Param requires_python is optional for pypi

Steve Abramsrequested to merge
322434-requires-python-optional into master

What does this MR do and why?

When working with PyPI packages, you can specify the required python version in your setup.py file. It will submit this value in the POST request to publish the PyPI package.

This value is optional as stated in https://packaging.python.org/en/latest/specifications/core-metadata: All other fields are optional.

This MR makes the requires_python param in the upload endpoint optional.

Database

During the review, it was noted there is no default value for required_python, which has a NOT NULL constraint. This MR adds a default.

 be rails db:migrate:redo
== 20220304152729 AddDefaultToRequiredPythonOnPackagesPypiMetadata: reverting =
-- change_column_default(:packages_pypi_metadata, :required_python, nil)
   -> 0.0057s
== 20220304152729 AddDefaultToRequiredPythonOnPackagesPypiMetadata: reverted (0.0058s)

== 20220304152729 AddDefaultToRequiredPythonOnPackagesPypiMetadata: migrating =
-- change_column_default(:packages_pypi_metadata, :required_python, "")
   -> 0.0094s
== 20220304152729 AddDefaultToRequiredPythonOnPackagesPypiMetadata: migrated (0.0098s)

Screenshots or screen recordings

See below

How to set up and validate locally

  1. Follow the Build a PyPI Package docs to build and create a package.
  2. On step (3.) of Create a Package, do not include python_requires='>=3.6', in the setup.py file.
  3. Using a local project and personal access token, push the package. It should result in a successful upload: 
    TWINE_PASSWORD=<personal_access_token> TWINE_USERNAME=<gitlab_username> python -m twine upload --repository-url http://gdk.test:3001/api/v4/projects/<project_id>/packages/pypi dist/*
Uploading distributions to http://gdk.test:3001/api/v4/projects/30/packages/pypi
Uploading my.pypi.package-0.0.1-py3-none-any.whl
100%|████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████| 4.53k/4.53k [00:02<00:00, 1.90kB/s]
Uploading my.pypi.package-0.0.1.tar.gz
100%|████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████| 4.02k/4.02k [00:01<00:00, 2.37kB/s]
  4. (optional) navigate to the project, then go to Packages & Registries to view the uploaded package. The Required Python value in Additional Metadata should be blank.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Related to #322434 (closed)

Edited by Steve Abrams

Merge request reports