chore: use requirements.lock for fast pip installs (Option A + C)

2026-02-03 09:26:17 +01:00 · 2026-02-03 09:26:17 +01:00 · e6c49d311c
commit e6c49d311c
parent 5ddb857c4b
4 changed files with 60 additions and 5 deletions
--- a/.github/workflows/int_gateway-int.yml
+++ b/.github/workflows/int_gateway-int.yml
@ -32,7 +32,11 @@ jobs:
      - name: Install dependencies
        run: |
          python -m pip install --upgrade pip
+          if [ -f requirements.lock ]; then
+            pip install -r requirements.lock --no-cache-dir
+          else
            pip install -r requirements.txt --no-cache-dir
+          fi

      # Optional: Add step to run tests here (PyTest, Django test suites, etc.)

--- a/.github/workflows/main_gateway-prod.yml
+++ b/.github/workflows/main_gateway-prod.yml
@ -32,7 +32,11 @@ jobs:
      - name: Install dependencies
        run: |
          python -m pip install --upgrade pip
+          if [ -f requirements.lock ]; then
+            pip install -r requirements.lock --no-cache-dir
+          else
            pip install -r requirements.txt --no-cache-dir
+          fi

      # Optional: Add step to run tests here (PyTest, Django test suites, etc.)

--- a/.github/workflows/update-requirements-lock.yml
+++ b/.github/workflows/update-requirements-lock.yml
@ -0,0 +1,46 @@
+# Generates requirements.lock from requirements.txt using Python 3.11 (same as build).
+# Run manually (workflow_dispatch) or on changes to requirements.txt.
+# After running, commit the generated requirements.lock so builds use it for fast installs.
+
+name: Update requirements.lock
+
+on:
+  workflow_dispatch:
+  push:
+    branches:
+      - main
+      - int
+    paths:
+      - 'requirements.txt'
+
+jobs:
+  update-lock:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write  # push requirements.lock
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: '3.11'
+
+      - name: Install pip-tools
+        run: python -m pip install --upgrade pip pip-tools
+
+      - name: Generate requirements.lock
+        run: pip-compile requirements.txt -o requirements.lock
+
+      - name: Commit and push requirements.lock
+        run: |
+          git config user.name "github-actions[bot]"
+          git config user.email "github-actions[bot]@users.noreply.github.com"
+          git add requirements.lock
+          if git diff --staged --quiet; then
+            echo "No changes to requirements.lock"
+          else
+            git commit -m "chore: update requirements.lock"
+            git push
+          fi
--- a/7
+++ b/7
@ -20,12 +20,13 @@ RUN apt-get update && apt-get install -y \
    libpq-dev \
    && rm -rf /var/lib/apt/lists/*

-# Copy requirements first for better caching
+# Copy requirements first for better caching (requirements.lock from "Update requirements.lock" workflow)
 COPY requirements.txt .
+COPY requirements.lock .

-# Install Python dependencies
+# Install Python dependencies (lock file avoids slow pip backtracking)
 RUN pip install --no-cache-dir --upgrade pip && \
-    pip install --no-cache-dir -r requirements.txt
+    pip install --no-cache-dir -r requirements.lock

 # Copy application code (includes .env file created by workflow from env_gcp.env)
 COPY . .