Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Fresh deploy on Heroku fails with "use --allow-unverified PIL to allow"

Tags:

python

pip

django

heroku

Tried deploying a Django project to a fresh app on Heroku (The code is running on other instances for past two years) - and was hit with this:

   Downloading/unpacking PIL==1.1.7 (from -r requirements.txt (line 7))

   Could not find any downloads that satisfy the requirement PIL==1.1.7 (from -r requirements.txt (line 7))

   Some insecure and unverifiable files were ignored (use --allow-unverified PIL to allow).
   Cleaning up...

   No distributions at all found for PIL==1.1.7 (from -r requirements.txt (line 7))
   Storing debug log for failure in /app/.pip/pip.log

   !     Push rejected, failed to compile Python app

I'm aware of the recent changes in pip and would like to use packages that are secure, but until all are available properly packaged as per pip's expectations, we need some workarounds. Especially the lack of --allow-all-unverified flag makes this a trial-and-error mucking about with a blackbox exercise instead of a painless deployment.

Is there a sane way to get past this roadblock? (Not just PIL, but that's the first package that failed, there are several others like pyPdf that will fail if I manage to fix just this)

Any pointers appreciated!

like image 662
Hiway Avatar asked Feb 22 '14 18:02

Hiway

1 Answers

I asked the maintainer of pip, and he replied with a simple solution. I am detailing how to go about it as a response to my own question. Here is what you need to do for now - until the packages are hosted internally and verified.

On local machine, create a new virtual environment and add one line on top of the requirements.txt file:

--allow-all-external

Save it and run:

pip install -r requirements.txt --download="~/temp/packages"

What this will do is simply take every package name from requirements.txt and download the package into ~/temp/packages directory and verify it.

For every package that fails verification, add another line to requirements.txt, just below first line allowing all external packages, that goes like this:

--allow-unverified package-name

You might want to ping the maintainer to fix this ;)

Continue till pip completes successfully, then commit the updated requirements.txt to vcs and deploy.

That should be all.

like image 157
Hiway Avatar answered Oct 19 '22 18:10

Hiway
Sign in to Comment

Related questions

Turn flat list into two-tuples [duplicate]
how to get User id from auth_user table in django?
python collections.defaultdict with list of length two
wxpython icon for task bar
How to fetch the key/value pair of a dictionary only containing one item?
Python linspace limits from two arrays
Why is the python destructor being called?
Why does Python operator.itemgetter work given a comma separated list of numbers as indices, but not when the same list is packaged in a variable?
flask sqlalchemy unknown database error
Get a value between min and max values in Python
Python Docs Wrong About Regular Expression "\b"?
Building a list inside a list in python
Inserting into a html file using python
Sort an array of tuples by product in python
Python: Strip Everything but Numbers
Tracing recursive function in paper
itertools.product eliminating repeated elements
How to export data in python with excel format?
Creating a list using a loop, filling it with float()
Show only first and last line from traceback

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!