Gitlab license checker fails to install package from pip
Summary
My requirements.txt
file contains a package, yarl==1.2.6
, which definitely exists in PyPI, but which Gitlab fails to install during license checking.
Steps to reproduce
- Configure license management using the provided template
- Add a
requirements.txt
with one entry:yarl==1.2.6
- Push to gitlab and watch the CI job fail
Example Project
https://gitlab.com/brett.higgins/license-check-test/
What is the current bug behavior?
CI job fails to install the package.
What is the expected correct behavior?
Any package available in PyPI should be installable.
Relevant logs and/or screenshots
https://gitlab.com/brett.higgins/license-check-test/-/jobs/201240843
Running with gitlab-runner 11.10.0-rc2 (10efa505)
on docker-auto-scale ed2dce3a
Using Docker executor with image registry.gitlab.com/gitlab-org/security-products/license-management:11-10-stable ...
Pulling docker image registry.gitlab.com/gitlab-org/security-products/license-management:11-10-stable ...
Using docker image sha256:263a26720d8ed735632bf0bd582bd93b7ec67313689c98f33fc2df16fe47e59e for registry.gitlab.com/gitlab-org/security-products/license-management:11-10-stable ...
Running on runner-ed2dce3a-project-12002148-concurrent-0 via runner-ed2dce3a-srm-1556067968-f64a8d74...
Initialized empty Git repository in /builds/brett.higgins/license-check-test/.git/
Fetching changes...
Created fresh repository.
From https://gitlab.com/brett.higgins/license-check-test
* [new branch] master -> origin/master
Checking out aaf268ce as master...
Skipping Git submodules setup
$ /run.sh analyze .
mesg: ttyname failed: Inappropriate ioctl for device
Running license_finder in /builds/brett.higgins/license-check-test
LicenseFinder::Pip: is active
/usr/local/rvm/gems/ruby-2.5.1/gems/license_finder-5.6.2/lib/license_finder/package_managers/pip.rb:40:in `prepare': Prepare command 'pip install -r requirements.txt' failed (RuntimeError)
from /usr/local/rvm/gems/ruby-2.5.1/gems/license_finder-5.6.2/lib/license_finder/core.rb:64:in `block in prepare_projects'
from /usr/local/rvm/gems/ruby-2.5.1/gems/license_finder-5.6.2/lib/license_finder/core.rb:62:in `each'
from /usr/local/rvm/gems/ruby-2.5.1/gems/license_finder-5.6.2/lib/license_finder/core.rb:62:in `prepare_projects'
from /usr/local/rvm/gems/ruby-2.5.1/gems/license_finder-5.6.2/lib/license_finder/license_aggregator.rb:50:in `block in aggregate_packages'
from /usr/local/rvm/gems/ruby-2.5.1/gems/license_finder-5.6.2/lib/license_finder/license_aggregator.rb:49:in `each'
from /usr/local/rvm/gems/ruby-2.5.1/gems/license_finder-5.6.2/lib/license_finder/license_aggregator.rb:49:in `flat_map'
from /usr/local/rvm/gems/ruby-2.5.1/gems/license_finder-5.6.2/lib/license_finder/license_aggregator.rb:49:in `aggregate_packages'
from /usr/local/rvm/gems/ruby-2.5.1/gems/license_finder-5.6.2/lib/license_finder/license_aggregator.rb:11:in `dependencies'
from /usr/local/rvm/gems/ruby-2.5.1/gems/license_finder-5.6.2/lib/license_finder/cli/main.rb:138:in `report'
from /usr/local/rvm/gems/ruby-2.5.1/gems/thor-0.20.3/lib/thor/command.rb:27:in `run'
from /usr/local/rvm/gems/ruby-2.5.1/gems/thor-0.20.3/lib/thor/invocation.rb:126:in `invoke_command'
from /usr/local/rvm/gems/ruby-2.5.1/gems/thor-0.20.3/lib/thor.rb:387:in `dispatch'
from /usr/local/rvm/gems/ruby-2.5.1/gems/thor-0.20.3/lib/thor/base.rb:466:in `start'
from /usr/local/rvm/gems/ruby-2.5.1/gems/license_finder-5.6.2/bin/license_finder:6:in `<top (required)>'
from /usr/local/rvm/gems/ruby-2.5.1/bin/license_finder:23:in `load'
from /usr/local/rvm/gems/ruby-2.5.1/bin/license_finder:23:in `<main>'
pip install: did not succeed.
pip install: Could not find a version that satisfies the requirement yarl==1.2.6 (from -r requirements.txt (line 1)) (from versions: 0.0.1, 0.1.0, 0.1.1, 0.1.2, 0.1.3, 0.1.4, 0.2.0, 0.2.1, 0.3.0, 0.3.1, 0.3.2, 0.4.0, 0.4.1, 0.4.2, 0.4.3, 0.5.0b3, 0.5.0b4, 0.5.0b5, 0.5.0, 0.5.1, 0.5.2, 0.5.3, 0.6.0, 0.7.0, 0.7.1, 0.8.0, 0.8.1, 0.9.0, 0.9.1, 0.9.2, 0.9.3, 0.9.4, 0.9.5, 0.9.6, 0.9.7, 0.9.8, 0.10.0, 0.10.1, 0.10.2, 0.10.3, 0.11.0, 0.12.0, 0.13.0, 0.14.0, 0.14.1, 0.14.2, 0.15.0, 0.16.0, 0.17.0, 0.18.0, 1.0.0, 1.1.0, 1.1.1, 1.2.0)
No matching distribution found for yarl==1.2.6 (from -r requirements.txt (line 1))
You are using pip version 10.0.1, however version 19.0.3 is available.
You should consider upgrading via the 'pip install --upgrade pip' command.
Uploading artifacts...
WARNING: gl-license-management-report.json: no matching files
ERROR: No files to upload
ERROR: Job failed: exit code 1
Output of checks
This bug happens on GitLab.com
Edited by 🤖 GitLab Bot 🤖