204 lines
9.3 KiB
Plaintext
204 lines
9.3 KiB
Plaintext
properties([
|
|
parameters([
|
|
string(defaultValue: '', description: 'The version from PyPI to build', name: 'BUILD_VERSION')
|
|
]),
|
|
pipelineTriggers([])
|
|
])
|
|
|
|
def configs = [
|
|
[
|
|
label: 'windows',
|
|
versions: ['py27', 'py34', 'py35', 'py36', 'py37'],
|
|
],
|
|
[
|
|
label: 'windows64',
|
|
versions: ['py27', 'py34', 'py35', 'py36', 'py37'],
|
|
],
|
|
[
|
|
label: 'sierra',
|
|
// The py3x version listed here corresponds to the minimum ABI version
|
|
// the wheels will support. e.g. py34 supports py34+
|
|
versions: ['py27', 'py34'],
|
|
],
|
|
[
|
|
label: 'docker',
|
|
imageName: 'pyca/cryptography-manylinux1:i686',
|
|
// The py3x version listed here corresponds to the minimum ABI version
|
|
// the wheels will support. e.g. cp34-cp34m supports py34+
|
|
versions: [
|
|
'cp27-cp27m', 'cp27-cp27mu', 'cp34-cp34m',
|
|
],
|
|
],
|
|
[
|
|
label: 'docker',
|
|
imageName: 'pyca/cryptography-manylinux1:x86_64',
|
|
// The py3x version listed here corresponds to the minimum ABI version
|
|
// the wheels will support. e.g. cp34-cp34m supports py34+
|
|
versions: [
|
|
'cp27-cp27m', 'cp27-cp27mu', 'cp34-cp34m',
|
|
],
|
|
],
|
|
]
|
|
|
|
|
|
def build(version, label, imageName) {
|
|
try {
|
|
timeout(time: 30, unit: 'MINUTES') {
|
|
if (label.contains("windows")) {
|
|
def pythonPath = [
|
|
py27: "C:\\Python27\\python.exe",
|
|
py34: "C:\\Python34\\python.exe",
|
|
py35: "C:\\Python35\\python.exe",
|
|
py36: "C:\\Python36\\python.exe",
|
|
py37: "C:\\Python37\\python.exe"
|
|
]
|
|
if (version == "py35" || version == "py36" || version == "py37") {
|
|
opensslPaths = [
|
|
"windows": [
|
|
"include": "C:\\OpenSSL-Win32-2015\\include",
|
|
"lib": "C:\\OpenSSL-Win32-2015\\lib"
|
|
],
|
|
"windows64": [
|
|
"include": "C:\\OpenSSL-Win64-2015\\include",
|
|
"lib": "C:\\OpenSSL-Win64-2015\\lib"
|
|
]
|
|
]
|
|
} else {
|
|
opensslPaths = [
|
|
"windows": [
|
|
"include": "C:\\OpenSSL-Win32-2010\\include",
|
|
"lib": "C:\\OpenSSL-Win32-2010\\lib"
|
|
],
|
|
"windows64": [
|
|
"include": "C:\\OpenSSL-Win64-2010\\include",
|
|
"lib": "C:\\OpenSSL-Win64-2010\\lib"
|
|
]
|
|
]
|
|
}
|
|
bat """
|
|
wmic qfe
|
|
@set PATH="C:\\Python27";"C:\\Python27\\Scripts";%PATH%
|
|
@set PYTHON="${pythonPath[version]}"
|
|
|
|
@set INCLUDE="${opensslPaths[label]['include']}";%INCLUDE%
|
|
@set LIB="${opensslPaths[label]['lib']}";%LIB%
|
|
virtualenv -p %PYTHON% .release
|
|
call .release\\Scripts\\activate
|
|
pip install wheel virtualenv
|
|
pip wheel cryptography==$BUILD_VERSION --wheel-dir=wheelhouse --no-binary cryptography
|
|
pip install -f wheelhouse cryptography --no-index
|
|
python -c "from cryptography.hazmat.backends.openssl.backend import backend;print('Loaded: ' + backend.openssl_version_text());print('Linked Against: ' + backend._ffi.string(backend._lib.OPENSSL_VERSION_TEXT).decode('ascii'))"
|
|
"""
|
|
} else if (label.contains("sierra")) {
|
|
def pythonPath = [
|
|
py27: "/Library/Frameworks/Python.framework/Versions/2.7/bin/python2.7",
|
|
py34: "/Library/Frameworks/Python.framework/Versions/3.4/bin/python3.4",
|
|
]
|
|
ansiColor {
|
|
sh """#!/usr/bin/env bash
|
|
set -xe
|
|
# output the list of things we've installed as a point in time check of how up
|
|
# to date the builder is
|
|
/usr/sbin/system_profiler SPInstallHistoryDataType
|
|
|
|
# Jenkins logs in as a non-interactive shell, so we don't even have /usr/local/bin in PATH
|
|
export PATH="/usr/local/bin:\${PATH}"
|
|
export PATH="/Users/jenkins/.pyenv/shims:\${PATH}"
|
|
|
|
printenv
|
|
|
|
virtualenv .venv -p ${pythonPath[version]}
|
|
source .venv/bin/activate
|
|
pip install -U wheel # upgrade wheel to latest before we use it to build the wheel
|
|
pip install cffi six idna asn1crypto ipaddress enum34
|
|
REGEX="py3([0-9])*"
|
|
if [[ "${version}" =~ \$REGEX ]]; then
|
|
PY_LIMITED_API="--build-option --py-limited-api=cp3\${BASH_REMATCH[1]}"
|
|
fi
|
|
CRYPTOGRAPHY_SUPPRESS_LINK_FLAGS="1" \
|
|
LDFLAGS="/usr/local/opt/openssl@1.1/lib/libcrypto.a /usr/local/opt/openssl@1.1/lib/libssl.a" \
|
|
CFLAGS="-I/usr/local/opt/openssl@1.1/include -mmacosx-version-min=10.9" \
|
|
pip wheel cryptography==$BUILD_VERSION --wheel-dir=wheelhouse --no-binary cryptography --no-deps \$PY_LIMITED_API
|
|
pip install -f wheelhouse cryptography --no-index
|
|
python -c "from cryptography.hazmat.backends.openssl.backend import backend;print('Loaded: ' + backend.openssl_version_text());print('Linked Against: ' + backend._ffi.string(backend._lib.OPENSSL_VERSION_TEXT).decode('ascii'))"
|
|
otool -L `find .venv -name '_openssl*.so'`
|
|
lipo -info `find .venv -name '*.so'`
|
|
otool -L `find .venv -name '_openssl*.so'` | grep -vG "libcrypto\\|libssl"
|
|
"""
|
|
}
|
|
} else if (label.contains("docker")) {
|
|
linux32 = ""
|
|
if (imageName.contains("i686")) {
|
|
linux32 = "linux32"
|
|
}
|
|
sh """#!/usr/bin/env bash
|
|
set -x -e
|
|
|
|
$linux32 /opt/python/$version/bin/pip install cffi six idna asn1crypto ipaddress enum34
|
|
# Because we are doing this as root in the container, but we write to a mounted dir that is outside the container
|
|
# we need to make sure we set these files writable such that the jenkins user can delete them afterwards
|
|
mkdir -p tmpwheelhouse
|
|
mkdir -p wheelhouse
|
|
chmod -R 777 tmpwheelhouse
|
|
chmod -R 777 wheelhouse
|
|
|
|
REGEX="cp3([0-9])*"
|
|
if [[ "${version}" =~ \$REGEX ]]; then
|
|
PY_LIMITED_API="--build-option --py-limited-api=cp3\${BASH_REMATCH[1]}"
|
|
fi
|
|
LDFLAGS="-L/opt/pyca/cryptography/openssl/lib" \
|
|
CFLAGS="-I/opt/pyca/cryptography/openssl/include -Wl,--exclude-libs,ALL" \
|
|
$linux32 /opt/python/$version/bin/pip wheel cryptography==$BUILD_VERSION --no-binary cryptography --no-deps --wheel-dir=tmpwheelhouse \$PY_LIMITED_API
|
|
$linux32 auditwheel repair tmpwheelhouse/cryptography*.whl -w wheelhouse/
|
|
unzip wheelhouse/*.whl -d execstack.check
|
|
chmod -R 777 execstack.check
|
|
(execstack execstack.check/cryptography/hazmat/bindings/*.so | grep '^X') && exit 1
|
|
$linux32 /opt/python/$version/bin/pip install cryptography==$BUILD_VERSION --no-index -f wheelhouse/
|
|
$linux32 /opt/python/$version/bin/python -c "from cryptography.hazmat.backends.openssl.backend import backend;print('Loaded: ' + backend.openssl_version_text());print('Linked Against: ' + backend._ffi.string(backend._lib.OPENSSL_VERSION_TEXT).decode('ascii'))"
|
|
"""
|
|
}
|
|
archiveArtifacts artifacts: "wheelhouse/cryptography*.whl"
|
|
}
|
|
} finally {
|
|
deleteDir()
|
|
}
|
|
|
|
}
|
|
|
|
def builders = [:]
|
|
for (config in configs) {
|
|
def label = config["label"]
|
|
def versions = config["versions"]
|
|
|
|
for (_version in versions) {
|
|
def version = _version
|
|
|
|
if (label.contains("docker")) {
|
|
def imageName = config["imageName"]
|
|
def combinedName = "${imageName}-${version}"
|
|
builders[combinedName] = {
|
|
node(label) {
|
|
stage(combinedName) {
|
|
def buildImage = docker.image(imageName)
|
|
buildImage.pull()
|
|
buildImage.inside("-u root") {
|
|
build(version, label, imageName)
|
|
}
|
|
}
|
|
}
|
|
}
|
|
} else {
|
|
def combinedName = "${label}-${version}"
|
|
builders[combinedName] = {
|
|
node(label) {
|
|
stage(combinedName) {
|
|
build(version, label, "")
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
parallel builders
|