saymrwulf/cryptography
1
0
Fork 0
mirror of https://github.com/saymrwulf/cryptography.git synced 2026-05-14 20:37:55 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Remove the final vestigates of Jenkins (#4897)

Browse source 
* Remove the final vestigates of Jenkins

* flake8
This commit is contained in:
Alex Gaynor 2019-05-26 07:35:49 -04:00 committed by Paul Kehrer
parent 98cd156241
commit 4f7715b6e6
9 changed files with 5 additions and 417 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
.github/ISSUE_TEMPLATE/openssl-release.md vendored
View file

@ -1,9 +1,7 @@
- [ ] Windows
- [ ] Run the `openssl-release-1.1` Jenkins job
- [ ] Copy the resulting artifacts to the Windows builders and unzip them in the root of the file system
- [ ] Run the `windows-openssl` Azure Pipelines job
- [ ] macOS
- [ ] Send a pull request to `homebrew` upgrading the `openssl@1.1` formula
- [ ] Wait for it to be merged
- [ ] Run the `update-brew-openssl` Jenkins job
- [ ] manylinux1
- [ ] Send a pull request to `pyca/infra` updating the [version and hash](https://github.com/pyca/infra/blob/master/cryptography-manylinux1/install_openssl.sh#L5-L6)

86
.jenkins/Jenkinsfile-OpenSSL-1.1
View file

@ -1,86 +0,0 @@
def configs = [
[
label: "windows2012-openssl", arch: "x86", "vsversion": 2010
],
[
label: "windows2012-openssl", arch: "x86_64", "vsversion": 2010
],
[
label: "windows2012-openssl", arch: "x86", "vsversion": 2015
],
[
label: "windows2012-openssl", arch: "x86_64", "vsversion": 2015
],
]
script = """
wmic qfe
powershell "[Net.ServicePointManager]::SecurityProtocol = 'tls12'; wget 'https://www.openssl.org/source/openssl-1.1.1-latest.tar.gz' -OutFile 'openssl-latest.tar.gz'"
REM Next decompress the tarball using winrar. INUL disables error msgs, which are GUI prompts and therefore undesirable
"C:\\Program Files\\WinRAR\\WinRAR.exe" -INUL x openssl-latest.tar.gz
cd openssl-1*
REM The next line determines the name of the current directory. Batch is great.
FOR %%I IN (.) DO @SET CURRENTDIR=%%~nI%%~xI
if "%BUILDARCH%" == "x86" (
@SET BUILDARCHFLAG=x86
@SET OPENSSLARCHFLAG="VC-WIN32"
) else (
@SET BUILDARCHFLAG=amd64
@SET OPENSSLARCHFLAG="VC-WIN64A"
)
if "%BUILDVSVERSION%" == "2010" (
call "C:\\Program Files (x86)\\Microsoft Visual Studio 10.0\\VC\\vcvarsall.bat" %BUILDARCHFLAG%
echo "Building with VS 2010"
) else (
call "C:\\Program Files (x86)\\Microsoft Visual Studio 14.0\\VC\\vcvarsall.bat" %BUILDARCHFLAG%
echo "Building with VS 2015"
)
SET
perl Configure no-comp no-shared %OPENSSLARCHFLAG%
nmake
nmake test
if "%BUILDARCH%" == "x86" (
@SET FINALDIR="openssl-win32-%BUILDVSVERSION%"
) else (
@SET FINALDIR="openssl-win64-%BUILDVSVERSION%"
)
mkdir %FINALDIR%
mkdir %FINALDIR%\\lib
move include %FINALDIR%\\include
move libcrypto.lib %FINALDIR%\\lib\\
move libssl.lib %FINALDIR%\\lib\\
"C:\\Program Files\\WinRAR\\WinRAR.exe" -INUL a %CURRENTDIR%-%BUILDVSVERSION%-%BUILDARCH%.zip %FINALDIR%\\include %FINALDIR%\\lib\\libcrypto.lib %FINALDIR%\\lib\\libssl.lib
"""
def build(label, vsversion, arch) {
node(label) {
try {
timeout(time: 30, unit: 'MINUTES') {
stage("Compile") {
withEnv(["BUILDARCH=$arch", "BUILDVSVERSION=$vsversion"]) {
bat script
}
}
stage("Archive") {
archiveArtifacts artifacts: "**/openssl-*.zip"
}
}
} finally {
deleteDir()
}
}
}
def builders = [:]
for (config in configs) {
def vsversion = config["vsversion"]
def arch = config["arch"]
def label = config["label"]
builders["${vsversion}-${arch}"] = {
build(label, vsversion, arch)
}
}
parallel builders

95
.jenkins/Jenkinsfile-cryptography-wheel-builder
View file

@ -1,95 +0,0 @@
properties([
parameters([
string(defaultValue: '', description: 'The version from PyPI to build', name: 'BUILD_VERSION')
]),
pipelineTriggers([])
])
def configs = [
[
label: 'windows',
versions: ['py27', 'py34', 'py35', 'py36', 'py37'],
],
[
label: 'windows64',
versions: ['py27', 'py34', 'py35', 'py36', 'py37'],
],
]
def build(version, label, imageName) {
try {
timeout(time: 30, unit: 'MINUTES') {
if (label.contains("windows")) {
def pythonPath = [
py27: "C:\\Python27\\python.exe",
py34: "C:\\Python34\\python.exe",
py35: "C:\\Python35\\python.exe",
py36: "C:\\Python36\\python.exe",
py37: "C:\\Python37\\python.exe"
]
if (version == "py35" || version == "py36" || version == "py37") {
opensslPaths = [
"windows": [
"include": "C:\\OpenSSL-Win32-2015\\include",
"lib": "C:\\OpenSSL-Win32-2015\\lib"
],
"windows64": [
"include": "C:\\OpenSSL-Win64-2015\\include",
"lib": "C:\\OpenSSL-Win64-2015\\lib"
]
]
} else {
opensslPaths = [
"windows": [
"include": "C:\\OpenSSL-Win32-2010\\include",
"lib": "C:\\OpenSSL-Win32-2010\\lib"
],
"windows64": [
"include": "C:\\OpenSSL-Win64-2010\\include",
"lib": "C:\\OpenSSL-Win64-2010\\lib"
]
]
}
bat """
wmic qfe
@set PATH="C:\\Python27";"C:\\Python27\\Scripts";%PATH%
@set PYTHON="${pythonPath[version]}"
@set INCLUDE="${opensslPaths[label]['include']}";%INCLUDE%
@set LIB="${opensslPaths[label]['lib']}";%LIB%
virtualenv -p %PYTHON% .release
call .release\\Scripts\\activate
pip install wheel virtualenv
pip wheel cryptography==$BUILD_VERSION --no-use-pep517 --wheel-dir=wheelhouse --no-binary cryptography
pip install -f wheelhouse cryptography --no-index
python -c "from cryptography.hazmat.backends.openssl.backend import backend;print('Loaded: ' + backend.openssl_version_text());print('Linked Against: ' + backend._ffi.string(backend._lib.OPENSSL_VERSION_TEXT).decode('ascii'))"
"""
}
archiveArtifacts artifacts: "wheelhouse/cryptography*.whl"
}
} finally {
deleteDir()
}
}
def builders = [:]
for (config in configs) {
def label = config["label"]
def versions = config["versions"]
for (_version in versions) {
def version = _version
def combinedName = "${label}-${version}"
builders[combinedName] = {
node(label) {
stage(combinedName) {
build(version, label, "")
}
}
}
}
}
parallel builders

2
.travis/install.sh
View file

@ -64,5 +64,5 @@ pip install virtualenv
python -m virtualenv ~/.venv
source ~/.venv/bin/activate
# If we pin coverage it must be kept in sync with tox.ini and Jenkinsfile
# If we pin coverage it must be kept in sync with tox.ini and azure-pipelines.yml
pip install tox codecov coverage

148
Jenkinsfile vendored
View file

@ -1,148 +0,0 @@
if (env.BRANCH_NAME == "master") {
properties([pipelineTriggers([cron('@daily')])])
}
def configs = [
[
label: 'windows',
toxenvs: ['py27', 'py34', 'py35', 'py36', 'py37'],
],
[
label: 'windows64',
toxenvs: ['py27', 'py34', 'py35', 'py36', 'py37'],
],
]
def checkout_git(label) {
retry(3) {
def script = ""
if (env.BRANCH_NAME.startsWith('PR-')) {
script = """
git clone --depth=1 https://github.com/pyca/cryptography
cd cryptography
git fetch origin +refs/pull/${env.CHANGE_ID}/merge:
git checkout -qf FETCH_HEAD
"""
if (label.contains("windows")) {
bat script
} else {
sh """#!/bin/sh
set -xe
${script}
"""
}
} else {
checkout([
$class: 'GitSCM',
branches: [[name: "*/${env.BRANCH_NAME}"]],
doGenerateSubmoduleConfigurations: false,
extensions: [[
$class: 'RelativeTargetDirectory',
relativeTargetDir: 'cryptography'
]],
submoduleCfg: [],
userRemoteConfigs: [[
'url': 'https://github.com/pyca/cryptography'
]]
])
}
}
bat """
cd cryptography
git rev-parse HEAD
"""
}
def build(toxenv, label, imageName, artifacts, artifactExcludes) {
try {
timeout(time: 30, unit: 'MINUTES') {
checkout_git(label)
checkout([
$class: 'GitSCM',
extensions: [[
$class: 'RelativeTargetDirectory',
relativeTargetDir: 'wycheproof',
]],
userRemoteConfigs: [[
'url': 'https://github.com/google/wycheproof',
]]
])
withCredentials([string(credentialsId: 'cryptography-codecov-token', variable: 'CODECOV_TOKEN')]) {
withEnv(["LABEL=$label", "TOXENV=$toxenv", "IMAGE_NAME=$imageName"]) {
def pythonPath = [
py27: "C:\\Python27\\python.exe",
py34: "C:\\Python34\\python.exe",
py35: "C:\\Python35\\python.exe",
py36: "C:\\Python36\\python.exe",
py37: "C:\\Python37\\python.exe"
]
if (toxenv == "py35" || toxenv == "py36" || toxenv == "py37") {
opensslPaths = [
"windows": [
"include": "C:\\OpenSSL-Win32-2015\\include",
"lib": "C:\\OpenSSL-Win32-2015\\lib"
],
"windows64": [
"include": "C:\\OpenSSL-Win64-2015\\include",
"lib": "C:\\OpenSSL-Win64-2015\\lib"
]
]
} else {
opensslPaths = [
"windows": [
"include": "C:\\OpenSSL-Win32-2010\\include",
"lib": "C:\\OpenSSL-Win32-2010\\lib"
],
"windows64": [
"include": "C:\\OpenSSL-Win64-2010\\include",
"lib": "C:\\OpenSSL-Win64-2010\\lib"
]
]
}
bat """
cd cryptography
@set PATH="C:\\Python27";"C:\\Python27\\Scripts";%PATH%
@set PYTHON="${pythonPath[toxenv]}"
@set INCLUDE="${opensslPaths[label]['include']}";%INCLUDE%
@set LIB="${opensslPaths[label]['lib']}";%LIB%
tox -r -- --wycheproof-root=../wycheproof
IF %ERRORLEVEL% NEQ 0 EXIT /B %ERRORLEVEL%
virtualenv .codecov
call .codecov/Scripts/activate
REM this pin must be kept in sync with tox.ini
pip install coverage
pip install codecov
codecov -e JOB_BASE_NAME,LABEL,TOXENV
"""
}
}
}
} finally {
deleteDir()
}
}
def builders = [:]
for (config in configs) {
def label = config["label"]
def toxenvs = config["toxenvs"]
def artifacts = config["artifacts"]
def artifactExcludes = config["artifactExcludes"]
for (_toxenv in toxenvs) {
def toxenv = _toxenv
def combinedName = "${label}-${toxenv}"
builders[combinedName] = {
node(label) {
stage(combinedName) {
build(toxenv, label, '', null, null)
}
}
}
}
}
parallel builders

1
dev-requirements.txt
View file

@ -1,7 +1,6 @@
azure-devops
click
coverage
requests
tox >= 2.4.1
twine >= 1.8.0
-e .[test,docs,docstest,pep8test]

2
docs/doing-a-release.rst
View file

@ -21,7 +21,7 @@ Verifying OpenSSL version
-------------------------
The release process creates wheels bundling OpenSSL for Windows, macOS, and
Linux. Check that the Windows and macOS Jenkins builders have the latest
Linux. Check that the Windows and macOS Azure Pipelines builders have the latest
version of OpenSSL installed and verify that the latest version is present in
the ``pyca/cryptography-manylinux1`` docker containers. If anything is out
of date follow the instructions for upgrading OpenSSL.

82
release.py
View file

@ -6,7 +6,6 @@ from __future__ import absolute_import, division, print_function
import getpass
import glob
import io
import json
import os
import subprocess
@ -21,14 +20,6 @@ import click
from msrest.authentication import BasicAuthentication
import requests
JENKINS_URL = (
"https://ci.cryptography.io/job/cryptography-support-jobs/"
"job/wheel-builder"
)
def run(*args, **kwargs):
print("[running] {0}".format(list(args)))
@ -91,76 +82,6 @@ def build_wheels_azure(version):
return download_artifacts_azure(build_client, build.id)
def wait_for_build_completed_jenkins(session):
# Wait 20 seconds before actually checking if the build is complete, to
# ensure that it had time to really start.
time.sleep(20)
while True:
response = session.get(
"{0}/lastBuild/api/json/".format(JENKINS_URL),
headers={
"Accept": "application/json",
}
)
response.raise_for_status()
if not response.json()["building"]:
assert response.json()["result"] == "SUCCESS"
break
time.sleep(0.1)
def download_artifacts_jenkins(session):
response = session.get(
"{0}/lastBuild/api/json/".format(JENKINS_URL),
headers={
"Accept": "application/json"
}
)
response.raise_for_status()
json_response = response.json()
assert not json_response["building"]
assert json_response["result"] == "SUCCESS"
paths = []
for artifact in json_response["artifacts"]:
response = session.get(
"{0}artifact/{1}".format(
json_response["url"], artifact["relativePath"]
), stream=True
)
assert response.headers["content-length"]
print("Downloading {0}".format(artifact["fileName"]))
content = io.BytesIO()
for data in response.iter_content(chunk_size=8192):
content.write(data)
out_path = os.path.join(
os.path.dirname(__file__),
"dist",
artifact["fileName"],
)
with open(out_path, "wb") as f:
f.write(content.getvalue())
paths.append(out_path)
return paths
def build_wheels_jenkins(version):
token = getpass.getpass("Input the Jenkins token: ")
session = requests.Session()
response = session.get(
"{0}/buildWithParameters".format(JENKINS_URL),
params={
"token": token,
"BUILD_VERSION": version,
"cause": "Building wheels for {0}".format(version)
}
)
response.raise_for_status()
wait_for_build_completed_jenkins(session)
return download_artifacts_jenkins(session)
@click.command()
@click.argument("version")
def release(version):
@ -180,8 +101,7 @@ def release(version):
run("twine", "upload", "-s", *packages)
azure_wheel_paths = build_wheels_azure(version)
jenkins_wheel_paths = build_wheels_jenkins(version)
run("twine", "upload", *(azure_wheel_paths + jenkins_wheel_paths))
run("twine", "upload", *azure_wheel_paths)
if __name__ == "__main__":

2
tox.ini
View file

@ -7,7 +7,7 @@ extras =
test
idna: idna
deps =
# This must be kept in sync with Jenkinsfile and .travis/install.sh
# This must be kept in sync with .travis/install.sh and azure-pipelines.yml
coverage
./vectors
passenv = ARCHFLAGS LDFLAGS CFLAGS INCLUDE LIB LD_LIBRARY_PATH USERNAME PYTHONIOENCODING