feat: remove unnecesary install when use poetry or pipenv

  dependencies: []

  script:

    - mkdir -p -m 777 reports

    - install_requirements

    - |

      if [[ -z "$PYTHON_TRIVY_DIST_URL" ]]

      then

        mv ./trivy $python_trivy

      fi  

    - |

      if [[ "$PYTHON_BUILD_SYSTEM" == poetry* ]]

      then

        # When using Poetry, `pip freeze` outputs a requirements.txt with @file URLs for each wheel

        # These @file URLs in requirements.txt are not supported by Trivy

        # So instead of simply using pip freeze, we use `poetry export`

        poetry export -f requirements.txt --without-hashes --output reports/requirements.txt

      else

      case "$PYTHON_BUILD_SYSTEM" in

        poetry*|pipenv*)

          log_info "$PYTHON_BUILD_SYSTEM build system (\\e[32muse lock file\\e[0m)"

          cp poetry.lock Pipfile.lock ./reports 2>/dev/null || true

          ;;

        *)

          log_info "$PYTHON_BUILD_SYSTEM build system used (\\e[32mmust generate pinned requirements.txt\\e[0m)"

          install_requirements

          _pip freeze | tee ./reports/requirements.txt

      fi

          ;;

      esac

      if [[ -f "./requirements.txt" ]]

      then

        sort -u ./requirements.txt | grep -v "^[  ]*$" > ./requirements.txt.sorted

  needs: []

  script:

    - mkdir -p -m 777 reports

    - install_requirements

    - |

      case "$PYTHON_BUILD_SYSTEM" in

        setuptools*|reqfile)

        poetry*|pipenv*)

          log_info "$PYTHON_BUILD_SYSTEM build system (\\e[32muse lock file\\e[0m)"

          ;;

        *)

          log_info "$PYTHON_BUILD_SYSTEM build system used (\\e[32mmust generate pinned requirements.txt\\e[0m)"

          install_requirements

          _pip freeze > "${PYTHON_REQS_FILE}"

          ;;

      esac