Merge branch 'fix/install-correct-buildtool-version' into 'master' (bd965b24) · Commits · to be continuous... / Python

README.md

+2 −0

Original line number	Diff line number	Diff line
		@@ -48,6 +48,8 @@ and/or `setup.py` and/or `requirements.txt`), but the build system might also be
		\| `pipenv` \| [Pipenv](https://pipenv.pypa.io/) (dependencies only) \|
		\| `reqfile` \| [Requirements Files](https://pip.pypa.io/en/stable/user_guide/#requirements-files) (dependencies only) \|

		:warning: You can explicitly set the build tool version by setting `$PYTHON_BUILD_SYSTEM` variable including a [version identification](https://peps.python.org/pep-0440/). For example `PYTHON_BUILD_SYSTEM="poetry==1.1.15"`

		## Jobs

		### `py-package` job

templates/gitlab-ci-python.yml

+17 −16

Original line number	Diff line number	Diff line
		@@ -247,16 +247,16 @@ variables:
		case "${PYTHON_BUILD_SYSTEM:-auto}" in
		auto)
		;;
		poetry)
		log_info "--- Build system explictly declared: Poetry"
		poetry*)
		log_info "--- Build system explictly declared: ${PYTHON_BUILD_SYSTEM}"
		return
		;;
		setuptools)
		log_info "--- Build system explictly declared: Setuptools"
		setuptools*)
		log_info "--- Build system explictly declared: ${PYTHON_BUILD_SYSTEM}"
		return
		;;
		pipenv)
		log_info "--- Build system explictly declared: Pipenv"
		pipenv*)
		log_info "--- Build system explictly declared: ${PYTHON_BUILD_SYSTEM}"
		return
		;;
		reqfile)
		@@ -280,6 +280,7 @@ variables:
		# that might be PEP 517 if a build-backend is specified
		# otherwise it might be only used as configuration file for development tools...
		build_backend=$(sed -rn 's/^build-backend = "([^"])"./\1/p' pyproject.toml)

		if [[ "$build_backend" ]]
		then
		case "$build_backend" in
		@@ -318,23 +319,23 @@ variables:
		# install requirements
		function install_requirements() {
		case "$PYTHON_BUILD_SYSTEM" in
		poetry)
		poetry*)
		if [[ ! -f "poetry.lock" ]]; then
		log_warn "Using Poetry but \\e[33;1mpoetry.lock\\e[0m file not found: you shall commit it with your project files"
		fi
		# shellcheck disable=SC2086
		pip install ${PIP_OPTS} poetry
		pip install ${PIP_OPTS} "$PYTHON_BUILD_SYSTEM"
		poetry install ${PYTHON_EXTRA_DEPS:+--extras "$PYTHON_EXTRA_DEPS"}
		;;
		setuptools)
		setuptools*)
		# shellcheck disable=SC2086
		pip install ${PIP_OPTS} setuptools
		pip install ${PIP_OPTS} "$PYTHON_BUILD_SYSTEM"
		# shellcheck disable=SC2086
		pip install ${PIP_OPTS} ".${PYTHON_EXTRA_DEPS:+[$PYTHON_EXTRA_DEPS]}"
		;;
		pipenv)
		pipenv*)
		# shellcheck disable=SC2086
		pip install ${PIP_OPTS} pipenv
		pip install ${PIP_OPTS} "$PYTHON_BUILD_SYSTEM"
		if [[ ! -f "Pipfile.lock" ]]; then
		log_warn "Using Pipenv but \\e[33;1mPipfile.lock\\e[0m file not found: you shall commit it with your project files"
		pipenv install --dev --system
		@@ -363,7 +364,7 @@ variables:
		}

		function _run() {
		if [[ "${PYTHON_BUILD_SYSTEM}" == "poetry" ]]
		if [[ "${PYTHON_BUILD_SYSTEM}" =~ poetry.* ]]
		then
		# shellcheck disable=SC2086
		if ! command -v poetry > /dev/null; then pip install ${PIP_OPTS} poetry; fi
		@@ -831,7 +832,7 @@ py-trivy:
		- apt-get update
		- apt-get install trivy
		- \|
		if [[ $PYTHON_BUILD_SYSTEM == "poetry" ]]
		if [[ "$PYTHON_BUILD_SYSTEM" =~ poetry.* ]]
		then
		# When using Poetry, `pip freeze` outputs a requirements.txt with @file URLs for each wheel
		# These @file URLs in requirements.txt are not supported by Trivy