Support Pipfile without Pipfile.lock

As previously written, if codeql finds a `Pipfile`, but no `Pipfile.lock`, it will run `pipenv install` with args that require `Pipfile.lock` to exist. Pipfile will fail with this message: ``` Usage: python -m pipenv install [OPTIONS] [PACKAGES]... ERROR:: Pipfile.lock must exist to use --keep-outdated! package installation with pipenv failed, see error above ``` This changeset enables auto_install to work with Pipfile when there is no lock. (Bonus: `--skip-lock` is generally a bit faster.)
github · Apr 18, 2022 · 808c292 · 808c292
1 parent 8b2f5d7
commit 808c292
Showing 1 changed file with 6 additions and 3 deletions.
diff --git a/python-setup/auto_install_packages.py b/python-setup/auto_install_packages.py
@@ -48,14 +48,15 @@ def install_packages_with_poetry():
     return python_executable_path
 
 
-def install_packages_with_pipenv():
+def install_packages_with_pipenv(skip_lock=False):
     command = [sys.executable, '-m', 'pipenv']
     if sys.platform.startswith('win32'):
         # In windows the default path were the deps are installed gets wiped out between steps,
         # so we have to set it up to a folder that will be kept
         os.environ['WORKON_HOME'] = os.path.join(os.environ['RUNNER_WORKSPACE'], 'virtualenvs')
+    lock_args = ['--skip-lock'] if skip_lock else ['--keep-outdated', '--ignore-pipfile']
     try:
-        _check_call(command + ['install', '--keep-outdated', '--ignore-pipfile'])
+        _check_call(command + ['install'] + lock_args)
     except subprocess.CalledProcessError:
         sys.exit('package installation with pipenv failed, see error above')
 
@@ -145,9 +146,11 @@ def install_packages(codeql_base_dir) -> Optional[str]:
     if os.path.exists('Pipfile') or os.path.exists('Pipfile.lock'):
         if os.path.exists('Pipfile.lock'):
             print('Found Pipfile.lock, will install packages with Pipenv', flush=True)
+            return install_packages_with_pipenv()
         else:
             print('Found Pipfile, will install packages with Pipenv', flush=True)
-        return install_packages_with_pipenv()
+            return install_packages_with_pipenv(skip_lock=True)
+
 
     # get_extractor_version returns the Python version the extractor thinks this repo is using
     version = extractor_version.get_extractor_version(codeql_base_dir, quiet=False)