From 23648a4236acd5e7e18e82bee71f43146e09c857 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Wed, 22 Apr 2020 14:52:20 -0500 Subject: use our infra built openssl on the macos side now too (#5217) * use our infra built openssl on the macos side now too * remove no longer required brew updates * need requests * need this env var * update the wheel-builders too --- .github/workflows/ci.yml | 18 +++++++++++------- .github/workflows/download_openssl.py | 27 +++++++++++++++++---------- .github/workflows/wheel-builder.yml | 15 +++++++++------ 3 files changed, 37 insertions(+), 23 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 14418789..d49ee719 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -27,16 +27,20 @@ jobs: with: python-version: ${{ matrix.PYTHON.VERSION }} - - run: brew update - - run: brew install openssl@1.1 - - run: python -m pip install tox coverage + - run: python -m pip install tox requests coverage - run: git clone https://github.com/google/wycheproof - - run: | + - name: Download OpenSSL + run: | + python .github/workflows/download_openssl.py macos openssl-macos + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + - name: Tests + run: | CRYPTOGRAPHY_SUPPRESS_LINK_FLAGS=1 \ - LDFLAGS="/usr/local/opt/openssl\\@1.1/lib/libcrypto.a /usr/local/opt/openssl\\@1.1/lib/libssl.a" \ - CFLAGS="-I/usr/local/opt/openssl\\@1.1/include -Werror -Wno-error=deprecated-declarations -Wno-error=incompatible-pointer-types-discards-qualifiers -Wno-error=unused-function -Wno-error=unused-command-line-argument -mmacosx-version-min=10.9" \ + LDFLAGS="${HOME}/openssl-macos/lib/libcrypto.a ${HOME}/openssl-macos/lib/libssl.a" \ + CFLAGS="-I${HOME}/openssl-macos/include -Werror -Wno-error=deprecated-declarations -Wno-error=incompatible-pointer-types-discards-qualifiers -Wno-error=unused-function -Wno-error=unused-command-line-argument -mmacosx-version-min=10.9 -march=core2" \ tox -r -- --color=yes --wycheproof-root=wycheproof env: TOXENV: ${{ matrix.PYTHON.TOXENV }} @@ -78,7 +82,7 @@ jobs: - run: python -m pip install tox requests coverage - name: Download OpenSSL run: | - python .github/workflows/download_openssl.py openssl-${{ matrix.WINDOWS.WINDOWS }}-${{ matrix.PYTHON.MSVC_VERSION }} + python .github/workflows/download_openssl.py windows openssl-${{ matrix.WINDOWS.WINDOWS }}-${{ matrix.PYTHON.MSVC_VERSION }} echo "::set-env name=INCLUDE::C:/openssl-${{ matrix.WINDOWS.WINDOWS }}-${{ matrix.PYTHON.MSVC_VERSION }}/include;%INCLUDE%" echo "::set-env name=LIB::C:/openssl-${{ matrix.WINDOWS.WINDOWS }}-${{ matrix.PYTHON.MSVC_VERSION }}/lib;%LIB%" env: diff --git a/.github/workflows/download_openssl.py b/.github/workflows/download_openssl.py index f665e7f0..78e5135c 100644 --- a/.github/workflows/download_openssl.py +++ b/.github/workflows/download_openssl.py @@ -6,12 +6,6 @@ import zipfile import requests -RUNS_URL = ( - "https://api.github.com/repos/pyca/infra/actions/workflows/" - "build-openssl.yml/runs?branch=master&status=success" -) - - def get_response(url, token): response = requests.get(url, headers={"Authorization": "token " + token}) if response.status_code != 200: @@ -21,11 +15,24 @@ def get_response(url, token): return response -def main(target): +def main(platform, target): + if platform == "windows": + workflow = "build-openssl.yml" + path = "C:/" + elif platform == "macos": + workflow = "build-macos-openssl.yml" + path = os.environ["HOME"] + else: + raise ValueError("Invalid platform") + token = os.environ["GITHUB_TOKEN"] print("Looking for: {}".format(target)) + runs_url = ( + "https://api.github.com/repos/pyca/infra/actions/workflows/" + "{}/runs?branch=master&status=success".format(workflow) + ) - response = get_response(RUNS_URL, token).json() + response = get_response(runs_url, token).json() artifacts_url = response["workflow_runs"][0]["artifacts_url"] response = get_response(artifacts_url, token).json() for artifact in response["artifacts"]: @@ -35,10 +42,10 @@ def main(target): artifact["archive_download_url"], token ) zipfile.ZipFile(io.BytesIO(response.content)).extractall( - "C:/{}".format(artifact["name"]) + os.path.join(path, artifact["name"]) ) return if __name__ == "__main__": - main(sys.argv[1]) + main(sys.argv[1], sys.argv[2]) diff --git a/.github/workflows/wheel-builder.yml b/.github/workflows/wheel-builder.yml index db30f53d..5452d966 100644 --- a/.github/workflows/wheel-builder.yml +++ b/.github/workflows/wheel-builder.yml @@ -72,10 +72,13 @@ jobs: sudo installer -pkg python.pkg -target / env: PYTHON_DOWNLOAD_URL: ${{ matrix.PYTHON.DOWNLOAD_URL }} + - run: ${{ matrix.PYTHON.BIN_PATH }} -m pip install -U virtualenv requests + - name: Download OpenSSL + run: | + ${{ matrix.PYTHON.BIN_PATH }} .github/workflows/download_openssl.py macos openssl-macos + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - run: brew update - - run: brew upgrade openssl@1.1 - - run: ${{ matrix.PYTHON.BIN_PATH }} -m pip install -U virtualenv - run: ${{ matrix.PYTHON.BIN_PATH }} -m virtualenv venv # Downgrade pip, I can't remember why - run: venv/bin/pip install -U pip==10.0.1 @@ -90,8 +93,8 @@ jobs: fi CRYPTOGRAPHY_SUPPRESS_LINK_FLAGS="1" \ - LDFLAGS="/usr/local/opt/openssl@1.1/lib/libcrypto.a /usr/local/opt/openssl@1.1/lib/libssl.a" \ - CFLAGS="-I/usr/local/opt/openssl@1.1/include -mmacosx-version-min=10.9" \ + LDFLAGS="${HOME}/openssl-macos/lib/libcrypto.a ${HOME}/openssl-macos/lib/libssl.a" \ + CFLAGS="-I${HOME}/openssl-macos/include -mmacosx-version-min=10.9 -march=core2" \ venv/bin/pip wheel cryptography==${{ github.event.client_payload.BUILD_VERSION }} --wheel-dir=wheelhouse --no-binary cryptography --no-deps $PY_LIMITED_API env: PYTHON_VERSION: ${{ matrix.PYTHON.ABI_VERSION }} @@ -137,7 +140,7 @@ jobs: - run: pip install requests - name: Download OpenSSL run: | - python .github/workflows/download_openssl.py openssl-${{ matrix.WINDOWS.WINDOWS }}-${{ matrix.PYTHON.MSVC_VERSION }} + python .github/workflows/download_openssl.py windows openssl-${{ matrix.WINDOWS.WINDOWS }}-${{ matrix.PYTHON.MSVC_VERSION }} echo "::set-env name=INCLUDE::C:/openssl-${{ matrix.WINDOWS.WINDOWS }}-${{ matrix.PYTHON.MSVC_VERSION }}/include;%INCLUDE%" echo "::set-env name=LIB::C:/openssl-${{ matrix.WINDOWS.WINDOWS }}-${{ matrix.PYTHON.MSVC_VERSION }}/lib;%LIB%" env: -- cgit v1.2.3