Upgrade cryptography from 2.5 to 3.3
Source code is from https://github.com/pyca/cryptography/tree/3.3.x
Run setup.py locally and rename _openssl.so/_padding.so
Bug: 205265538
Test: None
Change-Id: If031739ef5830ba2fb177add74515e4660e2906e
diff --git a/release.py b/release.py
index d7c18d1..5f3f251 100644
--- a/release.py
+++ b/release.py
@@ -7,122 +7,136 @@
import getpass
import glob
import io
+import json
import os
import subprocess
import time
+import zipfile
import click
-from clint.textui.progress import Bar as ProgressBar
-
import requests
-JENKINS_URL = (
- "https://ci.cryptography.io/job/cryptography-support-jobs/"
- "job/wheel-builder"
-)
-
-
def run(*args, **kwargs):
print("[running] {0}".format(list(args)))
subprocess.check_call(list(args), **kwargs)
-def wait_for_build_completed(session):
- # Wait 20 seconds before actually checking if the build is complete, to
- # ensure that it had time to really start.
- time.sleep(20)
+def wait_for_build_complete_github_actions(session, token, run_url):
while True:
response = session.get(
- "{0}/lastBuild/api/json/".format(JENKINS_URL),
+ run_url,
headers={
- "Accept": "application/json",
- }
+ "Content-Type": "application/json",
+ "Authorization": "token {}".format(token),
+ },
)
response.raise_for_status()
- if not response.json()["building"]:
- assert response.json()["result"] == "SUCCESS"
+ if response.json()["conclusion"] is not None:
break
- time.sleep(0.1)
+ time.sleep(3)
-def download_artifacts(session):
+def download_artifacts_github_actions(session, token, run_url):
response = session.get(
- "{0}/lastBuild/api/json/".format(JENKINS_URL),
+ run_url,
headers={
- "Accept": "application/json"
- }
+ "Content-Type": "application/json",
+ "Authorization": "token {}".format(token),
+ },
)
response.raise_for_status()
- json_response = response.json()
- assert not json_response["building"]
- assert json_response["result"] == "SUCCESS"
+ response = session.get(
+ response.json()["artifacts_url"],
+ headers={
+ "Content-Type": "application/json",
+ "Authorization": "token {}".format(token),
+ },
+ )
+ response.raise_for_status()
paths = []
-
- for artifact in json_response["artifacts"]:
+ for artifact in response.json()["artifacts"]:
response = session.get(
- "{0}artifact/{1}".format(
- json_response["url"], artifact["relativePath"]
- ), stream=True
+ artifact["archive_download_url"],
+ headers={
+ "Content-Type": "application/json",
+ "Authorization": "token {}".format(token),
+ },
)
- assert response.headers["content-length"]
- print("Downloading {0}".format(artifact["fileName"]))
- bar = ProgressBar(
- expected_size=int(response.headers["content-length"]),
- filled_char="="
- )
- content = io.BytesIO()
- for data in response.iter_content(chunk_size=8192):
- content.write(data)
- bar.show(content.tell())
- assert bar.expected_size == content.tell()
- bar.done()
- out_path = os.path.join(
- os.path.dirname(__file__),
- "dist",
- artifact["fileName"],
- )
- with open(out_path, "wb") as f:
- f.write(content.getvalue())
- paths.append(out_path)
+ with zipfile.ZipFile(io.BytesIO(response.content)) as z:
+ for name in z.namelist():
+ if not name.endswith(".whl"):
+ continue
+ p = z.open(name)
+ out_path = os.path.join(
+ os.path.dirname(__file__),
+ "dist",
+ os.path.basename(name),
+ )
+ with open(out_path, "wb") as f:
+ f.write(p.read())
+ paths.append(out_path)
return paths
+def build_github_actions_wheels(token, version):
+ session = requests.Session()
+
+ response = session.post(
+ "https://api.github.com/repos/pyca/cryptography/actions/workflows/"
+ "wheel-builder.yml/dispatches",
+ headers={
+ "Content-Type": "application/json",
+ "Accept": "application/vnd.github.v3+json",
+ "Authorization": "token {}".format(token),
+ },
+ data=json.dumps({"ref": "master", "inputs": {"version": version}}),
+ )
+ response.raise_for_status()
+
+ # Give it a few seconds for the run to kick off.
+ time.sleep(5)
+ response = session.get(
+ (
+ "https://api.github.com/repos/pyca/cryptography/actions/workflows/"
+ "wheel-builder.yml/runs?event=workflow_dispatch"
+ ),
+ headers={
+ "Content-Type": "application/json",
+ "Authorization": "token {}".format(token),
+ },
+ )
+ response.raise_for_status()
+ run_url = response.json()["workflow_runs"][0]["url"]
+ wait_for_build_complete_github_actions(session, token, run_url)
+ return download_artifacts_github_actions(session, token, run_url)
+
+
@click.command()
@click.argument("version")
def release(version):
"""
``version`` should be a string like '0.4' or '1.0'.
"""
+ github_token = getpass.getpass("Github person access token: ")
+
run("git", "tag", "-s", version, "-m", "{0} release".format(version))
run("git", "push", "--tags")
run("python", "setup.py", "sdist")
run("python", "setup.py", "sdist", "bdist_wheel", cwd="vectors/")
- packages = (
- glob.glob("dist/cryptography-{0}*".format(version)) +
- glob.glob("vectors/dist/cryptography_vectors-{0}*".format(version))
+ packages = glob.glob("dist/cryptography-{0}*".format(version)) + glob.glob(
+ "vectors/dist/cryptography_vectors-{0}*".format(version)
)
run("twine", "upload", "-s", *packages)
- session = requests.Session()
-
- token = getpass.getpass("Input the Jenkins token: ")
- response = session.get(
- "{0}/buildWithParameters".format(JENKINS_URL),
- params={
- "token": token,
- "BUILD_VERSION": version,
- "cause": "Building wheels for {0}".format(version)
- }
+ github_actions_wheel_paths = build_github_actions_wheels(
+ github_token, version
)
- response.raise_for_status()
- wait_for_build_completed(session)
- paths = download_artifacts(session)
- run("twine", "upload", *paths)
+ run("twine", "upload", *github_actions_wheel_paths)
if __name__ == "__main__":