henrjk
commented
1 year ago Regarding the current state that python builds are using pypi and configuring nexus as a trusted host in:
To my recollection the reason this was introduced was ultimately needed due to work around cases where the pypi json api is needed. This surfaced as described in issue:
- [pip-compile does not provide all hashes when used against private nexus.
1412](https://github.com/jazzband/pip-tools/issues/1412)
Recently PR Generate hashes for all available candidates #1723 was merged and the PR for https://github.com/jazzband/pip-tools/issues/1536#issuecomment-1321212364 which is a duplicate of 1412 mentioned is still in progress. Once that can be merged it should enable the python build to only use the configured nexus for python builds and remove the fallback of pypi.
We could consider to revisit this when the above PR 1723 gets addressed.
Just adding that I also submitted the related Dev - Nexus RepoNEXUS-22828 Support PyPI JSON API
michaelsauter
With this change, images are not build in the cluster anymore. Instead, tasks use the prebuilt images on GitHub. In case of a private certificate, that is supplied via a secret volume to tasks.
Closes https://github.com/opendevstack/ods-pipeline/issues/621.
Tasks:
docs/designdirectory or not applicabledocsdirectory or not applicablemake test) or not applicable