Installing Plone with just pip (without buildout)

[avoinea]

See discussion https://community.plone.org/t/installing-plone-with-just-pip-without-buildout/5402

[avoinea]

@svx @datakurre @jensens @tkimnguyen @thet @Rotonen @david-batranu

See https://github.com/plone/plone.docker/tree/no-buildout branch. I also added a auto-build on docker-hub to test it:

docker run -i -p 8080:8080 -e ADDONS=eea.facetednavigation plone/plone:no-buildout

It's a starting point to work on. We don't have to completely replace the buildout version, we can provide it as an alternative tag like:

• plone:5
• plone:5-alpine
• plone:5-slim :)

[datakurre]

Agreed. To replace buildout completely we need

• replacement for the scripts in plone.recipe.zope2instance
• remove all use of includeDependencies in core packages
• in longer term get rid of includePlugins directive in CMFPlone (to get completely free of z3c.autoinclude)

The last one is the most controversial, because it would require including add-ons in site.zcml, because z3c.autoinclude based plugin discovery no longer exist. @jaroel has blogged about that and reasoning for it earlier https://www.fourdigits.nl/blog/installing-plone-5-using-pip/

[Rotonen]

Why setuptools 33.1.1? Newer setuptools versions work, only bootstrap.py does not work with anything newer.

Why Alpine Linux? The wheels built according to the manylinux standards are RHEL oriented. Containers are not close enough to the metal to make a difference.

Is the python2.7 there UCS2 or UCS4? Could one choose?

Ideas on how to move more of the ZServer config generation out of buildout?

[avoinea]

@Rotonen https://github.com/plone/plone.docker/blob/no-buildout/5.1/5.1.0/pip/Dockerfile

It's Debian stretch, no pin to setuptools.

[datakurre]

@Rotonen https://github.com/datakurre/plone-nix/tree/master/zconfig 🤗

[avoinea]

And for Plone 4

docker run -i -p 8080:8080 -e ADDONS=eea.facetednavigation plone/plone:4-no-buildout

Wait for build to finish before running the above command :) https://hub.docker.com/r/plone/plone/builds/

[calvinhp]

We did some work on this during the first week of January. I think this is really a possibility now that the ZServer isn't an issue. Waitress config is much easier to deal with.

We ran into the few packages that are still having the autoinclude issue

2020-01-16 21:27:07,703 WARNING [z3c.autoinclude:47][MainThread] z3c.autoinclude.dependency is disabled but is being invoked by File "/opt/plone/lib/python3.7/site-packages/plone/app/contenttypes/configure.zcml", line 10.2-10.37
    <includeDependencies package="." />
2020-01-16 21:27:10,049 WARNING [z3c.autoinclude:47][MainThread] z3c.autoinclude.dependency is disabled but is being invoked by File "/opt/plone/lib/python3.7/site-packages/plone/app/linkintegrity/configure.zcml", line 7.2-7.37
    <includeDependencies package="." />
2020-01-16 21:27:13,635 WARNING [z3c.autoinclude:47][MainThread] z3c.autoinclude.dependency is disabled but is being invoked by File "/opt/plone/lib/python3.7/site-packages/plone/restapi/configure.zcml", line 12.2-12.37
    <includeDependencies package="." />
2020-01-16 21:27:14,297 WARNING [z3c.autoinclude:47][MainThread] z3c.autoinclude.dependency is disabled but is being invoked by File "/opt/plone/lib/python3.7/site-packages/plone/app/iterate/configure.zcml", line 14.2-14.37
    <includeDependencies package="." />

But I was able to add a site and add and edit content.

It appears that the Zope releases have the needed constraints and requirements files we need to build upon, but we are going to need the Plone release process generate a similar set of requirements files.

We ran into an issue trying to generate this on our own and ended up falling back to using the buildout.requirements extension to get the needed set of requirements as well. The set of eggs listed in the versions.cfg files contains things that are not even installed anymore and the other guidelines for versions should be moved into a constraint requirements file for those to use when installing addons.

The work we did on this is in this repository https://github.com/sixfeetup/dietplonedocker

It is heavily based on the work done here and attempts to use some docker best practices to reduce the size of the resulting image.

What I see as needed is to fix the following:

• 4 packages still using autoinclude
• start publishing a requirements file as part of the Plone release process

Eventually, it would be good to fix all of the various Plone deps so that is a more manageable process that doesn't involve running a buildout to get an export of the current requirements. Until the dep tree is fixed up and you can just pip install Plone that won't be possible.

Also, I highly recommend using pip-tools so we don't have to pin every single egg, but can still roll out a full set of pins generated by pip-compile. Also, the GitHub dependabot is a nice we to keep on top of security releases to dependencies.

[mauritsvanrees]

Use Plone 5.2.1 and those four packages with includeDependencies should be no problem anymore. I fixed those after the Plone conference.

[avoinea]

We should take a look at https://hub.docker.com/r/sixfeetup/dietplonedocker/dockerfile made by @calvinhp