diff --git a/py3-cassandra-medusa.yaml b/py3-cassandra-medusa.yaml index d0a15fd1197..46c04d93329 100644 --- a/py3-cassandra-medusa.yaml +++ b/py3-cassandra-medusa.yaml @@ -2,7 +2,7 @@ package: name: py3-cassandra-medusa version: 0.22.3 - epoch: 1 + epoch: 2 description: Apache Cassandra backup and restore tool copyright: - license: Apache-2.0 @@ -11,19 +11,41 @@ package: no-depends: true dependencies: runtime: - - poetry - - python-3.11-base + - py${{vars.py-version}}-aiohttp + - py${{vars.py-version}}-azure-identity + - py${{vars.py-version}}-azure-storage-blob + - py${{vars.py-version}}-boto3 + - py${{vars.py-version}}-cassandra-driver + - py${{vars.py-version}}-click + - py${{vars.py-version}}-click-aliases + - py${{vars.py-version}}-certifi + - py${{vars.py-version}}-cryptography + - py${{vars.py-version}}-datadog + - py${{vars.py-version}}-dnspython + - py${{vars.py-version}}-ffwd + - py${{vars.py-version}}-gcloud-aio-storage + - py${{vars.py-version}}-gevent + - py${{vars.py-version}}-grpcio + - py${{vars.py-version}}-grpcio-health-checking + - py${{vars.py-version}}-idna + - py${{vars.py-version}}-parallel-ssh + - py${{vars.py-version}}-psutil + - py${{vars.py-version}}-pyopenssl + - py${{vars.py-version}}-requests + - py${{vars.py-version}}-retrying + - py${{vars.py-version}}-urllib3 + - py${{vars.py-version}}-pyyaml + +vars: + py-version: 3.11 environment: contents: packages: - build-base - - busybox - ca-certificates-bundle - - py3.11-installer - - py3.11-pip - - python-3.11 - - python-3.11-dev + - py${{vars.py-version}}-build-base-dev + - py${{vars.py-version}}-poetry - wolfi-base pipeline: @@ -33,46 +55,27 @@ pipeline: tag: v${{package.version}} expected-commit: 6202aca6e4c2859d2ad601571571a774df7bebc8 - - name: Python Build - runs: | - pip install wheel - pip install poetry - poetry add "aiohttp==3.10.11" - poetry add "certifi==2024.7.4" - poetry add "dnspython==2.6.1" - poetry add "idna==3.7" - poetry add "pyOpenSSL@^24.0.0" - poetry add "cryptography@^43.0.1" - # CVE-2024-35195: requests - poetry add "requests@^2.23.0" - # GHSA-m5vv-6r4h-3vj9: azure-identity - poetry add "azure-identity==1.16.1" - # GHSA-34jh-p97f-mpxf: urllib3 - poetry add "urllib3==1.26.19" - poetry run pip freeze | grep -v cassandra-medusa > requirements.txt - POETRY_VIRTUALENVS_IN_PROJECT=true poetry install - poetry build - - runs: | # Setup the virtualenv - python -m venv .venv --system-site-packages - # Bump pip to patch a CVE - .venv/bin/pip install --upgrade pip==24.0 setuptools==70.0.0 + python${{vars.py-version}} -m venv .venv --system-site-packages - - runs: | - .venv/bin/pip install -I -r requirements.txt --no-compile - .venv/bin/pip install -I --no-compile dist/*.whl + - name: Python Build + uses: py/pip-build-install + with: + python: .venv/bin/python${{vars.py-version}} - - runs: | + - name: Install deps from PyPI that aren't currently packaged in wolfi + runs: | # python-snappy is required to run medusa using $MEDUSA_MODE=GRPC. - .venv/bin/pip install -I python-snappy --no-compile + .venv/bin/pip${{vars.py-version}} install -I python-snappy --no-compile --no-deps - runs: | mkdir -p ${{targets.destdir}}/home/cassandra mv .venv ${{targets.destdir}}/home/cassandra/ # edit the venv paths - sed -i "s|/home/build|${{targets.destdir}}/home/cassandra|g" ${{targets.destdir}}/home/cassandra/.venv/bin/* + find '${{targets.destdir}}/home/cassandra/.venv/bin/' -type f | \ + xargs sed -i "s|/home/build|${{targets.destdir}}/home/cassandra|g" # allow site-packages sed -i "s|include-system-site-packages = false|include-system-site-packages = true|g" ${{targets.destdir}}/home/cassandra/.venv/pyvenv.cfg @@ -95,6 +98,7 @@ subpackages: # The entrypoint script fails to start without bash and sleep (which comes from busybox) - bash - busybox + - grpc-health-probe pipeline: - runs: | mkdir -p "${{targets.subpkgdir}}/home/cassandra/" @@ -113,15 +117,13 @@ test: environment: contents: packages: - - python-3.11 - - python-3.11-dev - grpc-health-probe pipeline: - runs: medusa --version - runs: | set +e fail() { echo "$@" 1>&2; exit 1; } - out=$(/home/cassandra/.venv/bin/python3 -m medusa.service.grpc.server 2>&1) + out=$(/home/cassandra/.venv/bin/python${{vars.py-version}} -m medusa.service.grpc.server 2>&1) status=$? echo "$out" | grep -q '/etc/medusa/medusa.ini' || fail "medusa.service.grpc.server output did not contain expected 'medusa.ini' message. Exit status $status: $out" echo "medusa.service.grpc.server exited with expected error message" diff --git a/py3-parallel-ssh.yaml b/py3-parallel-ssh.yaml new file mode 100644 index 00000000000..68988ab04a0 --- /dev/null +++ b/py3-parallel-ssh.yaml @@ -0,0 +1,84 @@ +package: + name: py3-parallel-ssh + version: 2.12.0 + epoch: 2 + description: Asynchronous parallel SSH library + copyright: + - license: LGPL-2.1-or-later + dependencies: + provider-priority: 0 + +vars: + pypi-package: parallel-ssh + import: pssh + +data: + - name: py-versions + items: + 3.10: "310" + 3.11: "311" + +environment: + contents: + packages: + - build-base + - busybox + - ca-certificates-bundle + - py3-supported-build-base + - wolfi-base + +pipeline: + - uses: fetch + with: + expected-sha256: be2c06ee8765273d204e00f82afae2dace5eebaefc5343d1dfc64513642161e0 + uri: https://files.pythonhosted.org/packages/source/p/parallel-ssh/parallel-ssh-${{package.version}}.tar.gz + + - uses: patch + with: + patches: config-parser.patch + +subpackages: + - range: py-versions + name: py${{range.key}}-${{vars.pypi-package}} + description: python${{range.key}} version of ${{vars.pypi-package}} + dependencies: + provides: + - py3-${{vars.pypi-package}} + provider-priority: ${{range.value}} + runtime: + - py${{range.key}}-gevent + - py${{range.key}}-ssh2-python + - py${{range.key}}-ssh-python + pipeline: + - uses: py/pip-build-install + with: + python: python${{range.key}} + - uses: strip + test: + pipeline: + - uses: python/import + with: + python: python${{range.key}} + import: ${{vars.import}} + + - name: py3-supported-${{vars.pypi-package}} + description: meta package providing ${{vars.pypi-package}} for supported python versions. + dependencies: + runtime: + - py3.10-${{vars.pypi-package}} + - py3.11-${{vars.pypi-package}} + test: + pipeline: + - uses: python/import + with: + python: python3.10 + import: ${{vars.import}} + - uses: python/import + with: + python: python3.11 + import: ${{vars.import}} + +update: + enabled: true + release-monitor: + identifier: 7890 diff --git a/py3-parallel-ssh/config-parser.patch b/py3-parallel-ssh/config-parser.patch new file mode 100644 index 00000000000..c04c7c030b0 --- /dev/null +++ b/py3-parallel-ssh/config-parser.patch @@ -0,0 +1,16 @@ +diff --git a/versioneer.py b/versioneer.py +index a287060..eafcdac 100644 +--- a/versioneer.py ++++ b/versioneer.py +@@ -339,9 +339,9 @@ def get_config_from_root(root): + # configparser.NoOptionError (if it lacks "VCS="). See the docstring at + # the top of versioneer.py for instructions on writing your setup.cfg . + setup_cfg = os.path.join(root, "setup.cfg") +- parser = configparser.SafeConfigParser() ++ parser = configparser.ConfigParser() + with open(setup_cfg, "r") as f: +- parser.readfp(f) ++ parser.read_file(f) + VCS = parser.get("versioneer", "VCS") # mandatory + + def get(parser, name): diff --git a/py3-ssh-python.yaml b/py3-ssh-python.yaml new file mode 100644 index 00000000000..e2224709e9f --- /dev/null +++ b/py3-ssh-python.yaml @@ -0,0 +1,91 @@ +package: + name: py3-ssh-python + version: 1.0.0 + epoch: 2 + description: libssh C library bindings for Python. + copyright: + - license: LGPL-2.1-only + dependencies: + provider-priority: 0 + +vars: + pypi-package: ssh-python + import: ssh + +data: + - name: py-versions + items: + 3.10: "310" + 3.11: "311" + +environment: + contents: + packages: + - build-base + - ca-certificates-bundle + - cmake + - libssh2 + - libssh2-dev + - libssl3 + - openssl + - openssl-dev + - py3-supported-build-base-dev + - zlib + - zlib-dev + +pipeline: + - uses: git-checkout + with: + expected-commit: a62aaf26aa18b861242364ddf3c18bc5d8343ae6 + repository: https://github.com/ParallelSSH/ssh-python + tag: ${{package.version}} + + - uses: patch + with: + patches: config-parser.patch + +subpackages: + - range: py-versions + name: py${{range.key}}-${{vars.pypi-package}} + description: python${{range.key}} version of ${{vars.pypi-package}} + dependencies: + provides: + - py3-${{vars.pypi-package}} + provider-priority: ${{range.value}} + pipeline: + - uses: py/pip-build-install + with: + python: python${{range.key}} + - uses: strip + test: + pipeline: + - uses: python/import + with: + python: python${{range.key}} + import: ${{vars.import}} + + - name: py3-supported-${{vars.pypi-package}} + description: meta package providing ${{vars.pypi-package}} for supported python versions. + dependencies: + runtime: + - py3.10-${{vars.pypi-package}} + - py3.11-${{vars.pypi-package}} + test: + pipeline: + - uses: python/import + with: + python: python3.10 + import: ${{vars.import}} + - uses: python/import + with: + python: python3.11 + import: ${{vars.import}} + - uses: strip + +update: + enabled: true + ignore-regex-patterns: + - (.*).post(.*) + - 03.0 + github: + identifier: ParallelSSH/ssh-python diff --git a/py3-ssh-python/config-parser.patch b/py3-ssh-python/config-parser.patch new file mode 100644 index 00000000000..ff392c2ce88 --- /dev/null +++ b/py3-ssh-python/config-parser.patch @@ -0,0 +1,16 @@ +diff --git a/versioneer.py b/versioneer.py +index a287060..eafcdac 100644 +--- a/versioneer.py ++++ b/versioneer.py +@@ -339,9 +339,9 @@ def get_config_from_root(root): + # configparser.NoOptionError (if it lacks "VCS="). See the docstring at + # the top of versioneer.py for instructions on writing your setup.cfg . + setup_cfg = os.path.join(root, "setup.cfg") +- parser = configparser.SafeConfigParser() ++ parser = configparser.ConfigParser() + with open(setup_cfg, "r") as f: +- parser.readfp(f) ++ parser.read_file(f) + VCS = parser.get("versioneer", "VCS") # mandatory + + def get(parser, name): \ No newline at end of file diff --git a/py3-ssh2-python.yaml b/py3-ssh2-python.yaml new file mode 100644 index 00000000000..7d587cb3ab1 --- /dev/null +++ b/py3-ssh2-python.yaml @@ -0,0 +1,90 @@ +# Generated from https://pypi.org/project/ssh2-python/ +package: + name: py3-ssh2-python + version: 1.0.0 + epoch: 2 + description: Bindings for libssh2 C library + copyright: + - license: LGPL-2.1-only + dependencies: + provider-priority: 0 + +vars: + pypi-package: ssh2-python + import: ssh2 + +data: + - name: py-versions + items: + 3.10: "310" + 3.11: "311" + +environment: + contents: + packages: + - build-base + - ca-certificates-bundle + - cmake + - libssh2 + - libssh2-dev + - libssl3 + - openssl + - openssl-dev + - py3-supported-build-base-dev + - zlib + - zlib-dev + +pipeline: + - uses: git-checkout + with: + expected-commit: 018fd695ebadad7eed102ec3a00dcfa70cf44e83 + repository: https://github.com/ParallelSSH/ssh2-python + tag: ${{package.version}} + + - uses: patch + with: + patches: config-parser.patch + +subpackages: + - range: py-versions + name: py${{range.key}}-${{vars.pypi-package}} + description: python${{range.key}} version of ${{vars.pypi-package}} + dependencies: + provides: + - py3-${{vars.pypi-package}} + provider-priority: ${{range.value}} + pipeline: + - uses: py/pip-build-install + with: + python: python${{range.key}} + - uses: strip + test: + pipeline: + - uses: python/import + with: + python: python${{range.key}} + import: ${{vars.import}} + + - name: py3-supported-${{vars.pypi-package}} + description: meta package providing ${{vars.pypi-package}} for supported python versions. + dependencies: + runtime: + - py3.10-${{vars.pypi-package}} + - py3.11-${{vars.pypi-package}} + test: + pipeline: + - uses: python/import + with: + python: python3.10 + import: ${{vars.import}} + - uses: python/import + with: + python: python3.11 + import: ${{vars.import}} + +update: + enabled: true + ignore-regex-patterns: + - (.*).post(.*) + github: + identifier: ParallelSSH/ssh2-python diff --git a/py3-ssh2-python/config-parser.patch b/py3-ssh2-python/config-parser.patch new file mode 100644 index 00000000000..ff392c2ce88 --- /dev/null +++ b/py3-ssh2-python/config-parser.patch @@ -0,0 +1,16 @@ +diff --git a/versioneer.py b/versioneer.py +index a287060..eafcdac 100644 +--- a/versioneer.py ++++ b/versioneer.py +@@ -339,9 +339,9 @@ def get_config_from_root(root): + # configparser.NoOptionError (if it lacks "VCS="). See the docstring at + # the top of versioneer.py for instructions on writing your setup.cfg . + setup_cfg = os.path.join(root, "setup.cfg") +- parser = configparser.SafeConfigParser() ++ parser = configparser.ConfigParser() + with open(setup_cfg, "r") as f: +- parser.readfp(f) ++ parser.read_file(f) + VCS = parser.get("versioneer", "VCS") # mandatory + + def get(parser, name): \ No newline at end of file