-
-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bootstrap script unable to locate releases following 20.10.0 release #557
Comments
The same, breaks Vagrant/Puppet installation:
|
I just hit the same "File is not a zip file" error by simply downloading ez_setup.py from the official recommended source and running it |
Seems that the problem is: https://bitbucket.org/pypa/pypi/issues/438/backwards-compatible-un-hashed-package and ez_setup has the old pypi URL format hard-coded.... |
@jaraco Do you have any idea if it's possible to add a test case in setuptools for this situation? |
@cyrilgdn Indeed, the xml invalid response from the url comes as a 313 bytes zip file. Try https://pypi.python.org/packages/source/s/setuptools/setuptools-20.10.1.zip and you get <Error>
<Code>NoSuchKey</Code>
<Message>The specified key does not exist.</Message>
<Key>source/s/setuptools/setuptools-20.10.1.zip</Key>
<RequestId>DAC65125FC40ADDB</RequestId>
<HostId>NqleAbKasjoaBoOZhowtOhluWuTzEgiZZ0HIbREPxqq9wxn6VbbdT0P5r+okwXAk4lzIq597yFA=</HostId>
</Error> https://pypi.python.org/packages/source/s/setuptools/setuptools-20.9.0.zip works. @dstufft if possible, any news for https://bitbucket.org/pypa/pypi/issues/438/backwards-compatible-un-hashed-package#comment-27245473? @jaraco would it be the case to add a |
There's a pull request if someone would review it please. |
+1 |
Can we safely use pypi.io (see the full pull request from @jimfulton #559) in the state it's now, in pre-production? As of now, we have these statistics for setuptools:
Is pypi.io able to handle the load? I'm not into PYPI 2.0 project so I don't have clues about that. IMHO, I would like to have the fix done for pypi.io in https://bitbucket.org/pypa/pypi/issues/438/backwards-compatible-un-hashed-package#comment-27243225 in pypi.python.org as well, but don't know if it's possible. @dstufft is it possible/feasible? Is this workaround temporary? If so, for how long? |
Folks, my PR fixes this. It used pypi.io and it adds the --location option to curl. |
Can you post the full output of |
I will try to merge the PR and update the bootstrap bookmark. |
@AltxSF Sorry, can you do that one more time with a |
@AltxSF Try it now and see if it works. |
Ok good, misconfiguration in the CDN. Sorry about that! |
@dstufft I might be missing something. What exactly do I need to bypass the error. I ran |
@ewang320 try |
Sorry, I'm still getting the same error.
|
Is that the full traceback? Do you have curl or wget installed? |
Sorry. Full output is here:
Also, I have used the suggested curl to get v.20.9 so I'm moving on in the meanwhile, but will try and get 20.10 asap. Thanks |
@FrancescoRizzi, I think the issue might be that you have a bad download locally. If ez_setup.py finds a local copy, it doesn't attempt to download it again. If you remove the local (probably small) zip file and re-run the script, I expect it will work. I've tested the latest bootstrap script on OS X and Ubuntu (with and without curl) and the download executes normally as expected. |
In #562, I also confirmed the fix works for Windows. |
@jaraco When we use bootstrap-buildout.py, and there's a bad download locally, it doesn't matter because setuptools is always downloaded: if you want to use a local copy, you need to explicitly call
Shouldn't we have the same behavior in ez_setup.py? Always download but give the option to use a local copy, if needed? We're asking this because this "bad download" error is really confusing for beginners, since this is the official primary method of installation. Anyways, thanks for the fast fix. |
@idgserpro: I agree. Would you ticket it and consider making a PR? |
@jaraco thanks for the info. Where would ez_setup find a bad local copy "locally"? I tried to create a new virtualenv, and it seems to install setuptools-18.2.dist-info right away (at least lssitepackages shows that). |
@FrancescoRizzi Alongside ez_setup.py itself. And in this line, if there's already a local file, it doesn't download it again. We tested with vanilla |
My suspicion is that @FrancescoRizzi 's ez_setup is deciding not to use wget or curl and is falling back to the "insecure" code and that that code isn't handling the redirect properly. I'm going to play with this later when I have some time. It might though be helpful for @FrancescoRizzi to add a pdb.sey_trace() to ez_setup.py to walk through what it's actually doing. |
@jaraco I didn't follow setuptools bitbucket-github migration, but this issue was created 5 days ago in bitbucket https://bitbucket.org/pypa/pypi/issues/438/backwards-compatible-un-hashed-package. Are you planning to keep both repositories? Since you migrated the issues to github as well, wouldn't it be the case to at least close bitbucket issues? Just my 0.02c. |
@idgserpro: That issue was created against the PyPI project, not Setuptools. A distinction which I missed initially as well. Setuptools issues are marked private, so aren't visible except to developers. |
Hi.. I gave it another twirl this morning. Sadly I'm still getting the Bad Zip Error. I tried it in 3 separate virtualenvs:
In all 3 cases I grabbed ez_setup.py this morning, and ran python with it. The stack trace from test3 (below) seems to indicate download_setuptools elected to actually download a new copy of setuptools (20.10.1)
In fact, at the end of this run, there is a (newly created/downloaded) setuptools-20.10.1.zip next to ez_setup.py, sized at 313 bytes. I opened it via double-click (on Mac) to peek, and found just a setuptools-20.10.1.zip.cpgz inside. Am willing to add print statements (or pdb) to ez_setup and rerun, if we're looking for anything in particular. |
@FrancescoRizzi maybe your network is making cache: |
@idgserpro you got it! So... a hard reload/refresh of the ez_setup source got me a new copy (which i recognized as such thanks to the added If I may suggest, I'd add a version number at the top of ez_setup (it may not change often, but when it does it may help in recognizing a specific version of the file). Thanks though! Now off to hunt every copy of the old ez_setup I have locally :D |
Good idea. @jaraco buildout does this with bootstrap.py. |
Why not just use the date of the file, rather than add additional steps to the change process (and potential for mismatch)? |
What do you mean by "date of the file"? |
Is ez_setup.py synced every 15 minutes to https://bootstrap.pypa.io/ez_setup.py like @dstufft suggested in buildout/buildout#86 (comment)? |
$ curl -s -I https://bootstrap.pypa.io/ez_setup.py | grep Last-Modified Annoyingly, Github doesn't seem to provide a Last-Modified date, but does provide an ETag header: $ curl -s -I https://raw.githubusercontent.com/pypa/setuptools/bootstrap/ez_setup.py | grep ETag
Yes. |
How to test:
Download
https://bootstrap.pypa.io/bootstrap-buildout.py
At the time of this ticket,
__version__
of this file is 2015-07-01.Run
python bootstrap-buildout.py
You get
You get the same error with 20.10.0.
python bootstrap-buildout.py --setuptools-version=20.10.0
20.9.0 works fine, so this bug was introduced in 20.10.x.
python bootstrap-buildout.py --setuptools-version=20.9.0
The text was updated successfully, but these errors were encountered: