FR(python): Add automated checks using lower-bound-checker from google-cloud-testutils

[westarle]

Steps to reproduce

For Library L and Dependency D, versions 1 and 2

In L, setup.py indicates D >= 1. A constraints file pins D=1 for Nox.

1. Update the constraints file D=2
2. Don't update setup.py
3. Integrate some behavior found only in version 2 of D

Results:

Tests on L will pass. L is broken if clients pin or don't arrange to update D from version 1.

Suggestions:

• Create a single source of truth for version support; or
• Require updates to setup.py if constraints files change (and vice-versa).

[parthea]

There is already a tool to check and update the constraints files which was added in https://github.com/googleapis/python-test-utils/pull/8. See the instructions in https://github.com/googleapis/python-test-utils/pull/8#issue-809740325 for information on running the tool.

(py39) partheniou@partheniou-vm-3:~/git/python-test-utils$ lower-bound-checker update --package-name google-auth-oauthlib  --constraints-file /usr/local/google/home/partheniou/git/google-auth-library-python-oauthlib/testing/constraints-3.7.txt
(py39) partheniou@partheniou-vm-3:~/git/python-test-utils$ lower-bound-checker check --package-name google-auth-oauthlib  --constraints-file /usr/local/google/home/partheniou/git/google-auth-library-python-oauthlib/testing/constraints-3.7.txt
All good!

This check could be automated in presubmits.

[tswast]

Today I Learned about the uv package manager: https://github.com/astral-sh/uv?tab=readme-ov-file#resolution-strategy

It has a very useful feature to install the minimum specified versions of dependencies which could replace our use of constraints files in most cases.

Supposedly it's a lot faster than pip too. Might be worth a try updating our templates to do installs via uv.