search

StackStorm / st2

StackStorm (aka "IFTTT for Ops") is event-driven automation for auto-remediation, incident responses, troubleshooting, deployments, and more for DevOps and SREs. Includes rules engine, workflow, 160 integration packs with 6000+ actions (see https://exchange.stackstorm.org) and ChatOps. Installer at https://docs.stackstorm.com/install/index.html
https://stackstorm.com/
Apache License 2.0
5.96k stars 741 forks source link

Add support for loading `.pth` files in st2 venv #6183

Closed cognifloyd closed 2 months ago

cognifloyd commented 2 months ago

In our standard st2 virtualenv there are a variety of .pth files that add modules to the sys.path when python starts up (via the site module: https://docs.python.org/3/library/site.html):

$ ls -1 virtualenv/lib/python3.8/site-packages/*.pth
virtualenv/lib/python3.8/site-packages/distutils-precedence.pth
virtualenv/lib/python3.8/site-packages/easy-install.pth
virtualenv/lib/python3.8/site-packages/oslo.config-1.12.1-py2.7-nspkg.pth
virtualenv/lib/python3.8/site-packages/repoze.lru-0.7-py3.6-nspkg.pth
virtualenv/lib/python3.8/site-packages/sphinxcontrib_devhelp-1.0.2-py3.8-nspkg.pth
virtualenv/lib/python3.8/site-packages/sphinxcontrib_jsmath-1.0.1-py3.7-nspkg.pth
virtualenv/lib/python3.8/site-packages/sphinxcontrib_qthelp-1.0.3-py3.8-nspkg.pth
virtualenv/lib/python3.8/site-packages/sphinxcontrib_serializinghtml-1.1.5-py3.9-nspkg.pth
virtualenv/lib/python3.8/site-packages/sphinxcontrib_websupport-1.2.4-py3.8-nspkg.pth

Today, however, none of those .pth files affect pack venvs because the parent st2 venv is not in the standard list of site-packages locations.

We probably haven't encountered issues with the lack of .pth file loading in pack venvs because oslo.config and repoze.lru are the only things that could have an impact, and the impact would be minimal at best.

This becomes more pronounced when using a virtualenv generated by pants+pex (instead of via our Makefile) because all of our first party sources get installed with PEP 660 wheels. The legacy calls to python setup.py develop trigger creating a symlink to st2common, st2auth, st2* and the runner directories under the virtualenv's site-packages directory. PEP 660 wheels use .pth files instead of symlinks to achieve the same thing.

So, we have to ensure .pth files get loaded whenever interacting with a pack venv. This PR does that by injecting a .pth file into the pack venv that uses the site module to load any .pth files from the parent st2 venv.

Also, I adjusted the GHA CI workflow to work when our sources are added to the venv via PEP 660 editable wheels. Apparently, PEP 660 only installs entry point scripts, but most of our st2*/bin/* scripts are just scripts not entry_points. https://peps.python.org/pep-0660/#limitations

Finally, I adjusted how st2-run-pack-tests so that it can handle hermetic scripts. A hermetic script has a python shebang with the -sE args that do not load user site-packages (-s) and ignore all PYTHON* vars (-E) like PYTHONPATH. Once we update to a version of pants that includes https://github.com/pantsbuild/pants/pull/20763, we can just disable how pants+pex changes the virtualenv shebang lines. Until then, we need to run nosetests in a way that lets PYTHONPATH continue to affect it.

I extracted this from #6130 where I was testing what changes are required to use a pants-built venv to run tests.