-
Notifications
You must be signed in to change notification settings - Fork 1.5k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[work in progress] build manylinux2014_aarch64 wheels
Testing at this stage
- Loading branch information
Showing
7 changed files
with
182 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
File renamed without changes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
- hosts: all | ||
tasks: | ||
|
||
- name: Build wheel | ||
include_role: | ||
name: build-wheel-manylinux |
4 changes: 4 additions & 0 deletions
4
.zuul.playbooks/playbooks/wheel/roles/build-wheel-manylinux/README.rst
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
Build manylinux wheel for a project | ||
=================================== | ||
|
||
Blah |
48 changes: 48 additions & 0 deletions
48
.zuul.playbooks/playbooks/wheel/roles/build-wheel-manylinux/files/build-wheels.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,48 @@ | ||
#!/bin/bash -ex | ||
# Compile wheels | ||
|
||
cd /io | ||
mkdir wheelhouse.final | ||
|
||
PYBINS="/opt/python/cp35-cp35m/bin" | ||
|
||
for PYBIN in $PYBINS; do | ||
|
||
"${PYBIN}"/python -m virtualenv .venv | ||
|
||
.venv/bin/pip install cffi six ipaddress "enum34; python_version < '3'" | ||
|
||
REGEX="cp3([0-9])*" | ||
if [[ "${PYBIN}" =~ $REGEX ]]; then | ||
PY_LIMITED_API="--py-limited-api=cp3${BASH_REMATCH[1]}" | ||
fi | ||
|
||
LDFLAGS="-L/opt/pyca/cryptography/openssl/lib" \ | ||
CFLAGS="-I/opt/pyca/cryptography/openssl/include -Wl,--exclude-libs,ALL" \ | ||
.venv/bin/python setup.py bdist_wheel $PY_LIMITED_API | ||
|
||
auditwheel repair --plat manylinux2014_aarch64 dist/cryptography*.whl -w wheelhouse/ | ||
|
||
# Sanity checks | ||
|
||
# no execstack (comes from prelink, which was never supported) on aarch64 | ||
|
||
#unzip wheelhouse/*.whl -d execstack.check | ||
# | ||
#results=$(execstack execstack.check/cryptography/hazmat/bindings/*.so) | ||
#count=$(echo "$results" | grep -c '^X' || true) | ||
#if [ "$count" -ne 0 ]; then | ||
# exit 1 | ||
#else | ||
# exit 0 | ||
#fi | ||
|
||
.venv/bin/pip install cyrptography --no-index -f wheelhouse/ | ||
|
||
.venv/bin/python -c "from cryptography.hazmat.backends.openssl.backend import backend;print('Loaded: ' + backend.openssl_version_text());print('Linked Against: ' + backend._ffi.string(backend._lib.OPENSSL_VERSION_TEXT).decode('ascii'))" | ||
|
||
mv wheelhouse/* wheelhouse.final | ||
|
||
rm -rf .venv execstack.check dist wheelhouse | ||
|
||
done |
117 changes: 117 additions & 0 deletions
117
.zuul.playbooks/playbooks/wheel/roles/build-wheel-manylinux/tasks/main.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,117 @@ | ||
- name: Install jq | ||
package: | ||
name: jq | ||
state: present | ||
become: yes | ||
|
||
- name: Run ensure-docker | ||
include_role: | ||
name: ensure-docker | ||
|
||
- name: HACK for linaro MTU | ||
shell: | | ||
jq --arg mtu 1400 '. + {mtu: $mtu|tonumber}' /etc/docker/daemon.json > /etc/docker/daemon.json.new | ||
cat /etc/docker/daemon.json.new | ||
mv /etc/docker/daemon.json.new /etc/docker/daemon.json | ||
service docker restart | ||
become: yes | ||
|
||
- name: Pull manylinux container | ||
command: >- | ||
docker pull iwienand/pyca-cryptography-manylinux2014_aarch64 | ||
become: yes | ||
|
||
- name: Ensure pip installed | ||
include_role: | ||
name: ensure-pip | ||
|
||
# TODO(ianw) : move this into a common role | ||
- name: Install required packages | ||
package: | ||
name: | ||
- build-essential | ||
- libssl-dev | ||
- libffi-dev | ||
- python3-dev | ||
become: yes | ||
when: ansible_distribution in ['Debian', 'Ubuntu'] | ||
|
||
# Build from sdist to avoid PEP517 issues | ||
- name: Create sdist | ||
command: | | ||
python3 setup.py sdist | ||
args: | ||
chdir: '{{ ansible_user_dir }}/{{ zuul.project.src_dir }}' | ||
|
||
- name: Find output file | ||
find: | ||
paths: '{{ ansible_user_dir }}/{{ zuul.project.src_dir }}/dist' | ||
file_type: file | ||
patterns: "*.tar.gz" | ||
register: _sdist | ||
|
||
- assert: | ||
that: | ||
- _sdist.matched == 1 | ||
|
||
- name: Create a build directory for sdist extract | ||
file: | ||
path: '{{ ansible_user_dir }}/build' | ||
state: directory | ||
|
||
- name: Create build repo from sdist | ||
unarchive: | ||
src: '{{ _sdist.files[0].path }}' | ||
dest: '{{ ansible_user_dir }}/build' | ||
remote_src: yes | ||
|
||
- name: Find cryptography from sdist build dir | ||
set_fact: | ||
_build_dir: "{{ ansible_user_dir }}/build/{{ _sdist.files[0].path | basename | replace('.tar.gz', '') }}" | ||
|
||
- name: Show _build_dir | ||
debug: | ||
var: _build_dir | ||
|
||
- name: Install build script | ||
copy: | ||
src: build-wheels.sh | ||
dest: '{{ _build_dir }}' | ||
mode: 0755 | ||
|
||
- name: Run build | ||
command: >- | ||
docker run --rm -e PLAT=manylinux2014_aarch64 -v {{ _build_dir }}:/io iwienand/pyca-cryptography-manylinux2014_aarch64 /io/build-wheels.sh | ||
become: yes | ||
|
||
- name: Copy sdist | ||
synchronize: | ||
src: '{{ _sdist.files[0].path }}' | ||
dest: '{{ zuul.executor.log_root }}' | ||
mode: pull | ||
|
||
- name: Return wheelhouse artifact | ||
zuul_return: | ||
data: | ||
zuul: | ||
artifacts: | ||
- name: '{{ _sdist.files[0].path | basename }}' | ||
url: 'sdist/{{ _sdist.files[0].path }}' | ||
metadata: | ||
type: sdist | ||
|
||
- name: Copy wheels | ||
synchronize: | ||
src: '{{ _build_dir }}/wheelhouse.final/' | ||
dest: '{{ zuul.executor.log_root }}/wheelhouse' | ||
mode: pull | ||
|
||
- name: Return wheelhouse artifact | ||
zuul_return: | ||
data: | ||
zuul: | ||
artifacts: | ||
- name: "Wheelhouse" | ||
url: "wheelhouse" | ||
metadata: | ||
type: wheelhouse |