Skip to content

fix: allow requirements/updater.sh to run outside the AWX container#16362

Open
TheRealHaoLiu wants to merge 1 commit intoansible:develfrom
TheRealHaoLiu:fix/updater-sh-outside-container
Open

fix: allow requirements/updater.sh to run outside the AWX container#16362
TheRealHaoLiu wants to merge 1 commit intoansible:develfrom
TheRealHaoLiu:fix/updater-sh-outside-container

Conversation

@TheRealHaoLiu
Copy link
Member

@TheRealHaoLiu TheRealHaoLiu commented Mar 19, 2026
edited by coderabbitai bot
Loading

Summary

  • Prefer /usr/bin/python3.12 when available (as in the container), fall back to python3.12 from PATH otherwise
  • Use python3 instead of python for tempfile creation
  • Detect pip-compile from pyenv or PATH and reuse it (preserving flags like --upgrade) to avoid a network download of pip-tools when already available; falls back to installing pip-tools into the venv if not found
  • Remove the /awx_devel guard that blocked execution outside the container

Test plan

  • Tested bash updater.sh run outside the container — resolves pip-compile from host pyenv, generates correct requirements.txt with paths normalized to /awx_devel/requirements/
  • Tested bash updater.sh run inside the AWX docker-compose container — uses /usr/bin/python3.12, installs pip-tools from PyPI, generates correct output

🤖 Generated with Claude Code

Note

Medium Risk
Changes the dependency pinning workflow by altering interpreter/tool selection (python3.12/pip-compile), which could produce different requirements.txt output depending on the host environment. Impact is limited to build/dependency maintenance tooling, not runtime application code.

Overview
Makes requirements/updater.sh runnable outside the AWX container by switching to bash, removing the /awx_devel execution guard, and using python3 for temp-dir creation.

Updates the venv/tooling setup to prefer /usr/bin/python3.12 when available (fallback to python3.12 on PATH), pin only pip==25.3 in the venv, and reuse an existing pip-compile from pyenv/PATH (preserving flags like --upgrade) before falling back to installing pip-tools.

Written by Cursor Bugbot for commit 9c101bf. This will update automatically on new commits. Configure here.

Summary by CodeRabbit

  • Chores
    • Switched the updater script to run under bash and made virtual environment creation more flexible to select the appropriate Python 3.12 interpreter.
    • Improved dependency compilation to prefer an external pip-compile tool with sensible fallbacks, reducing in-venv installs.
    • Use python3 for temporary directory handling and removed the enforced container-specific execution guard.

@github-actions github-actions bot added the dependencies Pull requests that update a dependency file label Mar 19, 2026
@coderabbitai
Copy link

coderabbitai bot commented Mar 19, 2026
edited
Loading

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: dcb26682-8f72-4fcd-8a4b-ed2c0d366cd7

📥 Commits

Reviewing files that changed from the base of the PR and between 05ba4ac and 9c101bf.

📒 Files selected for processing (1)
  • requirements/updater.sh
🚧 Files skipped from review as they are similar to previous changes (1)
  • requirements/updater.sh
📝 Walkthrough

Walkthrough

Shebang changed to bash; venv creation selects /usr/bin/python3.12 or falls back to python3.12; pip-compile discovery added (pyenv/command -v) with pip-tools fallback; tempfile creation uses python3; removed /awx_devel container existence guard.

Changes

Cohort / File(s) Summary
Updater script
requirements/updater.sh		 Switched shebang from sh to bash. Venv creation now prefers /usr/bin/python3.12 then python3.12. Removed initial pip-tools installation; added external pip-compile discovery (search under PYENV_ROOT/~/.pyenv for */3.12*, pyenv which pip-compile, then command -v pip-compile) and, if found, rewrites pip_compile to use it (appending original suffix); otherwise installs pip-tools into the venv. Tempfile creation now uses python3. Removed /awx_devel directory existence guard that previously exited early.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%. Write docstrings for the functions missing them to satisfy the coverage threshold.
✅ Passed checks (2 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title clearly and concisely describes the main change: enabling the updater script to run outside the AWX container.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
📝 Coding Plan
  • Generate coding plan for human review comments

Comment @coderabbitai help to get the list of available commands and usage tips.

cursor[bot]
cursor bot reviewed Mar 19, 2026
View reviewed changes
coderabbitai[bot]
coderabbitai bot reviewed Mar 19, 2026
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🧹 Nitpick comments (1)
requirements/updater.sh (1)

1-2: Consider changing shebang to #!/bin/bash for portability.

The script uses bash-specific features ([[ ]], source, parameter expansion patterns) but declares #!/bin/sh. Since this PR enables running outside the container, the script may encounter systems where /bin/sh is dash or another POSIX shell, causing failures.

Proposed fix 
-#!/bin/sh
+#!/bin/bash
 set -ue

Also applies to: 36-36

🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@requirements/updater.sh` around lines 1 - 2, Change the script shebang from a
POSIX shell to bash because the script uses bash-only constructs (e.g., the
shebang line, test expressions like [[ ]], use of source, and bash parameter
expansion patterns); update the top line to use bash and scan the script
(notably the conditional/test usages and any lines around the parameter
expansions such as around the existing [[ ... ]] and source calls) to ensure
they rely on bash semantics so the script runs correctly on systems where
/bin/sh is not bash.
🤖 Prompt for all review comments with AI agents 
Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In `@requirements/updater.sh`:
- Around line 1-2: Change the script shebang from a POSIX shell to bash because
the script uses bash-only constructs (e.g., the shebang line, test expressions
like [[ ]], use of source, and bash parameter expansion patterns); update the
top line to use bash and scan the script (notably the conditional/test usages
and any lines around the parameter expansions such as around the existing [[ ...
]] and source calls) to ensure they rely on bash semantics so the script runs
correctly on systems where /bin/sh is not bash.
ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 0bc0289d-b86a-4ca4-bf20-1bca4bfc5b2e

📥 Commits

Reviewing files that changed from the base of the PR and between ff68d61 and 879947f.

📒 Files selected for processing (1)
  • requirements/updater.sh

@TheRealHaoLiu TheRealHaoLiu force-pushed the fix/updater-sh-outside-container branch from 879947f to 05ba4ac Compare March 19, 2026 18:44
cursor[bot]
cursor bot reviewed Mar 19, 2026
View reviewed changes
Copy link

@cursor cursor bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cursor Bugbot has reviewed your changes and found 1 potential issue.

Fix All in Cursor

@TheRealHaoLiu @claude
fix: allow requirements/updater.sh to run outside the AWX container
9c101bf 
- Change shebang to #!/bin/bash since the script uses bash-specific
  features ([[ ]], source, parameter expansion patterns)
- Prefer /usr/bin/python3.12 when available (as in the container), fall
  back to python3.12 from PATH otherwise
- Use python3 instead of python for tempfile creation
- Detect pip-compile from pyenv or PATH and reuse it (with existing flags
  preserved) to avoid a network download of pip-tools when already available;
  falls back to installing pip-tools into the venv if not found
- Search pyenv 3.12 envs first (most specific), then pyenv active version,
  then PATH to ensure a Python 3.12 pip-compile is preferred
- Fix pip-compile detection to use explicit non-empty checks instead of
  a find|head -1 pipeline (which always exits 0, making later fallbacks
  unreachable)
- Remove the /awx_devel guard that blocked execution outside the container

Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
@TheRealHaoLiu TheRealHaoLiu force-pushed the fix/updater-sh-outside-container branch from 05ba4ac to 9c101bf Compare March 20, 2026 13:48
@sonarqubecloud
Copy link

sonarqubecloud bot commented Mar 20, 2026

Quality Gate Passed Quality Gate passed

Issues
3 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

@cursor cursor[bot] cursor[bot] left review comments

@chrismeyersfsu chrismeyersfsu chrismeyersfsu approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@TheRealHaoLiu @chrismeyersfsu