pypackagery 1.0.5

Package a subset of a monorepo and determine the dependent packages.

pypackagery

Pypackagery packages a subset of a monorepo and determines the dependent packages.

Given a root directory of a Python code base, a list of Python files (from that code base) and a target directory, pypackagery determines the dependent modules of the specified files. The scripts and the local dependencies are copied to the given target directory. The external dependencies (such as pypi packages) are not copied (and need not be installed), but the list containing a subset of external dependencies is generated instead.

The external dependencies of the monorepo need to be specified in <root directory>/requirements.txt and <root directory>/module_to_requirement.tsv.

The requirements.txt follows the Pip format (see pip documentation). The file defines which external packages are needed by the whole of the code base. Pypackagery will read this list and extract the subset needed by the specified Python files.

module_to_requirement.tsv defines the correspondence between Python modules and requirements as defined in requirements.txt. This correspondence needs to be manually defined since there is no way to automatically map Python modules to pip packages. The correspondance in module_to_requirement.tsv is given as lines of two tab-separated values. The first column is the full model name (such as PIL.Image) and the second is the name of the package in requirements.txt (such as pillow). The version of the package should be omitted and should be specified only in the requirements.txt.

Please do not forget to add the #egg fragment to URLs and files in requirements.txt so that the name of the package can be uniquely resolved when joining module_to_requirement.tsv and requirements.txt.

Related Projects

• https://github.com/pantsbuild/pex – a library tool for generating PEX (Python EXecutable) files. It packages all the files in the virtual environment including all the requirements. This works for small code bases and light requirements which are not frequently re-used among the components in the code base. However, when the requirements are heavy (such as OpenCV or numpy) and frequently re-used in the code base, it is a waste of bandwidth and disk space to package them repeatedly for each executable independently.

• https://www.pantsbuild.org/, https://buckbuild.com/ and https://github.com/linkedin/pygradle are build systems that can produce PEX files (with all the problems mentioned above). We considered using them and writing a plug-in to achieve the same goal as pypackagery. Finally, we decided for a separate tool since these build systems are not yet supported natively by IDEs (such as Pycharm) and actually break the expected Python development work flow.

• https://blog.shazam.com/python-microlibs-5be9461ad979 presents a microlib approach where a monorepo is packaged in separate pip packages. While we find the idea interesting, it adds an administration overhead since every library needs to live in a separate package thus making bigger refactorings tedious and error-prone (e.g. are the requirements updated correctly and are dependency conflicts reported early?). We found it easiest to have a global list of the requirements (with modules mapped to requirements), so that a sole pip3 install -r requirements.txt would notify us of the conflicts.

  If you wanted to work only on part of the code base, and do no want to install all the requirements, you can use pypackagery to determine the required subset and install only those requirements that you need.

  Since we deploy often on third-party sites, we also found it difficult to secure our deployments. Namely, packaging the code base into microlibs practically implies that we need to give the remote machine access to our private pypi repository. In case that we only want to deploy the subset of the code base, granting access to all packages would unnecessarily open up a potential security hole. With pypackagery, we deploy only the files that are actually used while the third-party dependencies are separately installed on the remote instance from a subset of requirements subrequirements.txt with pip3 install -r subrequirements.txt.

Usage

Requirement Specification

As already mentioned, the requirements are expected to follow Pip format (see pip documentation) and live in requirements.txt at the root of the code base. The mapping from modules to requirements is expected in module_to_requirement.tsv also at the root of the code base.

Assume that the code base lives in ~/workspace/some-project.

Here is an excerpt from ~/workspace/some-project/requirements.txt:

pillow==5.2.0
pytz==2018.5
pyzmq==17.1.2

And here is an excerpt from ~/workspace/some-project/module_to_requirement.tsv (mind that it’s tab separated):

PIL pillow
PIL.Image   pillow
PIL.ImageFile       pillow
PIL.ImageOps        pillow
PIL.ImageStat       pillow
PIL.ImageTk pillow
cv2 opencv-python

Directory

Assume that the code base lives in ~/workspace/some-project and we are interested to bundle everything in pipeline/out directory.

To determine the subset of the files and requirements, run the following command line:

pypackagery \
    --root_dir ~/workspace/some-project \
    --initial_set ~/workspace/some-project/pipeline/out

This gives us a verbose, human-readable output like:

External dependencies:
Package name | Requirement spec
-------------+---------------------
pyzmq        | 'pyzmq==17.1.2'
temppathlib  | 'temppathlib==1.0.3'

Local dependencies:
pipeline/out/__init__.py
common/__init__.py
common/logging.py
common/proc.py

If we want to get the same output in JSON, we need to call:

pypackagery \
    --root_dir ~/workspace/some-project \
    --initial_set ~/workspace/some-project/pipeline/out \
    --format json

which gives us a JSON-encoded dependency graph:

{
  "requirements": {
    "pyzmq": {
      "name": "pyzmq",
      "line": "pyzmq==17.1.2\n"
    },
    "temppathlib": {
      "name": "temppathlib",
      "line": "temppathlib==1.0.3\n"
    }
  },
  "rel_paths": [
    "pipeline/out/__init__.py",
    "common/__init__.py",
    "common/logging.py",
    "common/proc.py"
  ],
  "unresolved_modules": []
}

Files

Assume again that the code base lives in ~/workspace/some-project. We would like to get a subset of the code base required by a list of scripts. We need to specify the initial set as a list of files:

pypackagery \
    --root_dir ~/workspace/some-project \
    --initial_set \
        ~/workspace/some-project/pipeline/input/receivery.py \
        ~/workspace/some-project/pipeline/input/snapshotry.py

which gives us:

External dependencies:
Package name | Requirement spec
-------------+-------------------
icontract    | 'icontract==1.5.1'
pillow       | 'pillow==5.2.0'
protobuf     | 'protobuf==3.5.1'
pytz         | 'pytz==2018.5'
pyzmq        | 'pyzmq==17.1.2'
requests     | 'requests==2.19.1'

Local dependencies:
pipeline/__init__.py
pipeline/input/receivery.py
pipeline/input/snapshotry.py
common/__init__.py
common/img.py
common/logging.py
protoed/__init__.py
protoed/pipeline_pb2.py

Unresolved Modules

If there is a module which could not be resolved (neither in built-ins, nor specified in the requirements nor living in the code base), the pypackagery will return a non-zero return code.

If you specify --dont_panic, the return code will be 0 even if there are unresolved modules.

Module packagery

Pypackagery provides a module packagery which can be used to programmatically determine the dependencies of the subset of the code base. For example, this is particularly useful for deployments to a remote machine where you want to deploy only a part of the code base depending on some given configuration.

Here is an example:

import pathlib

import packagery

root_dir = pathlib.Path('/some/codebase')

rel_pths = [
    pathlib.Path("some/dir/file1.py"),
    pathlib.Path("some/other/dir/file2.py")]

requirements_txt = root_dir / "requirements.txt"
module_to_requirement_tsv = root_dir / "module_to_requirement.tsv"

requirements = packagery.parse_requirements(
    text=requirements_txt.read_text())

module_to_requirement = packagery.parse_module_to_requirement(
    text=module_to_requirement_tsv.read_text(),
    filename=module_to_requirement_tsv.as_posix())

pkg = packagery.collect_dependency_graph(
    root_dir=root_dir,
    rel_paths=rel_pths,
    requirements=requirements,
    module_to_requirement=module_to_requirement)

# do something with pkg ...

Mind that relative paths (given as rel_paths argument) all need to be files, not directories.

Documentation

The documentation is available on readthedocs.

Installation

• Create a virtual environment:

python3 -m venv venv3

• Activate it:

source venv3/bin/activate

• Install pypackagery with pip:

pip3 install pypackagery

Development

• Check out the repository.

• In the repository root, create the virtual environment:

python3 -m venv venv3

• Activate the virtual environment:

source venv3/bin/activate

• Install the development dependencies:

pip3 install -e .[dev]

We use tox for testing and packaging the distribution:

tox

Pre-commit Checks

We provide a set of pre-commit checks that lint and check code for formatting.

Namely, we use:

• yapf to check the formatting.

• The style of the docstrings is checked with pydocstyle.

• Static type analysis is performed with mypy.

• Various linter checks are done with pylint.

• Doctests are executed using the Python doctest module.

Run the pre-commit checks locally from an activated virtual environment with development dependencies:

./precommit.py

• The pre-commit script can also automatically format the code:

./precommit.py  --overwrite

Versioning

We follow Semantic Versioning. The version X.Y.Z indicates:

• X is the major version (backward-incompatible),

• Y is the minor version (backward-compatible), and

• Z is the patch version (backward-compatible bug fix).