PBR

PBR Freeze reports duplicate shas on many packages.

Bug #1405312 reported by Clark Boylan
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
PBR
Confirmed
Low
Unassigned

Bug Description

If I install latest python-heatclient in a clean virtualenv running pbr freeze shows duplicate shas for many packages that should not have any shas.

~/src/openstack$ git clone https://git.openstack.org/openstack/python-heatclient
~/src/openstack$ cd python-heatclient/
~/src/openstack/python-heatclient (master)$ virtualenv venv
~/src/openstack/python-heatclient (master %)$ venv/bin/pip install .
~/src/openstack/python-heatclient (master %)$ venv/bin/pbr freeze
Python==2.7
argparse==1.2.1
wsgiref==0.1.2
oslo.i18n==1.1.0
pytz==2014.10
netifaces==0.10.4 # git sha d6d5197
oslo.utils==1.1.0
pip==1.5.4
prettytable==0.7.2 # git sha d6d5197
python-keystoneclient==1.0.0 # git sha 10860db
Babel==1.3
oslo.serialization==1.1.0
setuptools==2.2
netaddr==0.7.12 # git sha d6d5197
PyYAML==3.11 # git sha d6d5197
six==1.8.0
iso8601==0.1.10 # git sha d6d5197
requests==2.5.1
pbr==0.10.7 # git sha aef4f7e
python-heatclient==0.2.12.post49 # git sha d6d5197
stevedore==1.1.0
oslo.config==1.5.0

See shas on netifaces, prettytable, netaddr, PyYAML, and iso8601. It is the same sha as python-heatclient.

Revision history for this message
Clark Boylan (cboylan) wrote :

I think this may happen when the virtualenv is in the root dir of a package because pbr's egg info entry point writer is available and finding the git sha for the package being installed. Not sure why this seems to only happen for some packages though.

Revision history for this message
Clark Boylan (cboylan) wrote :

Doing a bit more investigating I think the packages with the duplicate sha1s were installed via sdists and not wheels. Which seems to make sense under the above theory.

I think the pbr egg info writer will need to be more discerning at install time about when it writes pbr.json files.

Changed in pbr:
status: New → Confirmed
importance: Undecided → Low
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.