Fix CI pip on Debian bookworm (PEP 668)
Some checks failed
CI / skip-ci-check (pull_request) Successful in 7s
CI / lint-and-test (pull_request) Successful in 11s
CI / ansible-validation (pull_request) Successful in 45s
CI / secret-scanning (pull_request) Successful in 7s
CI / dependency-scan (pull_request) Successful in 14s
CI / sast-scan (pull_request) Successful in 23s
CI / license-check (pull_request) Successful in 10s
CI / vault-check (pull_request) Successful in 10s
CI / playbook-test (pull_request) Failing after 21s
CI / container-scan (pull_request) Successful in 6s
CI / sonar-analysis (pull_request) Failing after 3s
CI / workflow-summary (pull_request) Successful in 5s
Some checks failed
CI / skip-ci-check (pull_request) Successful in 7s
CI / lint-and-test (pull_request) Successful in 11s
CI / ansible-validation (pull_request) Successful in 45s
CI / secret-scanning (pull_request) Successful in 7s
CI / dependency-scan (pull_request) Successful in 14s
CI / sast-scan (pull_request) Successful in 23s
CI / license-check (pull_request) Successful in 10s
CI / vault-check (pull_request) Successful in 10s
CI / playbook-test (pull_request) Failing after 21s
CI / container-scan (pull_request) Successful in 6s
CI / sonar-analysis (pull_request) Failing after 3s
CI / workflow-summary (pull_request) Successful in 5s
Bootstrap pip with --break-system-packages; set PIP_BREAK_SYSTEM_PACKAGES so ansible jobs work in node:20-bookworm without python3-venv. Co-authored-by: Cursor <cursoragent@cursor.com>
This commit is contained in:
parent
5874605467
commit
980423cd61
@ -86,19 +86,20 @@ jobs:
|
||||
if: needs.skip-ci-check.outputs.should-skip != '1' && (github.event_name == 'pull_request' || github.ref == 'refs/heads/master')
|
||||
env:
|
||||
PIP_NO_CACHE_DIR: "1"
|
||||
PIP_BREAK_SYSTEM_PACKAGES: "1"
|
||||
container:
|
||||
image: node:20-bookworm
|
||||
steps:
|
||||
- name: Check out code
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Ensure pip (node image has Python 3.11, not pip)
|
||||
- name: Bootstrap pip (PEP 668 / bookworm)
|
||||
run: |
|
||||
python3 --version
|
||||
python3 -m pip --version 2>/dev/null || {
|
||||
if ! python3 -m pip --version >/dev/null 2>&1; then
|
||||
curl -fsSL https://bootstrap.pypa.io/get-pip.py -o /tmp/get-pip.py
|
||||
python3 /tmp/get-pip.py --disable-pip-version-check
|
||||
}
|
||||
python3 /tmp/get-pip.py --disable-pip-version-check --break-system-packages
|
||||
fi
|
||||
|
||||
- name: Show disk space (runner may be full)
|
||||
run: df -h / /tmp || true
|
||||
@ -179,6 +180,9 @@ jobs:
|
||||
needs: skip-ci-check
|
||||
if: needs.skip-ci-check.outputs.should-skip != '1'
|
||||
runs-on: ubuntu-latest
|
||||
env:
|
||||
PIP_NO_CACHE_DIR: "1"
|
||||
PIP_BREAK_SYSTEM_PACKAGES: "1"
|
||||
container:
|
||||
image: node:20-bookworm
|
||||
steps:
|
||||
@ -198,10 +202,10 @@ jobs:
|
||||
- name: Scan Python dependencies
|
||||
run: |
|
||||
if [ -f requirements.txt ]; then
|
||||
python3 -m pip --version 2>/dev/null || {
|
||||
if ! python3 -m pip --version >/dev/null 2>&1; then
|
||||
curl -fsSL https://bootstrap.pypa.io/get-pip.py -o /tmp/get-pip.py
|
||||
python3 /tmp/get-pip.py --disable-pip-version-check
|
||||
}
|
||||
python3 /tmp/get-pip.py --disable-pip-version-check --break-system-packages
|
||||
fi
|
||||
python3 -m pip install --no-cache-dir pip-audit
|
||||
python3 -m pip-audit -r requirements.txt
|
||||
else
|
||||
@ -213,19 +217,22 @@ jobs:
|
||||
needs: skip-ci-check
|
||||
if: needs.skip-ci-check.outputs.should-skip != '1'
|
||||
runs-on: ubuntu-latest
|
||||
env:
|
||||
PIP_NO_CACHE_DIR: "1"
|
||||
PIP_BREAK_SYSTEM_PACKAGES: "1"
|
||||
container:
|
||||
image: node:20-bookworm
|
||||
steps:
|
||||
- name: Check out code
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Bootstrap pip
|
||||
- name: Bootstrap pip (PEP 668 / bookworm)
|
||||
run: |
|
||||
python3 --version
|
||||
python3 -m pip --version 2>/dev/null || {
|
||||
if ! python3 -m pip --version >/dev/null 2>&1; then
|
||||
curl -fsSL https://bootstrap.pypa.io/get-pip.py -o /tmp/get-pip.py
|
||||
python3 /tmp/get-pip.py --disable-pip-version-check
|
||||
}
|
||||
python3 /tmp/get-pip.py --disable-pip-version-check --break-system-packages
|
||||
fi
|
||||
|
||||
- name: Install Semgrep
|
||||
run: python3 -m pip install --no-cache-dir semgrep
|
||||
@ -263,18 +270,19 @@ jobs:
|
||||
runs-on: ubuntu-latest
|
||||
env:
|
||||
PIP_NO_CACHE_DIR: "1"
|
||||
PIP_BREAK_SYSTEM_PACKAGES: "1"
|
||||
container:
|
||||
image: node:20-bookworm
|
||||
steps:
|
||||
- name: Check out code
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Ensure pip
|
||||
- name: Bootstrap pip (PEP 668 / bookworm)
|
||||
run: |
|
||||
python3 -m pip --version 2>/dev/null || {
|
||||
if ! python3 -m pip --version >/dev/null 2>&1; then
|
||||
curl -fsSL https://bootstrap.pypa.io/get-pip.py -o /tmp/get-pip.py
|
||||
python3 /tmp/get-pip.py --disable-pip-version-check
|
||||
}
|
||||
python3 /tmp/get-pip.py --disable-pip-version-check --break-system-packages
|
||||
fi
|
||||
|
||||
- name: Install Ansible
|
||||
run: python3 -m pip install --no-cache-dir ansible-core
|
||||
@ -316,18 +324,19 @@ jobs:
|
||||
runs-on: ubuntu-latest
|
||||
env:
|
||||
PIP_NO_CACHE_DIR: "1"
|
||||
PIP_BREAK_SYSTEM_PACKAGES: "1"
|
||||
container:
|
||||
image: node:20-bookworm
|
||||
steps:
|
||||
- name: Check out code
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Ensure pip
|
||||
- name: Bootstrap pip (PEP 668 / bookworm)
|
||||
run: |
|
||||
python3 -m pip --version 2>/dev/null || {
|
||||
if ! python3 -m pip --version >/dev/null 2>&1; then
|
||||
curl -fsSL https://bootstrap.pypa.io/get-pip.py -o /tmp/get-pip.py
|
||||
python3 /tmp/get-pip.py --disable-pip-version-check
|
||||
}
|
||||
python3 /tmp/get-pip.py --disable-pip-version-check --break-system-packages
|
||||
fi
|
||||
|
||||
- name: Configure CI Ansible (no vault, localhost inventory)
|
||||
run: |
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user