile, well that kind of seems like a bug that's up to Pipenv to fix - and so something that we shouldn't work around in the buildpack here. Thoughts? |
|
Though it seems there were issues for editable mode, xref: As such, it's this would need further research before we can change this. |
Previously the buildpack would skip running `pipenv install` for repeat
Pipenv builds if (a) the SHA256 of the `Pipfile.lock` file had not changed
since the last successful build, and (b) there were no Git VCS references
in the lockfile.
However, this has a few issues:
1. There are other cases where it's not safe to assume that there is no
need to re-run `pipenv install`, such as when installing a non-editable
local dependency (see #1525), or when using editable local dependencies
with the current path re-writing strategy (see #1520).
2. The current Git VCS check has false positives (see #1130, #1398).
3. Even if we try and add more checks/workarounds to resolve (1) and (2),
we're still having to make assumptions about internal Pipenv implementation
details, and hardcode these in the buildpack, hoping we didn't miss anything
and that Pipenv's behaviour doesn't change over time (which is not the case,
as seen by the recent regression pypa/pipenv#6054)
As such, we now instead always re-run `pipenv install`, and defer to Pipenv to
decide whether the environment needs updating.
This should still be fast, since the cached `site-packages` is still being used (and
if there are any scenarios in which it's not fast, then that's an upstream Pipenv
bug).
Integration tests were also added for various types of editable Pipenv installs,
since we previously only had test coverage of editable installs for Pip.
Fixes #1520.
Fixes #1525.
Closes #1130.
Closes #1398.
|
The fragile |
This will silently make the buildpack skip cache when a project relies on or uses anything that relies on package(s) having
gitin its name:heroku-buildpack-python/bin/steps/pipenv
Line 13 in 0519871
A good example is:
gitpythonas a dependency and seems to be widely used,While I understand why the buildpack is checking for
git, this should be handled differently:git+://"ref":or"git":string(s)But most importantly this buildpack should notify the user why install was enforced.
The text was updated successfully, but these errors were encountered: