search

python-poetry / poetry

Python packaging and dependency management made easy
https://python-poetry.org
MIT License
31.07k stars 2.26k forks source link

Poetry incorrectly detects outdated poetry.lock file #9653

Open mapa17 opened 2 weeks ago

mapa17 commented 2 weeks ago

Description

Hi, I am using poetry inside a Dockerfile to prepare an venv that contains a private azuredevops repository.

FROM python:3.12-slim AS builder

# Pass argument during build
ARG REPO_USER
ARG REPO_TOKEN

ENV LIB_REPO=https://dev.azure.com/PRJ/_git/REPO

RUN pip install poetry==1.7.1

ENV POETRY_NO_INTERACTION=1 \
    POETRY_VIRTUALENVS_IN_PROJECT=1 \
    POETRY_VIRTUALENVS_CREATE=1 \
    POETRY_CACHE_DIR=/tmp/poetry_cache

WORKDIR /app

COPY pyproject.toml poetry.lock ./

# Prepare llm-be source repo
RUN poetry source add --priority=supplemental MYLIB ${LIB_REPO} \
    && poetry config --local http-basic.llm-be ${REPO_USER} ${REPO_TOKEN} \
    && poetry install --without dev --no-root \
    && rm -rf /root/.config/pypoetry

Building the docker image locally, works by pinning poetry to 1.7.1 (see https://github.com/python-poetry/poetry/issues/9042). Running the same docker file within another azure pipeline as a DOCKERv2 Task, I can see poetry install taking a very long time, throwing the warning

pyproject.toml changed significantly since poetry.lock was last generated. Runpoetry lock [--no-update]to fix the lock file.

Does this mean, the lock file is recreated? Specially for types-pytz it takes a very long time.

Workarounds

Hopefully

Poetry Installation Method

pip

Operating System

Azure Pipeline Ubuntu-Latest

Poetry Version

1.7.1

Poetry Configuration

x

Python Sysconfig

No response

Example pyproject.toml

No response

Poetry Runtime Logs

#12 2.380 Installing dependencies from lock file
#12 2.812 Warning: poetry.lock is not consistent with pyproject.toml. You may be getting improper dependencies. Run `poetry lock [--no-update]` to fix it.
#12 3.322 
#12 3.322 Package operations: 186 installs, 0 updates, 0 removals
#12 3.322 
#12 3.323   • Installing mdurl (0.1.2)
#12 3.326   • Installing pycparser (2.22)
#12 3.326   • Installing wrapt (1.16.0)
#12 3.327   • Installing zipp (3.15.0)
#12 3.664   • Installing cffi (1.17.0rc1)
#12 3.667   • Installing deprecated (1.2.14)
#12 3.667   • Installing idna (3.7)
#12 3.668   • Installing importlib-metadata (7.1.0)
#12 3.670   • Installing markdown-it-py (3.0.0)
#12 3.672   • Installing pygments (2.18.0)
#12 3.718   • Installing sniffio (1.3.1)
#12 3.957   • Installing anyio (3.7.1)
#12 3.958   • Installing certifi (2024.6.2)
#12 3.960   • Installing click (8.1.7)
#12 3.960   • Installing charset-normalizer (3.1.0)
#12 3.962   • Installing cryptography (42.0.8)
#12 3.963   • Installing h11 (0.14.0)
#12 4.067   • Installing opentelemetry-api (1.25.0)
#12 4.072   • Installing protobuf (4.25.3)
#12 4.077   • Installing pyasn1 (0.6.0)
#12 4.104   • Installing rich (13.7.1)
#12 4.214   • Installing setuptools (73.0.1)
#12 4.289   • Installing shellingham (1.5.4)
#12 4.318   • Installing typing-extensions (4.12.2)
#12 4.358   • Installing urllib3 (1.26.18)
#12 4.703   • Installing annotated-types (0.7.0)
#12 4.705   • Installing asgiref (3.8.1)
#12 4.707   • Installing cachetools (5.3.3)
#12 4.707   • Installing dnspython (2.6.1)
#12 4.708   • Installing filelock (3.14.0)
#12 4.709   • Installing frozenlist (1.4.1)
#12 4.787   • Installing fsspec (2024.6.0)
#12 4.795   • Installing httpcore (1.0.5)
#12 4.805   • Installing httptools (0.6.1)
#12 4.824   • Installing humanfriendly (10.0)
#12 4.898   • Installing markupsafe (2.1.5)
#12 4.904   • Installing mpmath (1.3.0)
#12 4.940   • Installing multidict (6.0.5)
#12 5.009   • Installing oauthlib (3.2.2)
#12 5.048   • Installing opentelemetry-instrumentation (0.46b0)
#12 5.060   • Installing opentelemetry-proto (1.25.0)
#12 5.099   • Installing opentelemetry-semantic-conventions (0.46b0)
#12 5.118   • Installing opentelemetry-util-http (0.46b0)
#12 5.148   • Installing packaging (23.1)
#12 5.176   • Installing pyasn1-modules (0.4.0)
#12 17.75   • Installing sqlalchemy (2.0.23)
#12 18.33   • Installing tabulate (0.9.0)
#12 18.46   • Installing tenacity (8.2.3)
#12 18.59   • Installing tokenizers (0.19.1)
#12 19.52   • Installing types-pytz (2024.1.0.20240417)
#12 813.9   • Installing aioodbc (0.5.0)
dimbleby commented 2 weeks ago

it means exactly what it says: pyproject.toml changed significantly since poetry.lock was last generated, and you should run poetry lock [--no-update] to fix the lock file.

since you have not provided any way to reproduce whatever it is you are seeing, it is hard to say more.

mapa17 commented 2 weeks ago

Thank you for the reply. Maybe i was unclear in my description of the problem. Using poetry 1.8.3 (in the docker image and the local dev env) building of the image will fail because poetry.lock is detected to be not in sync. Running an poetry lock --no-update has no affect, because the lock file is up-to-date.

I can switch in the docker build to poetry 1.7.1 which still detects the file as outdated, but continues to install (seemingly, updating the lock file in place?).

My bug report is about 1.8.3 detecting the lock file as not in sync.

dimbleby commented 2 weeks ago

again: you have provided no way to reproduce this so it is impossible to say whether you are right, whether poetry is right, or where either of you is going wrong

this report is currently unactionable