Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

action: use a venv to prevent PEP 668 errors #145

Merged
merged 4 commits into from
Jul 4, 2024
Merged

action: use a venv to prevent PEP 668 errors #145

merged 4 commits into from
Jul 4, 2024

Conversation

woodruffw
Copy link
Member

@woodruffw woodruffw commented Jul 3, 2024
edited
Loading

WIP.

Closes #144.

@woodruffw
action: use a venv to prevent PEP 668 errors
1b864f6 
Signed-off-by: William Woodruff <william@trailofbits.com>
@woodruffw woodruffw self-assigned this Jul 3, 2024
woodruffw added 2 commits July 3, 2024 09:11
@woodruffw
action: use sys.executable
2ca8bd9 
Signed-off-by: William Woodruff <william@trailofbits.com>
@woodruffw
fight with Windows
cc56c88 
Signed-off-by: William Woodruff <william@trailofbits.com>
@woodruffw woodruffw marked this pull request as ready for review July 3, 2024 13:21
@woodruffw
Copy link
Member Author

This is good to go. To summarize:

We now isolate this action's Python dependencies inside of a virtual environment, rather than using either the distribution or configured Python's user packages site. This makes us both compatible with PEP 668 (the source of the error) and avoids the (slim) likelihood of conflict with other steps running in the same job.

(Plumbing everything through this new venv is a minor adventure, since Windows and *nix venvs have slightly different directory layouts. But the selftests confirm that the specialization for both works.)

@woodruffw woodruffw requested a review from jku July 3, 2024 13:23
@woodruffw woodruffw mentioned this pull request Jul 3, 2024
Closed
@woodruffw woodruffw requested a review from di July 3, 2024 13:24
@woodruffw
setup: minimum Python is 3.8
d7c6c72 
This has been true for a while.

Signed-off-by: William Woodruff <william@trailofbits.com>
jku
jku approved these changes Jul 4, 2024
View reviewed changes
Copy link
Member

@jku jku left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Wow, This looks surprisingly complicated to deal with. I don't have a better suggestion so let's go with that

@jku jku merged commit 1ddeb82 into main Jul 4, 2024
33 checks passed
@jku jku deleted the ww/pep-668 branch July 4, 2024 12:04
@rspeer rspeer mentioned this pull request Oct 11, 2024
Closed
DK96-OS added a commit to DK96-OS/gh-action-sigstore-python that referenced this pull request Dec 3, 2024
@DK96-OS
Release 3.1 (#14)
8d54649 
(sigstore#134):
* schedule-selftest: reduce nagging
---------
Signed-off-by: William Woodruff <william@trailofbits.com>

(sigstore#140):
* requirements: sigstore ~3.0
* selftest: update filenames
* action: update another path
* action: remove deprecated settings
* README: remove old docs
---------
Signed-off-by: William Woodruff <william@trailofbits.com>

(sigstore#145):
* action: use a venv to prevent PEP 668 errors
* action: use sys.executable
* fight with Windows
* setup: minimum Python is 3.8 (This has been true for a while)
---------
Signed-off-by: William Woodruff <william@trailofbits.com>

(sigstore#142):
* action: flip `release-signing-artifacts`
---------
Signed-off-by: William Woodruff <william@trailofbits.com>

(sigstore#146):
* action: remove old output settings
* selftest: remove old test ref
---------
Signed-off-by: William Woodruff <william@trailofbits.com>

Cleanup workflows (sigstore#148):
* Workflows: remove default input arg from action call
* workflows: Remove unnecessary selftest

release-signing-artifacts defaults to "true" so the removed test now
duplicates the previous test.

We could try testing the release-signing-artifacts == "false" but that's
a bit trickier since it could only be done in a release event...

* workflows: Drop recently removed job from needs-list
---------
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>

Prep 3.0.0 (sigstore#143):
---------
Signed-off-by: William Woodruff <william@trailofbits.com>

(sigstore#152):
* build(deps): bump peter-evans/create-issue-from-file from 5.0.0 to 5.0.1 in the actions group
---------
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

(sigstore#154):
* Fix remaining reference to 2.1.1 in README
---------
Signed-off-by: Stefanie Molin <24376333+stefmolin@users.noreply.github.com>

(sigstore#151):
* Enable debugging also if ACTIONS_STEP_DEBUG==true
---------
Co-authored-by: rindeal <dev.rindeal@gmail.com>
Co-authored-by: William Woodruff <william@trailofbits.com>

Upgrade Dependencies:
* Update requirements.txt - upgrade sigstore 3.1, upgrade requests 2.32
---------
Signed-off-by: DK96-OS <69859316+DK96-OS@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jku jku jku approved these changes

@di di Awaiting requested review from di

Assignees

@woodruffw woodruffw

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Action fails on ubuntu-24.04 with "This environment is externally managed"
2 participants
@woodruffw @jku