Add installation command to README

[maresb]

Closes #1

I copied this from pixi-pack.

[synapticarbors]

@maresb -- thank you for this and your other PR. I realized that I had not pushed some other changes, specifically using the ExplicitEnvironmentSpec api from rattler, so if you're looking at the code, be sure to pull the latest now that it's in there.

[maresb]

Awesome, thanks so much for the tool!!!

How tricky do you think it would be to create a separate (platform-specific) requirements.txt file for the pip dependencies? Would it even make sense to do that? (Seems to me like it should.)

[synapticarbors]

With regard to the requirements.txt, is the idea that you'd generate the lock file and the requirements.txt, create the conda env with the lock file and then have a second step where you pip installed the requirements.txt?

Looking at what rattler_lock has for the PypiPackage https://docs.rs/rattler_lock/latest/rattler_lock/struct.PypiPackage.html it seems like we should just be able to copy the url into a requirements.txt, but I'd have to familiarize myself what it might look like if there were editable and how to handle that. I'll have to build some sample pixi projects with both conda and pip dependencies and play around with it. If there are features you think are important, let me know.

[maresb]

With regard to the requirements.txt, is the idea that you'd generate the lock file and the requirements.txt, create the conda env with the lock file and then have a second step where you pip installed the requirements.txt?

Exactly.

Looking at what rattler_lock has for the PypiPackage https://docs.rs/rattler_lock/latest/rattler_lock/struct.PypiPackage.html it seems like we should just be able to copy the url into a requirements.txt, but I'd have to familiarize myself what it might look like if there were editable and how to handle that. I'll have to build some sample pixi projects with both conda and pip dependencies and play around with it. If there are features you think are important, let me know.

I think I see, so it's basically a matter of translating rattler's structs into a requirements.txt line? If that's the case, I think most of the requirements spec is spelled out here. So for editable, you just prefix the line with -e. It would be good to have hash-checking mode (suffix --hash=sha256:deadbeef...) and extras (packagename[extra]). It looks like we don't have to deal with "requirement specifiers" since those are essentially predetermined by the platform and the locked version of Python.

There's the issue of credentials for private repositories, but let's worry about that later.

[synapticarbors]

I just did a quick google search and it's unclear to me if you can combine a url line with extras. That being said, it looks like when pixi generates a pixi.lock with pypi dependencies that define extras:

[pypi-dependencies]
pandas = { version = ">=2.2.0", extras = ["mysql", "pyarrow", "plot"]}

You just get a list of urls that includes the original package and the extras and they aren't distinguished from one another:

environments:
  default:
    channels:
    - url: https://conda.anaconda.org/conda-forge/
    indexes:
    - https://pypi.org/simple
    packages:
      osx-64:

...
      - pypi: https://files.pythonhosted.org/packages/dd/49/de869130028fb8d90e25da3b7d8fb13e40f5afa4c4af1781583eb1ff3839/pandas-2.2.2-cp312-cp312-macosx_10_9_x86_64.whl
      - pypi: https://files.pythonhosted.org/packages/05/cb/0353013dc30c02a8be34eb91d25e4e4cf594b59e5a55ea1128fde1e5f8ea/pillow-10.4.0-cp312-cp312-macosx_10_10_x86_64.whl
      - pypi: https://files.pythonhosted.org/packages/d4/62/ce6ac1275a432b4a27c55fe96c58147f111d8ba1ad800a112d31859fae2f/pyarrow-17.0.0-cp312-cp312-macosx_10_15_x86_64.whl
      - pypi: https://files.pythonhosted.org/packages/0c/94/e4181a1f6286f545507528c78016e00065ea913276888db2262507693ce5/PyMySQL-1.1.1-py3-none-any.whl
      - pypi: https://files.pythonhosted.org/packages/9d/ea/6d76df31432a0e6fdf81681a895f009a4bb47b3c39036db3e1b528191d52/pyparsing-3.1.2-py3-none-any.whl
      - pypi: https://files.pythonhosted.org/packages/ec/57/56b9bcc3c9c6a792fcbaf139543cee77261f3651ca9da0c93f5c1221264b/python_dateutil-2.9.0.post0-py2.py3-none-any.whl
      - pypi: https://files.pythonhosted.org/packages/9c/3d/a121f284241f08268b21359bd425f7d4825cffc5ac5cd0e1b3d82ffd2b10/pytz-2024.1-py2.py3-none-any.whl
      - pypi: https://files.pythonhosted.org/packages/f9/9b/335f9764261e915ed497fcdeb11df5dfd6f7bf257d4a6a2a686d80da4d54/requests-2.32.3-py3-none-any.whl
      - pypi: https://files.pythonhosted.org/packages/d9/5a/e7c31adbe875f2abbb91bd84cf2dc52d792b5a01506781dbcf25c91daf11/six-1.16.0-py2.py3-none-any.whl
      - pypi: https://files.pythonhosted.org/packages/fc/26/1a44b4c9286bccdc2ac344da6487227595512aa60d45c6617b1b6cd859b6/SQLAlchemy-2.0.31-cp312-cp312-macosx_10_9_x86_64.whl
 ...

It tells you about the extras under requires_dist in a later section, but the packages just list everything in the environment.

I'll have to look into where the hashes are specified, but assuming they are easily accessible, I think it should be easy to do:

1. Packages with url + hash
2. Editable packages prepended by -e

I'll have to look at how pixi specifies git dependencies, but the data should be in there: https://pixi.sh/v0.22.0/reference/configuration/#full-specification

[maresb]

Ah, right, I think I was mistaken about needing extras, since they just pull in other packages. Thus if things are fully locked then they should have been already expanded, so they should be irrelevant for us. Sorry for the confusion!

I'm hopefully optimistic that it's just a matter of url + hash + -e.

The hashes are accessible from the Python API where I'm more comfortable. I tried it, and hash.md5 gives me None while hash.sha256 gives me a 32-byte bytes object.

[maresb]

https://discord.com/channels/1082332781146800168/1264593231501594664/1264593231501594664