This might work perfectly today, but potentially introduces a future dependency problem. A developer might specify package A in the requirements file, which then automatically installs package B as a dependency of A. However, problems can still occur with a requirements.txt file. At first glance, the requirements file appears to meet this challenge, and only requires developers to run pip install -r requirements.txt in the container build process. A requirements.txt file is commonly used to track packages that need to be installed in the container.
The central challenge developers face with dependencies is controlling the versions of packages they need to install. But that simplicity creates several weak points that make it easy for both new and experienced developers to unknowingly introduce problems for themselves. Pip is the nearly universal tool employed by Python programmers to install dependent packages. We will build a simple Python application on the Red Hat OpenShift container platform using those tools.
This article discusses some of the common problems Python developers face when containerizing Python applications, and how Pipenv and Source-to-Image (S2I) can help to resolve those problems. The difficulties increase when you want to run an application in a container, because you need to manage a development environment when creating a different set of libraries and packages for the containerized application. Managing the many libraries and packages used by an application is complex and has some hidden risks.