Use a (mostly) hermetic Python interpreter
It still requires python to be installed on the host to run the wrapper
scripts, but it's close to being fully hermetic.
This also requires/enables the following changes, unfortunately all at
the same time:
* Use a downloaded f2py
* Use a downloaded scipy/numpy/matplotlib
* Fix a few things that don't run with the python version in their #!
* Stop using bazel-generated __init__.py files, because those interfere
with importing matplotlib nicely
Change-Id: Ife280464613d67cece9587b7d947f0b1d5466d7e
diff --git a/debian/matplotlib_init.patch b/debian/matplotlib_init.patch
new file mode 100644
index 0000000..11a3ad8
--- /dev/null
+++ b/debian/matplotlib_init.patch
@@ -0,0 +1,32 @@
+--- a/__init__.py 2018-07-11 15:57:58.086509489 -0700
++++ b/__init__.py 2018-07-11 16:04:15.004795500 -0700
+@@ -102,6 +102,7 @@
+ from __future__ import (absolute_import, division, print_function,
+ unicode_literals)
+
++import os
+ import six
+ import sys
+ import distutils.version
+@@ -110,6 +111,21 @@
+ __version__ = str('1.4.2')
+ __version__numpy__ = str('1.6') # minimum required numpy version
+
++matplotlib_base = os.path.dirname(os.path.dirname(__file__))
++
++# Hack to point matplotlib at its data.
++os.environ['MATPLOTLIBDATA'] = \
++ os.path.join( \
++ matplotlib_base,
++ "usr", "share", "matplotlib", "mpl-data")
++# Avoid reading /etc/matplotlib in all cases. Matplotlib is pretty happy to
++# escape the sandbox by using absolute paths.
++os.environ['MATPLOTLIBRC'] = os.environ['MATPLOTLIBDATA']
++# There's a bug where the temp directory gets set if MATPLOTLIBRC isn't set.
++# That causes the directory to not be created in time. We set the variable
++# manually here to work around the bug.
++os.environ['MPLCONFIGDIR'] = '/tmp/matplotlib-nobody'
++
+ try:
+ import dateutil
+ except ImportError: