Hey all! You may have noticed recently that there are issues running devstack on brand new machines - and if you have noticed that, you may have been asking:
- what's the problem? - how the heck did this make it past the gate since we run devstack so often? Well - this is a fun one, and it's kind of a perfect storm of three different things. First of all, there are a couple of packages with bad permissions in the archive that they have on PyPI. Specifically, prettytable and httplib2. That wasn't a problem until pip 1.4 actually started unpacking zip files more correctly - by actually preserving the permissions of the files in the archive. It got past the gate because pip 1.4 _only_ does this for zip files, and our mirror happens to return files in a different order, so the gate jobs were getting the tarball source archives instead of the zip source archives. What are we doing about it? A couple of things. Dean is adding a workaround to devstack to chmod the bad packages appropriately[1]. We are also filing bugs against the bad packages. And we've filed a bug against pip[2] and are working with the upstream authors (thanks dstufft) to get the logic in pip changed to be safer across the board (and to apply the same logic to both tar and zip archives) Monty [1] https://review.openstack.org/#/c/41209/ [2] https://github.com/pypa/pip/issues/1133 _______________________________________________ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev