diff --git a/.github/workflows/python-deps.yml b/.github/workflows/python-deps.yml new file mode 100644 index 000000000..dba136bf8 --- /dev/null +++ b/.github/workflows/python-deps.yml @@ -0,0 +1,81 @@ +name: Test Python Package Installation + +on: + push: + branches: [main, v1] + pull_request: + +jobs: + + test-setup-python-scripts: + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + include: + - test_dir: python-setup/tests/pipenv/requests-2 + test_script: $GITHUB_WORKSPACE/python-setup/tests/check_requests_123.sh 2 + - test_dir: python-setup/tests/pipenv/requests-3 + test_script: $GITHUB_WORKSPACE/python-setup/tests/check_requests_123.sh 3 + + - test_dir: python-setup/tests/poetry/requests-2 + test_script: $GITHUB_WORKSPACE/python-setup/tests/check_requests_123.sh 2 + - test_dir: python-setup/tests/poetry/requests-3 + test_script: $GITHUB_WORKSPACE/python-setup/tests/check_requests_123.sh 3 + + - test_dir: python-setup/tests/requirements/requests-2 + test_script: $GITHUB_WORKSPACE/python-setup/tests/check_requests_123.sh 2 + - test_dir: python-setup/tests/requirements/requests-3 + test_script: $GITHUB_WORKSPACE/python-setup/tests/check_requests_123.sh 3 + + - test_dir: python-setup/tests/setup_py/requests-2 + test_script: $GITHUB_WORKSPACE/python-setup/tests/check_requests_123.sh 2 + - test_dir: python-setup/tests/setup_py/requests-3 + test_script: $GITHUB_WORKSPACE/python-setup/tests/check_requests_123.sh 3 + + # This one shouldn't fail, but also won't install packages + - test_dir: python-setup/tests/requirements/non-standard-location + test_script: test -z $LGTM_INDEX_IMPORT_PATH + + # All of these should fail + - test_dir: python-setup/tests/pipenv/python-version-not-available + test_script: /bin/false + - test_dir: python-setup/tests/poetry/python-version-not-available + test_script: /bin/false + - test_dir: python-setup/tests/requirements/invalid-package + test_script: /bin/false + - test_dir: python-setup/tests/requirements/invalid-version + test_script: /bin/false + - test_dir: python-setup/tests/setup_py/invalid-version + test_script: /bin/false + - test_dir: python-setup/tests/setup_py/invalid-file + test_script: /bin/false + - test_dir: python-setup/tests/setup_py/extra-require-not-installed + test_script: $GITHUB_WORKSPACE/python-setup/tests/check_requests_123.sh 3 + - test_dir: python-setup/tests/setup_py/wrong-python-version + test_script: /bin/false + + steps: + # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it + - uses: actions/checkout@v2 + + - name: Initialize CodeQL + uses: github/codeql-action/init@v1 + with: + languages: python + + - name: Test Auto Package Installation + run: | + set -x + $GITHUB_WORKSPACE/python-setup/install_tools.sh + echo -e '\n\n\n\n\n' && sleep 0.5 + cd $GITHUB_WORKSPACE/${{ matrix.test_dir }} + $GITHUB_WORKSPACE/python-setup/auto_install_packages.py /opt/hostedtoolcache/CodeQL/0.0.0-20200826/x64/codeql/ + - name: Setup for extractor + run: | + echo $CODEQL_PYTHON + # only run if $CODEQL_PYTHON is set + test ! -z $CODEQL_PYTHON && $GITHUB_WORKSPACE/python-setup/tests/from_python_exe.py $CODEQL_PYTHON || /bin/true + - name: Verify packages installed + run: | + ${{ matrix.test_script }} \ No newline at end of file diff --git a/python-setup/tests/check_requests_123.sh b/python-setup/tests/check_requests_123.sh new file mode 100644 index 000000000..f44eb8093 --- /dev/null +++ b/python-setup/tests/check_requests_123.sh @@ -0,0 +1,32 @@ +#!/bin/bash + +set -e + +SCRIPTDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )" + +EXPECTED_VERSION=$1 + +FOUND_VERSION="$LGTM_PYTHON_SETUP_VERSION" +FOUND_PYTHONPATH="$LGTM_INDEX_IMPORT_PATH" + +echo "FOUND_VERSION=${FOUND_VERSION} FOUND_PYTHONPATH=${FOUND_PYTHONPATH} " + +if [[ $FOUND_VERSION != $EXPECTED_VERSION ]]; then + echo "Script told us to use Python ${FOUND_VERSION}, but expected ${EXPECTED_VERSION}" + exit 1 +else + echo "Script told us to use Python ${FOUND_VERSION}, which was expected" +fi + +PYTHON_EXE="python${EXPECTED_VERSION}" + +INSTALLED_REQUESTS_VERSION=$(PYTHONPATH="${FOUND_PYTHONPATH}" "${PYTHON_EXE}" -c 'import requests; print(requests.__version__)') + +EXPECTED_REQUESTS="1.2.3" + +if [[ "$INSTALLED_REQUESTS_VERSION" != "$EXPECTED_REQUESTS" ]]; then + echo "Using ${FOUND_PYTHONPATH} as PYTHONPATH, we found version $INSTALLED_REQUESTS_VERSION of requests, but expected $EXPECTED_REQUESTS" + exit 1 +else + echo "Using ${FOUND_PYTHONPATH} as PYTHONPATH, we found version $INSTALLED_REQUESTS_VERSION of requests, which was expected" +fi \ No newline at end of file diff --git a/python-setup/tests/from_python_exe.py b/python-setup/tests/from_python_exe.py new file mode 100644 index 000000000..69e2e873e --- /dev/null +++ b/python-setup/tests/from_python_exe.py @@ -0,0 +1,31 @@ +#!/usr/bin/env python3 + +import sys +import subprocess +from typing import Tuple + +def get_details(path_to_python_exe: str) -> Tuple[str, str]: + import_path = subprocess.check_output( + [ + path_to_python_exe, + "-c", + "import os; import pip; print(os.path.dirname(os.path.dirname(pip.__file__)))", + ], + stdin=subprocess.DEVNULL, + ) + version = subprocess.check_output( + [path_to_python_exe, "-c", "import sys; print(sys.version_info[0])"], + stdin=subprocess.DEVNULL, + ) + + return version.decode("utf-8").strip(), import_path.decode("utf-8").strip() + + +if __name__ == "__main__": + version, import_path = get_details(sys.argv[1]) + + print("Setting LGTM_PYTHON_SETUP_VERSION={}".format(version)) + print("::set-env name=LGTM_PYTHON_SETUP_VERSION::{}".format(version)) + + print("Setting LGTM_INDEX_IMPORT_PATH={}".format(import_path)) + print("::set-env name=LGTM_INDEX_IMPORT_PATH::{}".format(import_path)) \ No newline at end of file diff --git a/python-setup/tests/pipenv/python-3.8/Pipfile b/python-setup/tests/pipenv/python-3.8/Pipfile new file mode 100644 index 000000000..b799f0f56 --- /dev/null +++ b/python-setup/tests/pipenv/python-3.8/Pipfile @@ -0,0 +1,12 @@ +[[source]] +name = "pypi" +url = "https://pypi.org/simple" +verify_ssl = true + +[dev-packages] + +[packages] +requests = "*" + +[requires] +python_version = "3.8" diff --git a/python-setup/tests/pipenv/python-3.8/Pipfile.lock b/python-setup/tests/pipenv/python-3.8/Pipfile.lock new file mode 100644 index 000000000..519591de8 --- /dev/null +++ b/python-setup/tests/pipenv/python-3.8/Pipfile.lock @@ -0,0 +1,28 @@ +{ + "_meta": { + "hash": { + "sha256": "2296b1fab66570fa3660c5e6a4e923332dcd7785814624c584be6623bc62c0e7" + }, + "pipfile-spec": 6, + "requires": { + "python_version": "3.8" + }, + "sources": [ + { + "name": "pypi", + "url": "https://pypi.org/simple", + "verify_ssl": true + } + ] + }, + "default": { + "requests": { + "hashes": [ + "sha256:156bf3ec27ba9ec7e0cf8fbe02808718099d218de403eb64a714d73ba1a29ab1" + ], + "index": "pypi", + "version": "==1.2.3" + } + }, + "develop": {} +} diff --git a/python-setup/tests/pipenv/python-version-not-available/Pipfile b/python-setup/tests/pipenv/python-version-not-available/Pipfile new file mode 100644 index 000000000..336c2301b --- /dev/null +++ b/python-setup/tests/pipenv/python-version-not-available/Pipfile @@ -0,0 +1,12 @@ +[[source]] +name = "pypi" +url = "https://pypi.org/simple" +verify_ssl = true + +[dev-packages] + +[packages] +requests = "*" + +[requires] +python_version = "3.100" diff --git a/python-setup/tests/pipenv/python-version-not-available/Pipfile.lock b/python-setup/tests/pipenv/python-version-not-available/Pipfile.lock new file mode 100644 index 000000000..519591de8 --- /dev/null +++ b/python-setup/tests/pipenv/python-version-not-available/Pipfile.lock @@ -0,0 +1,28 @@ +{ + "_meta": { + "hash": { + "sha256": "2296b1fab66570fa3660c5e6a4e923332dcd7785814624c584be6623bc62c0e7" + }, + "pipfile-spec": 6, + "requires": { + "python_version": "3.8" + }, + "sources": [ + { + "name": "pypi", + "url": "https://pypi.org/simple", + "verify_ssl": true + } + ] + }, + "default": { + "requests": { + "hashes": [ + "sha256:156bf3ec27ba9ec7e0cf8fbe02808718099d218de403eb64a714d73ba1a29ab1" + ], + "index": "pypi", + "version": "==1.2.3" + } + }, + "develop": {} +} diff --git a/python-setup/tests/pipenv/requests-2/Pipfile b/python-setup/tests/pipenv/requests-2/Pipfile new file mode 100644 index 000000000..c9450bcf7 --- /dev/null +++ b/python-setup/tests/pipenv/requests-2/Pipfile @@ -0,0 +1,12 @@ +[[source]] +name = "pypi" +url = "https://pypi.org/simple" +verify_ssl = true + +[dev-packages] + +[packages] +requests = "*" + +[requires] +python_version = "2.7" diff --git a/python-setup/tests/pipenv/requests-2/Pipfile.lock b/python-setup/tests/pipenv/requests-2/Pipfile.lock new file mode 100644 index 000000000..789382967 --- /dev/null +++ b/python-setup/tests/pipenv/requests-2/Pipfile.lock @@ -0,0 +1,28 @@ +{ + "_meta": { + "hash": { + "sha256": "fba50410545d38a2f88b8d6964eb292055389e363b5c75a56b01ec80e7de14c1" + }, + "pipfile-spec": 6, + "requires": { + "python_version": "2.7" + }, + "sources": [ + { + "name": "pypi", + "url": "https://pypi.org/simple", + "verify_ssl": true + } + ] + }, + "default": { + "requests": { + "hashes": [ + "sha256:156bf3ec27ba9ec7e0cf8fbe02808718099d218de403eb64a714d73ba1a29ab1" + ], + "index": "pypi", + "version": "==1.2.3" + } + }, + "develop": {} +} diff --git a/python-setup/tests/pipenv/requests-3/Pipfile b/python-setup/tests/pipenv/requests-3/Pipfile new file mode 100644 index 000000000..fcab73720 --- /dev/null +++ b/python-setup/tests/pipenv/requests-3/Pipfile @@ -0,0 +1,11 @@ +[[source]] +name = "pypi" +url = "https://pypi.org/simple" +verify_ssl = true + +[dev-packages] + +[packages] +requests = "*" + +[requires] diff --git a/python-setup/tests/pipenv/requests-3/Pipfile.lock b/python-setup/tests/pipenv/requests-3/Pipfile.lock new file mode 100644 index 000000000..519591de8 --- /dev/null +++ b/python-setup/tests/pipenv/requests-3/Pipfile.lock @@ -0,0 +1,28 @@ +{ + "_meta": { + "hash": { + "sha256": "2296b1fab66570fa3660c5e6a4e923332dcd7785814624c584be6623bc62c0e7" + }, + "pipfile-spec": 6, + "requires": { + "python_version": "3.8" + }, + "sources": [ + { + "name": "pypi", + "url": "https://pypi.org/simple", + "verify_ssl": true + } + ] + }, + "default": { + "requests": { + "hashes": [ + "sha256:156bf3ec27ba9ec7e0cf8fbe02808718099d218de403eb64a714d73ba1a29ab1" + ], + "index": "pypi", + "version": "==1.2.3" + } + }, + "develop": {} +} diff --git a/python-setup/tests/poetry/python-3.8/poetry.lock b/python-setup/tests/poetry/python-3.8/poetry.lock new file mode 100644 index 000000000..cda1a33c2 --- /dev/null +++ b/python-setup/tests/poetry/python-3.8/poetry.lock @@ -0,0 +1,16 @@ +[[package]] +category = "main" +description = "Python HTTP for Humans." +name = "requests" +optional = false +python-versions = "^3.8" +version = "1.2.3" + +[metadata] +content-hash = "b1abdce30bbdad3ac786dafe6840129df522cae3c5988f9ba8061320e3c1a34e" +python-versions = "^3.8" + +[metadata.files] +requests = [ + {file = "requests-1.2.3.tar.gz", hash = "sha256:156bf3ec27ba9ec7e0cf8fbe02808718099d218de403eb64a714d73ba1a29ab1"}, +] diff --git a/python-setup/tests/poetry/python-3.8/pyproject.toml b/python-setup/tests/poetry/python-3.8/pyproject.toml new file mode 100644 index 000000000..8d82c19db --- /dev/null +++ b/python-setup/tests/poetry/python-3.8/pyproject.toml @@ -0,0 +1,15 @@ +[tool.poetry] +name = "autoinstall-test" +version = "0.1.0" +description = "" +authors = ["Your Name "] + +[tool.poetry.dependencies] +python = "^3.8" +requests = "*" + +[tool.poetry.dev-dependencies] + +[build-system] +requires = ["poetry>=0.12"] +build-backend = "poetry.masonry.api" diff --git a/python-setup/tests/poetry/python-version-not-available/poetry.lock b/python-setup/tests/poetry/python-version-not-available/poetry.lock new file mode 100644 index 000000000..6db68ee77 --- /dev/null +++ b/python-setup/tests/poetry/python-version-not-available/poetry.lock @@ -0,0 +1,16 @@ +[[package]] +category = "main" +description = "Python HTTP for Humans." +name = "requests" +optional = false +python-versions = "^3.100" +version = "1.2.3" + +[metadata] +content-hash = "b1abdce30bbdad3ac786dafe6840129df522cae3c5988f9ba8061320e3c1a34e" +python-versions = "^3.100" + +[metadata.files] +requests = [ + {file = "requests-1.2.3.tar.gz", hash = "sha256:156bf3ec27ba9ec7e0cf8fbe02808718099d218de403eb64a714d73ba1a29ab1"}, +] diff --git a/python-setup/tests/poetry/python-version-not-available/pyproject.toml b/python-setup/tests/poetry/python-version-not-available/pyproject.toml new file mode 100644 index 000000000..86007afea --- /dev/null +++ b/python-setup/tests/poetry/python-version-not-available/pyproject.toml @@ -0,0 +1,15 @@ +[tool.poetry] +name = "autoinstall-test" +version = "0.1.0" +description = "" +authors = ["Your Name "] + +[tool.poetry.dependencies] +python = "^3.100" +requests = "*" + +[tool.poetry.dev-dependencies] + +[build-system] +requires = ["poetry>=0.12"] +build-backend = "poetry.masonry.api" diff --git a/python-setup/tests/poetry/requests-2/poetry.lock b/python-setup/tests/poetry/requests-2/poetry.lock new file mode 100644 index 000000000..c16b09b4c --- /dev/null +++ b/python-setup/tests/poetry/requests-2/poetry.lock @@ -0,0 +1,16 @@ +[[package]] +category = "main" +description = "Python HTTP for Humans." +name = "requests" +optional = false +python-versions = "*" +version = "1.2.3" + +[metadata] +content-hash = "b8c27a00aece20cb2ff6b3dcd394b1b5ef5e4acc3d7a059cfeb9f9cc11c9eff4" +python-versions = "^2.7" + +[metadata.files] +requests = [ + {file = "requests-1.2.3.tar.gz", hash = "sha256:156bf3ec27ba9ec7e0cf8fbe02808718099d218de403eb64a714d73ba1a29ab1"}, +] diff --git a/python-setup/tests/poetry/requests-2/pyproject.toml b/python-setup/tests/poetry/requests-2/pyproject.toml new file mode 100644 index 000000000..890d59147 --- /dev/null +++ b/python-setup/tests/poetry/requests-2/pyproject.toml @@ -0,0 +1,15 @@ +[tool.poetry] +name = "autoinstall-test" +version = "0.1.0" +description = "" +authors = ["Your Name "] + +[tool.poetry.dependencies] +python = "^2.7" +requests = "*" + +[tool.poetry.dev-dependencies] + +[build-system] +requires = ["poetry>=0.12"] +build-backend = "poetry.masonry.api" diff --git a/python-setup/tests/poetry/requests-3/poetry.lock b/python-setup/tests/poetry/requests-3/poetry.lock new file mode 100644 index 000000000..ecc2ca3b6 --- /dev/null +++ b/python-setup/tests/poetry/requests-3/poetry.lock @@ -0,0 +1,16 @@ +[[package]] +category = "main" +description = "Python HTTP for Humans." +name = "requests" +optional = false +python-versions = "^3.5" +version = "1.2.3" + +[metadata] +content-hash = "b1abdce30bbdad3ac786dafe6840129df522cae3c5988f9ba8061320e3c1a34e" +python-versions = "^3.5" + +[metadata.files] +requests = [ + {file = "requests-1.2.3.tar.gz", hash = "sha256:156bf3ec27ba9ec7e0cf8fbe02808718099d218de403eb64a714d73ba1a29ab1"}, +] diff --git a/python-setup/tests/poetry/requests-3/pyproject.toml b/python-setup/tests/poetry/requests-3/pyproject.toml new file mode 100644 index 000000000..155de4618 --- /dev/null +++ b/python-setup/tests/poetry/requests-3/pyproject.toml @@ -0,0 +1,15 @@ +[tool.poetry] +name = "autoinstall-test" +version = "0.1.0" +description = "" +authors = ["Your Name "] + +[tool.poetry.dependencies] +python = "^3.5" +requests = "*" + +[tool.poetry.dev-dependencies] + +[build-system] +requires = ["poetry>=0.12"] +build-backend = "poetry.masonry.api" diff --git a/python-setup/tests/requirements/invalid-package/requirements.txt b/python-setup/tests/requirements/invalid-package/requirements.txt new file mode 100644 index 000000000..4acb6327e --- /dev/null +++ b/python-setup/tests/requirements/invalid-package/requirements.txt @@ -0,0 +1,2 @@ +# non-existing package +ajsdiofjasodinfkajsndfoiuqwhefoanisdfojnasdofas diff --git a/python-setup/tests/requirements/invalid-version/requirements.txt b/python-setup/tests/requirements/invalid-version/requirements.txt new file mode 100644 index 000000000..915977da0 --- /dev/null +++ b/python-setup/tests/requirements/invalid-version/requirements.txt @@ -0,0 +1,2 @@ +# valid package with invalid version +requests==10000 diff --git a/python-setup/tests/requirements/non-standard-location/non-standard/requirements.txt b/python-setup/tests/requirements/non-standard-location/non-standard/requirements.txt new file mode 100644 index 000000000..134975b53 --- /dev/null +++ b/python-setup/tests/requirements/non-standard-location/non-standard/requirements.txt @@ -0,0 +1 @@ +requests==1.2.3 diff --git a/python-setup/tests/requirements/non-standard-location/wat.py b/python-setup/tests/requirements/non-standard-location/wat.py new file mode 100644 index 000000000..b376c9941 --- /dev/null +++ b/python-setup/tests/requirements/non-standard-location/wat.py @@ -0,0 +1 @@ +print('hello') diff --git a/python-setup/tests/requirements/requests-2/requirements.txt b/python-setup/tests/requirements/requests-2/requirements.txt new file mode 100644 index 000000000..134975b53 --- /dev/null +++ b/python-setup/tests/requirements/requests-2/requirements.txt @@ -0,0 +1 @@ +requests==1.2.3 diff --git a/python-setup/tests/requirements/requests-2/setup.py b/python-setup/tests/requirements/requests-2/setup.py new file mode 100644 index 000000000..ea6a81184 --- /dev/null +++ b/python-setup/tests/requirements/requests-2/setup.py @@ -0,0 +1,3 @@ +# fake setup.py with Trove classifier to fool Python extractor to believe this is Python 2 for sure + +# Programming Language :: Python :: 2.7 diff --git a/python-setup/tests/requirements/requests-3/requirements.txt b/python-setup/tests/requirements/requests-3/requirements.txt new file mode 100644 index 000000000..134975b53 --- /dev/null +++ b/python-setup/tests/requirements/requests-3/requirements.txt @@ -0,0 +1 @@ +requests==1.2.3 diff --git a/python-setup/tests/requirements/requests-3/setup.py b/python-setup/tests/requirements/requests-3/setup.py new file mode 100644 index 000000000..f2eba6c01 --- /dev/null +++ b/python-setup/tests/requirements/requests-3/setup.py @@ -0,0 +1,3 @@ +# fake setup.py with Trove classifier to fool Python extractor to believe this is Python 3 for sure + +# Programming Language :: Python :: 3.7 diff --git a/python-setup/tests/setup_py/extra-require-not-installed/setup.py b/python-setup/tests/setup_py/extra-require-not-installed/setup.py new file mode 100644 index 000000000..f14e3597d --- /dev/null +++ b/python-setup/tests/setup_py/extra-require-not-installed/setup.py @@ -0,0 +1,11 @@ +from setuptools import setup + +# has fake Trove classifier to fool Python extractor to believe this is Python 3 for sure + +# Programming Language :: Python :: 3.7 + +setup( + name="example-setup.py", + install_requires=[], + extras_require={"all": ["requests==1.2.3"]} +) diff --git a/python-setup/tests/setup_py/invalid-file/setup.py b/python-setup/tests/setup_py/invalid-file/setup.py new file mode 100644 index 000000000..39f67eb3f --- /dev/null +++ b/python-setup/tests/setup_py/invalid-file/setup.py @@ -0,0 +1 @@ +raise Exception("some kind of error") diff --git a/python-setup/tests/setup_py/invalid-version/setup.py b/python-setup/tests/setup_py/invalid-version/setup.py new file mode 100644 index 000000000..f549eac22 --- /dev/null +++ b/python-setup/tests/setup_py/invalid-version/setup.py @@ -0,0 +1,6 @@ +from setuptools import setup + +setup( + name="example-setup.py", + install_requires=["requests==10000"], +) diff --git a/python-setup/tests/setup_py/requests-2/setup.py b/python-setup/tests/setup_py/requests-2/setup.py new file mode 100644 index 000000000..26e0d9753 --- /dev/null +++ b/python-setup/tests/setup_py/requests-2/setup.py @@ -0,0 +1,12 @@ +from setuptools import setup + +# has fake Trove classifier to fool Python extractor to believe this is Python 2 for sure + +# Programming Language :: Python :: 2.7 + + +setup( + name="example-setup.py", + install_requires=["requests==1.2.3"], + python_requires=">=2.7, <3", +) diff --git a/python-setup/tests/setup_py/requests-3/setup.py b/python-setup/tests/setup_py/requests-3/setup.py new file mode 100644 index 000000000..b401073da --- /dev/null +++ b/python-setup/tests/setup_py/requests-3/setup.py @@ -0,0 +1,12 @@ +from setuptools import setup + +# has fake Trove classifier to fool Python extractor to believe this is Python 3 for sure + +# Programming Language :: Python :: 3.7 + + +setup( + name="example-setup.py", + install_requires=["requests==1.2.3"], + python_requires='>=3.5', +) diff --git a/python-setup/tests/setup_py/wrong-python-version/setup.py b/python-setup/tests/setup_py/wrong-python-version/setup.py new file mode 100644 index 000000000..4b2f68ae5 --- /dev/null +++ b/python-setup/tests/setup_py/wrong-python-version/setup.py @@ -0,0 +1,12 @@ +from setuptools import setup + +# has fake Trove classifier to fool Python extractor to believe this is Python 3 for sure + +# Programming Language :: Python :: 3.7 + + +setup( + name="example-setup.py", + install_requires=["requests==1.2.3"], + python_requires=">=2.7, <3", +)