Skip to content

Commit 3da9cf7

Browse files
committed
fix(run-task): don't explicitly pass '--require-hashes'
Currently when installing pip dependencies via the `<REPO>_PIP_REQUIREMENTS` environment variable, `run-task` explicitly passes in the `--require-hashes` option. This makes it difficult to test against pre-release versions of Taskgraph since VCS urls do not support hashes (pypa/pip#6469). To work around this, a `PIP_DISABLE_REQUIRE_HASHES` environment variable is being introduced. When set, `run-task` will not pass down `--require-hashes` to the `pip install` command. Allowing consumers to test against URL specifiers.
1 parent e9fa0ee commit 3da9cf7

File tree

2 files changed

+20
-2
lines changed

2 files changed

+20
-2
lines changed

docs/howto/bootstrap-taskgraph.rst

Lines changed: 16 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -142,9 +142,24 @@ accomplished using `pip's version control support`_:
142142
143143
cd taskcluster
144144
echo "taskcluster-taskgraph@git+https://github.com/taskcluster/taskgraph@refs/pull/123/head" > requirements.in
145-
pip-compile --generate-hashes --output-file requirements.txt requirements.in
145+
pip-compile --output-file requirements.txt requirements.in
146+
147+
Next edit your ``.taskcluster.yml`` to disable hashing since pip does not
148+
support `hashes with url requirements`_:
149+
150+
.. code-block:: yaml
151+
152+
payload:
153+
env:
154+
- PIP_DISABLE_REQUIRE_HASHES: 1
155+
156+
.. note::
157+
158+
Be sure to omit the ``--generate-hashes`` argument to ``pip-compile``
159+
otherwise ``pip`` will implicitly turn hashing back on.
146160

147161
This way you can push an experimental change to a PR and then install it in
148162
your repo's decision task.
149163

150164
.. _pip's version control support: https://pip.pypa.io/en/stable/topics/vcs-support/
165+
.. _hashes with url requirements: https://github.com/pypa/pip/issues/6469

src/taskgraph/run-task/run-task

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -934,7 +934,10 @@ def install_pip_requirements(repositories):
934934
if not requirements:
935935
return
936936

937-
cmd = [sys.executable, '-mpip', 'install', '--require-hashes']
937+
cmd = [sys.executable, '-mpip', 'install']
938+
if os.environ.get("PIP_DISABLE_REQUIRE_HASHES") != "1":
939+
cmd.append("--require-hashes")
940+
938941
for path in requirements:
939942
cmd.extend(['-r', path])
940943

0 commit comments

Comments
 (0)