Skip to content

Commit

Permalink
Merge pull request #24 from freedomofpress/create-dev-env
Browse files Browse the repository at this point in the history 
Add more helper functions for updating reqs
  • Loading branch information
@kushaldas
kushaldas authored Aug 26, 2021
2 parents 501b945 + 8c32be2 commit b29e222
Show file tree
Hide file tree
Showing 8 changed files with 96 additions and 17 deletions.
4 changes: 2 additions & 2 deletions MANIFEST.in
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
include LICENSE
include README.md
include changelog.md
include build-requirements.txt
include requirements.txt
include requirements/build-requirements.txt
include requirements/requirements.txt
include securedrop-log*
include securedrop-redis-log
include securedrop.Log
Expand Down
32 changes: 26 additions & 6 deletions Makefile
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,12 @@
DEFAULT_GOAL: help
SHELL := /bin/bash

.PHONY: venv
venv: ## Provision a Python 3 virtualenv for **development**
python3 -m venv .venv
.venv/bin/pip install --upgrade pip wheel
.venv/bin/pip install --require-hashes -r requirements/dev-requirements.txt

# Bandit is a static code analysis tool to detect security vulnerabilities in Python applications
# https://wiki.openstack.org/wiki/Security/Projects/Bandit
.PHONY: bandit
Expand All @@ -19,13 +25,27 @@ safety: ## Runs `safety check` to check python dependencies for vulnerabilities
|| exit 1; \
done

.PHONY: update-pip-requirements
update-pip-requirements: ## Updates all Python requirements files via pip-compile.
pip-compile --generate-hashes --output-file requirements.txt requirements.in
.PHONY: sync-requirements
sync-requirements: ## Update dev-requirements.txt to pin to the same versions of prod dependencies
rm -r requirements/dev-requirements.txt && cp requirements/requirements.txt requirements/dev-requirements.txt
pip-compile --allow-unsafe --generate-hashes --output-file requirements/dev-requirements.txt requirements/requirements.in requirements/dev-requirements.in

.PHONY: requirements
requirements: ## Update *requirements.txt files if pinned versions do not comply with the dependency specifications in *requirements.in
pip-compile --generate-hashes --output-file requirements/requirements.txt requirements/requirements.in
$(MAKE) sync-requirements

.PHONY: update-dependency
update-dependency: ## Add or upgrade a package to the latest version that complies with the dependency specifications in requirements.in
pip-compile --generate-hashes --upgrade-package $(PACKAGE) --output-file requirements/requirements.txt requirements/requirements.in
$(MAKE) sync-requirements

.PHONY: upgrade-pip
upgrade-pip: ## Upgrade one single package via pip-compile
pip-compile --generate-hashes --upgrade-package $(PACKAGE) --output-file requirements.txt requirements.in
.PHONY: update-dev-only-dependencies
update-dev-only-dependencies: ## Update dev-requirements.txt to pin to the latest versions of dev-only dependencies that comply with the dependency specifications in dev-requirements.in
$(MAKE) sync-requirements
@while read line; do \
pip-compile --allow-unsafe --generate-hashes --upgrade-package $file --output-file requirements/dev-requirements.txt requirements/requirements.in requirements/dev-requirements.in; \
done < 'requirements/dev-requirements.in'

# Explaination of the below shell command should it ever break.
# 1. Set the field separator to ": ##" and any make targets that might appear between : and ##
Expand Down
9 changes: 0 additions & 9 deletions requirements.txt
View file

This file was deleted.

0 build-requirements.txt → requirements/build-requirements.txt
View file
File renamed without changes.
1 change: 1 addition & 0 deletions requirements/dev-requirements.in
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
pip-tools
57 changes: 57 additions & 0 deletions requirements/dev-requirements.txt
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,57 @@
#
# This file is autogenerated by pip-compile with python 3.7
# To update, run:
#
# pip-compile --allow-unsafe --generate-hashes --output-file=requirements/dev-requirements.txt requirements/dev-requirements.in requirements/requirements.in
#
click==8.0.1 \
--hash=sha256:8c04c11192119b1ef78ea049e0a6f0463e4c48ef00a30160c704337586f3ad7a \
--hash=sha256:fba402a4a47334742d782209a7c79bc448911afe1149d07bdabdf480b3e2f4b6
# via pip-tools
importlib-metadata==4.6.4 \
--hash=sha256:7b30a78db2922d78a6f47fb30683156a14f3c6aa5cc23f77cc8967e9ab2d002f \
--hash=sha256:ed5157fef23a4bc4594615a0dd8eba94b2bb36bf2a343fa3d8bb2fa0a62a99d5
# via
# click
# pep517
pep517==0.11.0 \
--hash=sha256:3fa6b85b9def7ba4de99fb7f96fe3f02e2d630df8aa2720a5cf3b183f087a738 \
--hash=sha256:e1ba5dffa3a131387979a68ff3e391ac7d645be409216b961bc2efe6468ab0b2
# via pip-tools
pip-tools==6.2.0 \
--hash=sha256:77727ef7457d1865e61fe34c2b1439f9b971b570cc232616a22ce82ab89d357d \
--hash=sha256:9ed38c73da4993e531694ea151f77048b4dbf2ba7b94c4a569daa39568cc6564
# via -r requirements/dev-requirements.in
redis==3.3.11 \
--hash=sha256:3613daad9ce5951e426f460deddd5caf469e08a3af633e9578fc77d362becf62 \
--hash=sha256:8d0fc278d3f5e1249967cba2eb4a5632d19e45ce5c09442b8422d15ee2c22cc2
# via -r requirements/requirements.in
tomli==1.2.1 \
--hash=sha256:8dd0e9524d6f386271a36b41dbf6c57d8e32fd96fd22b6584679dc569d20899f \
--hash=sha256:a5b75cb6f3968abb47af1b40c1819dc519ea82bcc065776a866e8d74c5ca9442
# via pep517
typing-extensions==3.10.0.0 \
--hash=sha256:0ac0f89795dd19de6b97debb0c6af1c70987fd80a2d62d1958f7e56fcc31b497 \
--hash=sha256:50b6f157849174217d0656f99dc82fe932884fb250826c18350e159ec6cdf342 \
--hash=sha256:779383f6086d90c99ae41cf0ff39aac8a7937a9283ce0a414e5dd782f4c94a84
# via importlib-metadata
wheel==0.37.0 \
--hash=sha256:21014b2bd93c6d0034b6ba5d35e4eb284340e09d63c59aef6fc14b0f346146fd \
--hash=sha256:e2ef7239991699e3355d54f8e968a21bb940a1dbf34a4d226741e64462516fad
# via pip-tools
zipp==3.5.0 \
--hash=sha256:957cfda87797e389580cb8b9e3870841ca991e2125350677b2ca83a0e99390a3 \
--hash=sha256:f5812b1e007e48cff63449a5e9f4e7ebea716b4111f9c4f9a645f91d579bf0c4
# via
# importlib-metadata
# pep517

# The following packages are considered to be unsafe in a requirements file:
pip==21.2.4 \
--hash=sha256:0eb8a1516c3d138ae8689c0c1a60fde7143310832f9dc77e11d8a4bc62de193b \
--hash=sha256:fa9ebb85d3fd607617c0c44aca302b1b45d87f9c2a1649b46c26167ca4296323
# via pip-tools
setuptools==57.4.0 \
--hash=sha256:6bac238ffdf24e8806c61440e755192470352850f3419a52f26ffe0a1a64f465 \
--hash=sha256:a49230977aa6cfb9d933614d2f7b79036e9945c4cdd7583163f4e920b83418d6
# via pip-tools
0 requirements.in → requirements/requirements.in
View file
File renamed without changes.
10 changes: 10 additions & 0 deletions requirements/requirements.txt
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
#
# This file is autogenerated by pip-compile with python 3.7
# To update, run:
#
# pip-compile --generate-hashes --output-file=requirements/requirements.txt requirements/requirements.in
#
redis==3.3.11 \
--hash=sha256:3613daad9ce5951e426f460deddd5caf469e08a3af633e9578fc77d362becf62 \
--hash=sha256:8d0fc278d3f5e1249967cba2eb4a5632d19e45ce5c09442b8422d15ee2c22cc2
# via -r requirements/requirements.in

0 comments on commit b29e222

Please sign in to comment.