install ordering issue with pip 6.0.8 and setuptools 12.3

[ianw]

We are seeing this in upstream openstack testing.

we use get-pip.py and "pip install -U setuptools" on our centos7 hosts.

One of the projects recently added "cryptography" as a requirement. This requires "six > 1.9" to install, which is correctly specified.

But when it comes time to install, the updated six package isn't installed before cryptography, e.g. replicating by hand

[root@devstack-ps centos]# pip list | grep setuptools
setuptools (12.3)
[root@devstack-ps centos]# pip install "six>=1.9" cryptography
Collecting six>=1.9
  Using cached six-1.9.0-py2.py3-none-any.whl
Collecting cryptography
  Using cached cryptography-0.7.2.tar.gz
Requirement already satisfied (use --upgrade to upgrade): cffi>=0.8 in /usr/lib64/python2.7/site-packages (from cryptography)
Requirement already satisfied (use --upgrade to upgrade): pyasn1 in /usr/lib/python2.7/site-packages (from cryptography)
Requirement already satisfied (use --upgrade to upgrade): setuptools in /usr/lib/python2.7/site-packages (from cryptography)
Requirement already satisfied (use --upgrade to upgrade): enum34 in /usr/lib/python2.7/site-packages (from cryptography)
Requirement already satisfied (use --upgrade to upgrade): pycparser in /usr/lib/python2.7/site-packages (from cffi>=0.8->cryptography)
Installing collected packages: cryptography, six
  Running setup.py install for cryptography
    zip_safe flag not set; analyzing archive contents...
    six: module references __path__
    Installed /tmp/pip-build-jdrcAF/cryptography/.eggs/six-1.9.0-py2.7.egg
    Traceback (most recent call last):
      File "<string>", line 1, in <module>
      File "/tmp/pip-build-jdrcAF/cryptography/setup.py", line 339, in <module>
[blah blah blah]
        @six.add_metaclass(abc.ABCMeta)
    AttributeError: 'module' object has no attribute 'add_metaclass'

note the command line is pip install "six>=1.9" cryptography but pip says Installing collected packages: cryptography, six

so on a whim i swapped around the ordering on the command-line, and it installs correctly

[root@devstack-ps centos]# pip install cryptography "six>=1.9" 
Collecting cryptography
  Using cached cryptography-0.7.2.tar.gz
Collecting six>=1.9
  Using cached six-1.9.0-py2.py3-none-any.whl
Requirement already satisfied (use --upgrade to upgrade): cffi>=0.8 in /usr/lib64/python2.7/site-packages (from cryptography)
Requirement already satisfied (use --upgrade to upgrade): pyasn1 in /usr/lib/python2.7/site-packages (from cryptography)
Requirement already satisfied (use --upgrade to upgrade): setuptools in /usr/lib/python2.7/site-packages (from cryptography)
Requirement already satisfied (use --upgrade to upgrade): enum34 in /usr/lib/python2.7/site-packages (from cryptography)
Requirement already satisfied (use --upgrade to upgrade): pycparser in /usr/lib/python2.7/site-packages (from cffi>=0.8->cryptography)
Installing collected packages: six, cryptography
  Found existing installation: six 1.3.0
    DEPRECATION: Uninstalling a distutils installed project (six) has been deprecated and will be removed in a future version. This is due to the fact that uninstalling a distutils project will only partially uninstall the project.
    Uninstalling six-1.3.0:
      Successfully uninstalled six-1.3.0

  Running setup.py install for cryptography
    building '_Cryptography_cffi_4ee21876x41fb9936' extension
[blah blah]

so i think the ordering is getting switched around somewhere

[ianw]

I should note the requirements file providing the order of packages to install is

http://git.openstack.org/cgit/openstack/keystone/tree/requirements.txt

there is also a review upstream

https://review.openstack.org/161055

[piotr-dobrogost]

Duplicate of #2260

[dstufft]

I think this is fixed now in 6.1.0.