Skip to content

feat: Support constraints in pip_compile #2916

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

vihangm
Copy link

@vihangm vihangm commented May 20, 2025

This adds in support to pass in a constraints file to pip-compile.
This is extremly useful when you want to uprade an indirect/intermediate
dependency to pull in security fixes but don't want to add said dependency to
the requirements.in file.

@aignas
Copy link
Collaborator

aignas commented May 20, 2025

The docs say that the constraints file can be used more than once: https://pip-tools.readthedocs.io/en/latest/cli/pip-compile/

What is more, I think it is possible to do this today without this PR?

  1. Add the constraints.txt files to data attribute.
  2. Use $(location) in the args.

Am I missing something here?

@vihangm
Copy link
Author

vihangm commented May 20, 2025

The docs say that the constraints file can be used more than once: pip-tools.readthedocs.io/en/latest/cli/pip-compile

Fair point, we could support a list instead of a single file/label instead.

What is more, I think it is possible to do this today without this PR?

  1. Add the constraints.txt files to data attribute.
  2. Use $(location) in the args.

Am I missing something here?

The data attribute gets popped from the kwargs here,

srcs = kwargs.pop("data", []) + [requirements_txt],

and then the .update rule here
py_binary(
name = name + ".update",
env = env,
python_version = kwargs.get("python_version", None),
**attrs
)
gets the $(location) in the args but the file isn't in it's data deps. So your suggestion doesn't work at the moment.

@aignas
Copy link
Collaborator

aignas commented May 28, 2025

But then it gets reincluded back in via

data = [name, requirements_txt] + srcs + [f for f in (requirements_linux, requirements_darwin, requirements_windows) if f != None]

I think I am missing something crucial here. Just by reading the code, this looks like it should work. What is the minimum example that does not work?

@vihangm
Copy link
Author

vihangm commented May 28, 2025

I think I am missing something crucial here. Just by reading the code, this looks like it should work. What is the minimum example that does not work?

e10255e fails.

$ bazelisk build //:requirements.update
ERROR: rules_python/examples/pip_parse/BUILD.bazel:57:25: in args attribute of py_binary rule //:requirements.update: label '//:constraints.txt' in $(location) expression is not a declared
 prerequisite of this rule. Since this rule was created by the macro 'pip_compile', the error might have been caused by the macro implementation
ERROR: rules_python/examples/pip_parse/BUILD.bazel:57:25: Analysis of target '//:requirements.update' failed
ERROR: Analysis of target '//:requirements.update' failed; build aborted
INFO: Elapsed time: 0.175s, Critical Path: 0.00s
INFO: 1 process: 1 internal.
ERROR: Build did NOT complete successfully

102a76a is the minimal change to get it working again. I'm fine with that patch instead if you don't want to support an explicit arg.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants