chore(skore): Using pixi to manage the lock files and CI#2929
chore(skore): Using pixi to manage the lock files and CI#2929glemaitre wants to merge 16 commits into
Conversation
glemaitre
requested review from
auguste-probabl,
rouk1 and
thomass-dev
as code owners
|
|
Yes, please! |
|
Is there something specific keeping this in draft @glemaitre ? I'm very excited to have a coherent, reproducible dev environment. |
rouk1
left a comment
rouk1
left a comment
There was a problem hiding this comment.
IMHO this needs to be documented in contribution guidelines.
How to install pixi and dot and how to spawn a virtualenv.
We can indeed document the way of using |
It's not only "if one is interested in". The lockfiles used in the CI are now only in pixi "language". |
OK I see. I was not considering this use case. |
|
Also, "how to update lockfiles" should be documented, both when adding a new dependency or when dependencies have to be upgraded. In a way, this PR forces maintainers to adopt pixi. |
| # Python deps are now resolved by pixi (see `pixi.toml` / `pixi.lock`). | ||
| # Dependabot has no native pixi ecosystem; refresh the lockfile with `pixi update` | ||
| # (manually or via a scheduled workflow). |
There was a problem hiding this comment.
This is really not cool :(.
There was a problem hiding this comment.
We can create a bot as we do in skrub that open a PR weekly.
There was a problem hiding this comment.
There was a problem hiding this comment.
Maintaining our own dependabot 😅 .
There was a problem hiding this comment.
we are maintaining a whole in-house dependency tracking system right now, so I think it is a net improvement tbh
There was a problem hiding this comment.
whole in-house dependency tracking system
That's not true, and it's really unfair. 😉
Before, we used:
pyproject.tomlto define dependencies,- a
txtfile to override dependencies (matrix), - a
bashscript to read thetxtfile and generaterequirements.txtfiles usinguv.
With this PR, you need:
pyproject.tomlto define dependencies,- a
pixi.tomlto define dependencies, - a pixi command to read the
pixi.tomlfile and generate thepixi.lock.
Also, the txt file was used in the CI, so with one file we were able to generate lockfiles and to control matrix in the CI. With this PR, we have to redefine matrix both in the CI and in the pixi.toml.
The underlying system is the same, in a different language pixi vs bash+uv: defining lockfiles.
The only advantage is the invisible venv management in the CI + the automatic lockfiles check.
This latest advantage is mitigated by the fact that a replacement for dependabot needs to be created.
Otherwise, the complexity in the CI is strictly the same, and i'm still not convinced.
There was a problem hiding this comment.
whole in-house dependency tracking system
That's not true, and it's really unfair. 😉
pip-compile.sh and supported-versions.json are an attempt at a home-grown dependency tracking system, and it works fine, don't get me wrong!
But it's less powerful (e.g granularity of lock files), less standard, and less well-documented than a bespoke tool like pixi or uv
I added a |
|
FWIW the pixi workflow proposed by @glemaitre is more or less what he set up for skrub like 1.5 year ago and it has worked well for skrub. personally I don't use pixi for my day-to-day work, only when there is an error in one of the CI jobs that I don't reproduce in my local env I will run |
|
This message is meant to be factual, and i'm looking for arguments in favor of pixi (i hope this isn't taken as passive-aggressive).
So what is the benefit of changing the CI from uv+bash+gh to pixi+gh? The argument of "bash" doesn't convince me, pixi is another language to learn, and the diff +30K -5K neither. The same goes for reproducibility; that's what lockfiles are for, whether you're using pixi or not. I'm not convinced. (by the way, i'm starting my review) |
I wasn't arguing for or against pixi, just saying what was my experience with this setup in another project. I don't have an opinion either way.
don't worry :) it did not come across like that |
Sorry @jeromedockes , in fact my message was implicitly addressed to @glemaitre . |
# Conflicts: # .github/workflows/lint.yml # .github/workflows/pr-display-code-coverage.yml # .github/workflows/pytest.yml # .github/workflows/sphinx.yml # ci/requirements/skore/python-3.11/scikit-learn-1.6/test-requirements.txt # ci/requirements/skore/python-3.11/scikit-learn-1.6_and_mlflow-2/test-requirements.txt # ci/requirements/skore/python-3.11/scikit-learn-1.9/test-requirements.txt # ci/requirements/skore/python-3.12/scikit-learn-1.6/test-requirements.txt # ci/requirements/skore/python-3.12/scikit-learn-1.9/test-requirements.txt # ci/requirements/skore/python-3.13/scikit-learn-1.6/test-requirements.txt # ci/requirements/skore/python-3.13/scikit-learn-1.9/test-requirements.txt # ci/requirements/skore/python-3.14/scikit-learn-1.7/test-requirements.txt # ci/requirements/skore/python-3.14/scikit-learn-1.8/test-requirements.txt # ci/requirements/skore/python-3.14/scikit-learn-1.9/sphinx-requirements.txt # ci/requirements/skore/python-3.14/scikit-learn-1.9/test-requirements.txt # ci/requirements/skore/python-3.14/scikit-learn-1.9_and_mlflow-3/test-requirements.txt # ci/requirements/skore/python-3.14/scikit-learn-1.9_and_pandas-2/test-requirements.txt # docs/how-to/bump-minimal-python-version.md
It is weird, it works normally with the Python extension out of the box. |
5 participants
closes #1659
closes #2809
Now that we are in monorepo, I would rather use a tool like pixi to orchestrate task and the CI jobs and update the lock file.
This PR is going towards this direction.
However, it does not force any user to absolutely use pixi as a development tools (the same way that it was not necessary before hand to use
uvfor instance).What this CI proposes:
codecovintegration instead of add the report in a message.