it's guaranteed to match WHEN you do the export of course.

environment.yaml is now out of date.
does pip or virtualenv really do that? It sure didn't before I gave up on
virtualenv :-)

Assuming the install/upgrade/remove tooling what maintaining it, why not? I
I can see the logic, but I still think it's at the wrong point in your
workflow. Saying "this is the official deployment environment" should be a
pretty deliberate step. If it's updating itself constantly as I update the
environment, I"m not sure I see a point in having it at all.

Imagine multiple developers -- each manipulating their environments on the
fly differently - seems ripe for confusion and error.

and if multiple developers then you have a two-way street:

developer A makes changes to their environment -- the environment.yaml file
updates itself.

developer B makes different changes to their environment -- the
environment.yaml
file updates itself.

The both merge into master

now we have devA's environment, devB's environment, and a third merged
version (which could be broken with merge conflicts...)

devs A and B do a pull.

now the environment file is out of date with the developer's environment....

Does the environment somehow magically update itself??? or does it save its
current state back into the environment file, thereby downgrading the
environment again?

Anyway, I'm not saying an automated workflow for this couldn't be devised,
but I'm suggesting that conda probably isn't the place for that automation.

I'm likely going to resurrect picky-conda [2],


hmm, that could be handy, yes.
I'm not sure I've arrived at the "best" way to do it, but I currently use
an conda_requirements.txt for development, that specifies only the
top-level packages and not all pinned down (i.e. >=) and then a separate
environment.yaml file to fully lock it down for the production environment.

This means that each developer on the project may not be using the exact
same packages, but we can push a fully tested environment for deployment.

And having the developers have a bit more flexibility helps us keep
dependencies up to date and catch the bugs that that introduces.

but it is kinda ugly to keep all that in sync.

now that i think about, the practical issues we've had are when ne
developer updated a dep (or adds one), and even if they updated the
requirements files), other deps are pulling from the main repo and running
with their existing environment.

Hmm -- we have actually put in some kludgy run time check code for versions
of our in-house-under development deps.

Maybe we should do the same for all deps, pulling from a single
requirements file.

"picky lock" would take options in an environment.yaml section (assuming
"picky check" would be the same as lock but would just whine if the
I'm still confused about what a "lock" is in this context, but I think
you're going in the right direction.
I've always wanted to do some kind of run-time checking -- run your test
code, and see what's in sys.modules -- those are your deps. Mapping that to
pip or conda packages is a different story, however...

-CHB
--
Christopher Barker, Ph.D.
Oceanographer

Emergency Response Division
NOAA/NOS/OR&R (206) 526-6959 voice
7600 Sand Point Way NE (206) 526-6329 fax
Seattle, WA 98115 (206) 526-6317 main reception

***@noaa.gov