1properties([ 2 parameters([ 3 string(defaultValue: '', description: 'The version from PyPI to build', name: 'BUILD_VERSION') 4 ]), 5 pipelineTriggers([]) 6]) 7 8def configs = [ 9 [ 10 label: 'windows', 11 versions: ['py27', 'py34', 'py35', 'py36', 'py37'], 12 ], 13 [ 14 label: 'windows64', 15 versions: ['py27', 'py34', 'py35', 'py36', 'py37'], 16 ], 17 [ 18 label: 'sierra', 19 // The py3x version listed here corresponds to the minimum ABI version 20 // the wheels will support. e.g. py34 supports py34+ 21 versions: ['py27', 'py34'], 22 ], 23 [ 24 label: 'docker', 25 imageName: 'pyca/cryptography-manylinux1:i686', 26 // The py3x version listed here corresponds to the minimum ABI version 27 // the wheels will support. e.g. cp34-cp34m supports py34+ 28 versions: [ 29 'cp27-cp27m', 'cp27-cp27mu', 'cp34-cp34m', 30 ], 31 ], 32 [ 33 label: 'docker', 34 imageName: 'pyca/cryptography-manylinux1:x86_64', 35 // The py3x version listed here corresponds to the minimum ABI version 36 // the wheels will support. e.g. cp34-cp34m supports py34+ 37 versions: [ 38 'cp27-cp27m', 'cp27-cp27mu', 'cp34-cp34m', 39 ], 40 ], 41] 42 43 44def build(version, label, imageName) { 45 try { 46 timeout(time: 30, unit: 'MINUTES') { 47 if (label.contains("windows")) { 48 def pythonPath = [ 49 py27: "C:\\Python27\\python.exe", 50 py34: "C:\\Python34\\python.exe", 51 py35: "C:\\Python35\\python.exe", 52 py36: "C:\\Python36\\python.exe", 53 py37: "C:\\Python37\\python.exe" 54 ] 55 if (version == "py35" || version == "py36" || version == "py37") { 56 opensslPaths = [ 57 "windows": [ 58 "include": "C:\\OpenSSL-Win32-2015\\include", 59 "lib": "C:\\OpenSSL-Win32-2015\\lib" 60 ], 61 "windows64": [ 62 "include": "C:\\OpenSSL-Win64-2015\\include", 63 "lib": "C:\\OpenSSL-Win64-2015\\lib" 64 ] 65 ] 66 } else { 67 opensslPaths = [ 68 "windows": [ 69 "include": "C:\\OpenSSL-Win32-2010\\include", 70 "lib": "C:\\OpenSSL-Win32-2010\\lib" 71 ], 72 "windows64": [ 73 "include": "C:\\OpenSSL-Win64-2010\\include", 74 "lib": "C:\\OpenSSL-Win64-2010\\lib" 75 ] 76 ] 77 } 78 bat """ 79 wmic qfe 80 @set PATH="C:\\Python27";"C:\\Python27\\Scripts";%PATH% 81 @set PYTHON="${pythonPath[version]}" 82 83 @set INCLUDE="${opensslPaths[label]['include']}";%INCLUDE% 84 @set LIB="${opensslPaths[label]['lib']}";%LIB% 85 virtualenv -p %PYTHON% .release 86 call .release\\Scripts\\activate 87 pip install wheel virtualenv 88 pip wheel cryptography==$BUILD_VERSION --wheel-dir=wheelhouse --no-binary cryptography 89 pip install -f wheelhouse cryptography --no-index 90 python -c "from cryptography.hazmat.backends.openssl.backend import backend;print('Loaded: ' + backend.openssl_version_text());print('Linked Against: ' + backend._ffi.string(backend._lib.OPENSSL_VERSION_TEXT).decode('ascii'))" 91 """ 92 } else if (label.contains("sierra")) { 93 def pythonPath = [ 94 py27: "/Library/Frameworks/Python.framework/Versions/2.7/bin/python2.7", 95 py34: "/Library/Frameworks/Python.framework/Versions/3.4/bin/python3.4", 96 ] 97 ansiColor { 98 sh """#!/usr/bin/env bash 99 set -xe 100 # output the list of things we've installed as a point in time check of how up 101 # to date the builder is 102 /usr/sbin/system_profiler SPInstallHistoryDataType 103 104 # Jenkins logs in as a non-interactive shell, so we don't even have /usr/local/bin in PATH 105 export PATH="/usr/local/bin:\${PATH}" 106 export PATH="/Users/jenkins/.pyenv/shims:\${PATH}" 107 108 printenv 109 110 virtualenv .venv -p ${pythonPath[version]} 111 source .venv/bin/activate 112 pip install -U wheel # upgrade wheel to latest before we use it to build the wheel 113 pip install cffi six idna asn1crypto ipaddress enum34 114 REGEX="py3([0-9])*" 115 if [[ "${version}" =~ \$REGEX ]]; then 116 PY_LIMITED_API="--build-option --py-limited-api=cp3\${BASH_REMATCH[1]}" 117 fi 118 CRYPTOGRAPHY_SUPPRESS_LINK_FLAGS="1" \ 119 LDFLAGS="/usr/local/opt/openssl@1.1/lib/libcrypto.a /usr/local/opt/openssl@1.1/lib/libssl.a" \ 120 CFLAGS="-I/usr/local/opt/openssl@1.1/include -mmacosx-version-min=10.9" \ 121 pip wheel cryptography==$BUILD_VERSION --wheel-dir=wheelhouse --no-binary cryptography --no-deps \$PY_LIMITED_API 122 pip install -f wheelhouse cryptography --no-index 123 python -c "from cryptography.hazmat.backends.openssl.backend import backend;print('Loaded: ' + backend.openssl_version_text());print('Linked Against: ' + backend._ffi.string(backend._lib.OPENSSL_VERSION_TEXT).decode('ascii'))" 124 otool -L `find .venv -name '_openssl*.so'` 125 lipo -info `find .venv -name '*.so'` 126 otool -L `find .venv -name '_openssl*.so'` | grep -vG "libcrypto\\|libssl" 127 """ 128 } 129 } else if (label.contains("docker")) { 130 linux32 = "" 131 if (imageName.contains("i686")) { 132 linux32 = "linux32" 133 } 134 sh """#!/usr/bin/env bash 135 set -x -e 136 137 $linux32 /opt/python/$version/bin/pip install cffi six idna asn1crypto ipaddress enum34 138 # Because we are doing this as root in the container, but we write to a mounted dir that is outside the container 139 # we need to make sure we set these files writable such that the jenkins user can delete them afterwards 140 mkdir -p tmpwheelhouse 141 mkdir -p wheelhouse 142 chmod -R 777 tmpwheelhouse 143 chmod -R 777 wheelhouse 144 145 REGEX="cp3([0-9])*" 146 if [[ "${version}" =~ \$REGEX ]]; then 147 PY_LIMITED_API="--build-option --py-limited-api=cp3\${BASH_REMATCH[1]}" 148 fi 149 LDFLAGS="-L/opt/pyca/cryptography/openssl/lib" \ 150 CFLAGS="-I/opt/pyca/cryptography/openssl/include -Wl,--exclude-libs,ALL" \ 151 $linux32 /opt/python/$version/bin/pip wheel cryptography==$BUILD_VERSION --no-binary cryptography --no-deps --wheel-dir=tmpwheelhouse \$PY_LIMITED_API 152 $linux32 auditwheel repair tmpwheelhouse/cryptography*.whl -w wheelhouse/ 153 unzip wheelhouse/*.whl -d execstack.check 154 chmod -R 777 execstack.check 155 (execstack execstack.check/cryptography/hazmat/bindings/*.so | grep '^X') && exit 1 156 $linux32 /opt/python/$version/bin/pip install cryptography==$BUILD_VERSION --no-index -f wheelhouse/ 157 $linux32 /opt/python/$version/bin/python -c "from cryptography.hazmat.backends.openssl.backend import backend;print('Loaded: ' + backend.openssl_version_text());print('Linked Against: ' + backend._ffi.string(backend._lib.OPENSSL_VERSION_TEXT).decode('ascii'))" 158 """ 159 } 160 archiveArtifacts artifacts: "wheelhouse/cryptography*.whl" 161 } 162 } finally { 163 deleteDir() 164 } 165 166} 167 168def builders = [:] 169for (config in configs) { 170 def label = config["label"] 171 def versions = config["versions"] 172 173 for (_version in versions) { 174 def version = _version 175 176 if (label.contains("docker")) { 177 def imageName = config["imageName"] 178 def combinedName = "${imageName}-${version}" 179 builders[combinedName] = { 180 node(label) { 181 stage(combinedName) { 182 def buildImage = docker.image(imageName) 183 buildImage.pull() 184 buildImage.inside("-u root") { 185 build(version, label, imageName) 186 } 187 } 188 } 189 } 190 } else { 191 def combinedName = "${label}-${version}" 192 builders[combinedName] = { 193 node(label) { 194 stage(combinedName) { 195 build(version, label, "") 196 } 197 } 198 } 199 } 200 } 201} 202 203parallel builders 204