Tox 1.6.0 breaks when running tests under Python 2.5 (pip < 1.4 doesn't seem to support --insecure option)

Issue #117 on hold
Tomaz Muraus created an issue

Newest version of tox (1.6.0) uses pip < 1.4 when running tests with Python 2.5 and passes --insecure option to pip when installing the dependencies.

The problem is that pip doesn't seem to support --insecure argument and even the new versions of pip use --allow-insecure and not --insecure.

Error (I've truncated all the environment variables)

kami /w/lc/libcloud (git:trunk)$ rm -rf .tox ; tox -e py25
GLOB sdist-make: /w/lc/libcloud/setup.py
py25 create: /w/lc/libcloud/.tox/py25
py25 pip-downgrade: pip<1.4
py25 installdeps: mock, unittest2, lockfile, ssl, simplejson, paramiko
py25 inst: /w/lc/libcloud/.tox/dist/apache-libcloud-0.14.0-dev.zip
ERROR: invocation failed, logfile: /w/lc/libcloud/.tox/py25/log/py25-3.log
ERROR: actionid=py25
msg=installpkg
cmdargs=[local('/w/lc/libcloud/.tox/py25/bin/pip'), 'install', '--insecure', '/w/lc/libcloud/.tox/dist/apache-libcloud-0.14.0-dev.zip']
env={'PYTHONIOENCODING': 'utf_8', ....}

Usage:   
  pip install [options] <requirement specifier> ...
  pip install [options] -r <requirements file> ...
  pip install [options] [-e] <vcs project url> ...
  pip install [options] [-e] <local project path> ...
  pip install [options] <archive url/path> ...

no such option: --insecure

___________________________________________ summary ____________________________________________
ERROR:   py25: InvocationError: /w/lc/libcloud/.tox/py25/bin/pip install --insecure /w/lc/libcloud/.tox/dist/apache-libcloud-0.14.0-dev.zip (see /w/lc/libcloud/.tox/py25/log/py25-3.log)

Tox version:

tox --version
1.6.0 imported from /usr/local/lib/python2.7/dist-packages/tox/__init__.pyc

Installed Python version:

/w/lc/libcloud/.tox/py25/bin/python --version
Python 2.5.6

Pip version which get installed under Python 2.5 environments:

/w/lc/libcloud/.tox/py25/bin/pip --version
pip 1.3.1 from /w/lc/libcloud/.tox/py25/lib/python2.5/site-packages/pip-1.3.1-py2.5.egg (python 2.5)

Thanks

Comments (10)

  1. Holger Krekel repo owner

    indeed, seems like two different strategies of helping python2.5 collided here - not sure why it passed the release tests but will see to release a 1.6.1 soon.

  2. Holger Krekel repo owner

    Hum, no. pip-1.3.1 does have the --insecure option. Could you re-post your failure with "-v" to get the exact invocations and additionally tell the version of the offending pip? (should be .tox/py25/bin/pip --version) Thanks. holger

  3. Tomaz Muraus reporter

    Here is a pip version output (as already posted in the original issue description):

    /w/lc/libcloud/.tox/py25/bin/pip --version
    pip 1.3.1 from /w/lc/libcloud/.tox/py25/lib/python2.5/site-packages/pip-1.3.1-py2.5.egg (python 2.5)
    

    And here is the verbose output from `tox:

    kami /w/lc/libcloud (git:trunk)$ rm -rf .tox ; tox -v -e py25
    using tox.ini: /w/lc/libcloud/tox.ini
    using tox-1.6.0 from /usr/local/lib/python2.7/dist-packages/tox/__init__.pyc
    GLOB sdist-make: /w/lc/libcloud/setup.py
      /w/lc/libcloud$ /usr/bin/python /w/lc/libcloud/setup.py sdist --formats=zip --dist-dir /w/lc/libcloud/.tox/dist >/w/lc/libcloud/.tox/log/tox-0.log
    py25 create: /w/lc/libcloud/.tox/py25
      /w/lc/libcloud/.tox$ /usr/bin/python2.5 /usr/local/lib/python2.7/dist-packages/tox/vendor/virtualenv.py --setuptools --python /usr/bin/python2.5 py25 >/w/lc/libcloud/.tox/py25/log/py25-0.log
    py25 pip-downgrade: pip<1.4
      /w/lc/libcloud/.tox/py25/log$ /w/lc/libcloud/.tox/py25/bin/easy_install pip<1.4 >/w/lc/libcloud/.tox/py25/log/py25-1.log
    py25 installdeps: mock, unittest2, lockfile, ssl, simplejson, paramiko
      /w/lc/libcloud/.tox/py25/log$ /w/lc/libcloud/.tox/py25/bin/pip install --insecure mock unittest2 lockfile ssl simplejson paramiko >/w/lc/libcloud/.tox/py25/log/py25-2.log
    py25 inst: /w/lc/libcloud/.tox/dist/apache-libcloud-0.14.0-dev.zip
      /w/lc/libcloud/.tox/py25/log$ /w/lc/libcloud/.tox/py25/bin/pip install --insecure /w/lc/libcloud/.tox/dist/apache-libcloud-0.14.0-dev.zip >/w/lc/libcloud/.tox/py25/log/py25-3.log
    ERROR: invocation failed, logfile: /w/lc/libcloud/.tox/py25/log/py25-3.log
    ERROR: actionid=py25
    msg=installpkg
    cmdargs=[local('/w/lc/libcloud/.tox/py25/bin/pip'), 'install', '--insecure', '/w/lc/libcloud/.tox/dist/apache-libcloud-0.14.0-dev.zip']
    env={'PYTHONIOENCODING': 'utf_8'}
    
    Usage:   
      pip install [options] <requirement specifier> ...
      pip install [options] -r <requirements file> ...
      pip install [options] [-e] <vcs project url> ...
      pip install [options] [-e] <local project path> ...
      pip install [options] <archive url/path> ...
    
    no such option: --insecure
    
    ___________________________________________ summary ____________________________________________
    ERROR:   py25: InvocationError: /w/lc/libcloud/.tox/py25/bin/pip install --insecure /w/lc/libcloud/.tox/dist/apache-libcloud-0.14.0-dev.zip (see /w/lc/libcloud/.tox/py25/log/py25-3.log)
    

    I noticed there are two pip binaries in the bin/ directory (pip and pip-2.5, but none of them seems to provide --insecure option as determined by pip install --help):

    PYTHONPATH=/w/lc/libcloud/.tox/py25/lib/python2.5/site-packages/  /w/lc/libcloud/.tox/py25/bin/python /w/lc/libcloud/.tox/py25/bin/pip-2.5 install --insecure
    
    Usage:   
      pip install [options] <requirement specifier> ...
      pip install [options] -r <requirements file> ...
      pip install [options] [-e] <vcs project url> ...
      pip install [options] [-e] <local project path> ...
      pip install [options] <archive url/path> ...
    
    no such option: --insecure
    
    PYTHONPATH=/w/lc/libcloud/.tox/py25/lib/python2.5/site-packages/  /w/lc/libcloud/.tox/py25/bin/python /w/lc/libcloud/.tox/py25/bin/pip install --insecure
    

    Thanks

  4. Tomaz Muraus reporter

    I think I now know what the problem is.

    I would assume pip 1.3.1 only exposes --insecure option if running under Python 2.5 without the ssl module. That's not the case for us because libcloud installs ssl dependency under 2.5.

    The right solution (to me) seems to be modifying tox to only use --insecure option if ssl module is not available (import ssl) fails.

    @hpk42 what do you think about this approach?

    Edit: Confirming that is indeed the case. If I remove ssl module from dependencies, pip does indeed expose --insecure option. I need to check the code, but I would image it does the same introspection I proposed for tox above.

  5. Holger Krekel repo owner

    fix issue117: python2.5 fix: don't use --insecure option because its very existence depends on presence of "ssl". If you want to support python2.5/pip1.3.1 based test environments you need to install ssl and/or use PIP_INSECURE=1 through setenv. section.

    → <<cset 264fe64185e4>>

  6. Tomaz Muraus reporter

    @hpk42 Thanks!

    When I discovered a root cause, I wanted to update tox to only use --insecure option if import ssl throws ImportError under Python 2.5, but checking the code I couldn't come up with a good and nice way to execute code code under target Python version (2.5 in this case) and pass it back to the parent.

  7. Log in to comment