[kalia35]

What ? This seems like a bold affirmation. I find it very simple actually :

  apt install python3 virtualenv
  virtualenv env
  . env/bin/activate
  pip install -r requirements.txt

Done. And then with fabric you can automate deployments in a few lines of codes !

[jacquesm]

Right up until it nukes your perfectly working server.

The happy case works, it always does. The problem is in the edge cases and the exceptions. This probably goes for the bulk of all software.

[kalia35]

Well in ten years I have never had a nuked server by pip or virtualenv. I am sure there are edge cases but that must be true for all the ways of deploying stuff. I guess the ones you know well appear simple to you !

[jacquesm]

I've had a production server be hosed by running 'letsencrypt-auto'. My bad I guess but still, that's one that I really did not see coming.

[StavrosK]

I kind of agree with both of you. I don't think Python deployment is that bad, as most modern managers get it right (I prefer Poetry nowadays). However something like letsencrypt-auto, which AFAIK installs its own dependencies, is not something I'd run. I've actually never used it precisely because it's too magical. Programs shouldn't install their own dependencies anywhere outside of a virtualenv.

[kalia35]

Does certbot do the same ? I don’t use either so I can’t tell.

I strongly agree that any python program must install its dependencies in a virtualenv. One could even argue that this principle could be extended to any software !

[jklehm]

Have you heard of our Lord and Savior pipx? Solves the python tool isolation issue nicely.

[StavrosK]

I haven't used it, I use virtualfish which does a great job as well.