diff --git a/.azure-pipelines/azure-pipelines-linux.yml b/.azure-pipelines/azure-pipelines-linux.yml deleted file mode 100755 index 66da000d2..000000000 --- a/.azure-pipelines/azure-pipelines-linux.yml +++ /dev/null @@ -1,99 +0,0 @@ -# This file was generated automatically from conda-smithy. To update this configuration, -# update the conda-forge.yml and/or the recipe/meta.yaml. -# -*- mode: yaml -*- - -jobs: -- job: linux - pool: - vmImage: ubuntu-latest - strategy: - matrix: - linux_64_build_typedebugchannel_targetsconda-forge_python_debug: - CONFIG: linux_64_build_typedebugchannel_targetsconda-forge_python_debug - UPLOAD_PACKAGES: 'True' - DOCKER_IMAGE: quay.io/condaforge/linux-anvil-x86_64:alma9 - SHORT_CONFIG: linux_64_build_typedebugchannel_targetsc_hcab9fe85 - linux_64_build_typereleasechannel_targetsconda-forge_main: - CONFIG: linux_64_build_typereleasechannel_targetsconda-forge_main - UPLOAD_PACKAGES: 'True' - DOCKER_IMAGE: quay.io/condaforge/linux-anvil-x86_64:alma9 - SHORT_CONFIG: linux_64_build_typereleasechannel_target_h0a44af7c - linux_aarch64_build_typedebugchannel_targetsconda-forge_python_debug: - CONFIG: linux_aarch64_build_typedebugchannel_targetsconda-forge_python_debug - UPLOAD_PACKAGES: 'True' - DOCKER_IMAGE: quay.io/condaforge/linux-anvil-x86_64:alma9 - SHORT_CONFIG: linux_aarch64_build_typedebugchannel_tar_h4e1127e8 - linux_aarch64_build_typereleasechannel_targetsconda-forge_main: - CONFIG: linux_aarch64_build_typereleasechannel_targetsconda-forge_main - UPLOAD_PACKAGES: 'True' - DOCKER_IMAGE: quay.io/condaforge/linux-anvil-x86_64:alma9 - SHORT_CONFIG: linux_aarch64_build_typereleasechannel_t_hcde06680 - linux_ppc64le_build_typedebugchannel_targetsconda-forge_python_debug: - CONFIG: linux_ppc64le_build_typedebugchannel_targetsconda-forge_python_debug - UPLOAD_PACKAGES: 'True' - DOCKER_IMAGE: quay.io/condaforge/linux-anvil-x86_64:alma9 - SHORT_CONFIG: linux_ppc64le_build_typedebugchannel_tar_he8193b4f - linux_ppc64le_build_typereleasechannel_targetsconda-forge_main: - CONFIG: linux_ppc64le_build_typereleasechannel_targetsconda-forge_main - UPLOAD_PACKAGES: 'True' - DOCKER_IMAGE: quay.io/condaforge/linux-anvil-x86_64:alma9 - SHORT_CONFIG: linux_ppc64le_build_typereleasechannel_t_h12bca821 - timeoutInMinutes: 360 - variables: {} - - steps: - # configure qemu binfmt-misc running. This allows us to run docker containers - # embedded qemu-static - - script: | - docker run --rm --privileged multiarch/qemu-user-static:register --reset --credential yes - ls /proc/sys/fs/binfmt_misc/ - condition: not(startsWith(variables['CONFIG'], 'linux_64')) - displayName: Configure binfmt_misc - - - script: | - export CI=azure - export flow_run_id=azure_$(Build.BuildNumber).$(System.JobAttempt) - export remote_url=$(Build.Repository.Uri) - export sha=$(Build.SourceVersion) - export GIT_BRANCH=$BUILD_SOURCEBRANCHNAME - export FEEDSTOCK_NAME=$(basename ${BUILD_REPOSITORY_NAME}) - if [[ "${BUILD_REASON:-}" == "PullRequest" ]]; then - export IS_PR_BUILD="True" - else - export IS_PR_BUILD="False" - fi - .scripts/run_docker_build.sh - displayName: Run docker build - env: - BINSTAR_TOKEN: $(BINSTAR_TOKEN) - FEEDSTOCK_TOKEN: $(FEEDSTOCK_TOKEN) - STAGING_BINSTAR_TOKEN: $(STAGING_BINSTAR_TOKEN) - - script: | - export CI=azure - export CI_RUN_ID=$(build.BuildNumber).$(system.JobAttempt) - export FEEDSTOCK_NAME=$(basename ${BUILD_REPOSITORY_NAME}) - export CONDA_BLD_DIR=build_artifacts - export ARTIFACT_STAGING_DIR="$(Build.ArtifactStagingDirectory)" - # Archive everything in CONDA_BLD_DIR except environments - export BLD_ARTIFACT_PREFIX=conda_artifacts - if [[ "$AGENT_JOBSTATUS" == "Failed" ]]; then - # Archive the CONDA_BLD_DIR environments only when the job fails - export ENV_ARTIFACT_PREFIX=conda_envs - fi - ./.scripts/create_conda_build_artifacts.sh - displayName: Prepare conda build artifacts - condition: succeededOrFailed() - - - task: PublishPipelineArtifact@1 - displayName: Store conda build artifacts - condition: not(eq(variables.BLD_ARTIFACT_PATH, '')) - inputs: - targetPath: $(BLD_ARTIFACT_PATH) - artifactName: $(BLD_ARTIFACT_NAME) - - - task: PublishPipelineArtifact@1 - displayName: Store conda build environment artifacts - condition: not(eq(variables.ENV_ARTIFACT_PATH, '')) - inputs: - targetPath: $(ENV_ARTIFACT_PATH) - artifactName: $(ENV_ARTIFACT_NAME) diff --git a/.azure-pipelines/azure-pipelines-osx.yml b/.azure-pipelines/azure-pipelines-osx.yml index e8437570a..6c15ca81d 100755 --- a/.azure-pipelines/azure-pipelines-osx.yml +++ b/.azure-pipelines/azure-pipelines-osx.yml @@ -11,29 +11,43 @@ jobs: osx_64_build_typedebugchannel_targetsconda-forge_python_debug: CONFIG: osx_64_build_typedebugchannel_targetsconda-forge_python_debug UPLOAD_PACKAGES: 'True' - SHORT_CONFIG: osx_64_build_typedebugchannel_targetscon_h34364035 VMIMAGE: macOS-15 + build_workspace_dir: ~/miniforge3/conda-bld + store_build_artifacts: true + tools_install_dir: ~/miniforge3 + SHORT_CONFIG: osx_64_build_typedebugchannel_targetscon_h34364035 osx_64_build_typereleasechannel_targetsconda-forge_main: CONFIG: osx_64_build_typereleasechannel_targetsconda-forge_main UPLOAD_PACKAGES: 'True' - SHORT_CONFIG: osx_64_build_typereleasechannel_targetsc_h21740193 VMIMAGE: macOS-15 + build_workspace_dir: ~/miniforge3/conda-bld + store_build_artifacts: true + tools_install_dir: ~/miniforge3 + SHORT_CONFIG: osx_64_build_typereleasechannel_targetsc_h21740193 osx_arm64_build_typedebugchannel_targetsconda-forge_python_debug: CONFIG: osx_arm64_build_typedebugchannel_targetsconda-forge_python_debug UPLOAD_PACKAGES: 'True' + VMIMAGE: macOS-15-arm64 + build_workspace_dir: ~/miniforge3/conda-bld + store_build_artifacts: true + tools_install_dir: ~/miniforge3 SHORT_CONFIG: osx_arm64_build_typedebugchannel_targets_h18126b8f - VMIMAGE: macOS-15 osx_arm64_build_typereleasechannel_targetsconda-forge_main: CONFIG: osx_arm64_build_typereleasechannel_targetsconda-forge_main UPLOAD_PACKAGES: 'True' + VMIMAGE: macOS-15-arm64 + build_workspace_dir: ~/miniforge3/conda-bld + store_build_artifacts: true + tools_install_dir: ~/miniforge3 SHORT_CONFIG: osx_arm64_build_typereleasechannel_targe_hbf952199 - VMIMAGE: macOS-15 timeoutInMinutes: 360 variables: {} steps: # TODO: Fast finish on azure pipelines? - script: | + export MINIFORGE_HOME=$(tools_install_dir) + export CONDA_BLD_PATH=$(build_workspace_dir) export CI=azure export flow_run_id=azure_$(Build.BuildNumber).$(System.JobAttempt) export remote_url=$(Build.Repository.Uri) @@ -52,21 +66,23 @@ jobs: BINSTAR_TOKEN: $(BINSTAR_TOKEN) FEEDSTOCK_TOKEN: $(FEEDSTOCK_TOKEN) STAGING_BINSTAR_TOKEN: $(STAGING_BINSTAR_TOKEN) + - script: | + export MINIFORGE_HOME=$(tools_install_dir) + export CONDA_BLD_PATH=$(build_workspace_dir) export CI=azure export CI_RUN_ID=$(build.BuildNumber).$(system.JobAttempt) export FEEDSTOCK_NAME=$(basename ${BUILD_REPOSITORY_NAME}) - export CONDA_BLD_DIR=/Users/runner/miniforge3/conda-bld export ARTIFACT_STAGING_DIR="$(Build.ArtifactStagingDirectory)" - # Archive everything in CONDA_BLD_DIR except environments + # Archive everything in CONDA_BLD_PATH except environments export BLD_ARTIFACT_PREFIX=conda_artifacts if [[ "$AGENT_JOBSTATUS" == "Failed" ]]; then - # Archive the CONDA_BLD_DIR environments only when the job fails + # Archive the CONDA_BLD_PATH environments only when the job fails export ENV_ARTIFACT_PREFIX=conda_envs fi ./.scripts/create_conda_build_artifacts.sh displayName: Prepare conda build artifacts - condition: succeededOrFailed() + condition: and(succeededOrFailed(), eq(variables.store_build_artifacts, true)) - task: PublishPipelineArtifact@1 displayName: Store conda build artifacts diff --git a/.azure-pipelines/azure-pipelines-win.yml b/.azure-pipelines/azure-pipelines-win.yml index 4c11f4748..d364ba781 100755 --- a/.azure-pipelines/azure-pipelines-win.yml +++ b/.azure-pipelines/azure-pipelines-win.yml @@ -11,11 +11,12 @@ jobs: win_64_: CONFIG: win_64_ UPLOAD_PACKAGES: 'True' + build_workspace_dir: D:\\bld\\ + store_build_artifacts: true + tools_install_dir: D:\Miniforge SHORT_CONFIG: win_64_ timeoutInMinutes: 360 variables: - CONDA_BLD_PATH: D:\\bld\\ - MINIFORGE_HOME: D:\Miniforge UPLOAD_TEMP: D:\\tmp steps: @@ -24,8 +25,8 @@ jobs: call ".scripts\run_win_build.bat" displayName: Run Windows build env: - MINIFORGE_HOME: $(MINIFORGE_HOME) - CONDA_BLD_PATH: $(CONDA_BLD_PATH) + MINIFORGE_HOME: $(tools_install_dir) + CONDA_BLD_PATH: $(build_workspace_dir) PYTHONUNBUFFERED: 1 CONFIG: $(CONFIG) CI: azure @@ -37,20 +38,21 @@ jobs: BINSTAR_TOKEN: $(BINSTAR_TOKEN) FEEDSTOCK_TOKEN: $(FEEDSTOCK_TOKEN) STAGING_BINSTAR_TOKEN: $(STAGING_BINSTAR_TOKEN) + - script: | - set MINIFORGE_HOME=$(MINIFORGE_HOME) + set MINIFORGE_HOME=$(tools_install_dir) + set CONDA_BLD_PATH=$(build_workspace_dir) set CI=azure set CI_RUN_ID=$(build.BuildNumber).$(system.JobAttempt) set FEEDSTOCK_NAME=$(build.Repository.Name) set ARTIFACT_STAGING_DIR=$(Build.ArtifactStagingDirectory) - set CONDA_BLD_DIR=$(CONDA_BLD_PATH) set BLD_ARTIFACT_PREFIX=conda_artifacts if "%AGENT_JOBSTATUS%" == "Failed" ( set ENV_ARTIFACT_PREFIX=conda_envs ) call ".scripts\create_conda_build_artifacts.bat" displayName: Prepare conda build artifacts - condition: succeededOrFailed() + condition: and(succeededOrFailed(), eq(variables.store_build_artifacts, true)) - task: PublishPipelineArtifact@1 displayName: Store conda build artifacts diff --git a/.ci_support/linux_aarch64_build_typedebugchannel_targetsconda-forge_python_debug.yaml b/.ci_support/linux_aarch64_build_typedebugchannel_targetsconda-forge_python_debug.yaml index 6b9f80831..ced3e0756 100644 --- a/.ci_support/linux_aarch64_build_typedebugchannel_targetsconda-forge_python_debug.yaml +++ b/.ci_support/linux_aarch64_build_typedebugchannel_targetsconda-forge_python_debug.yaml @@ -19,7 +19,7 @@ cxx_compiler: cxx_compiler_version: - '14' docker_image: -- quay.io/condaforge/linux-anvil-x86_64:alma9 +- quay.io/condaforge/linux-anvil-aarch64:alma9 expat: - '2' libffi: diff --git a/.ci_support/linux_aarch64_build_typereleasechannel_targetsconda-forge_main.yaml b/.ci_support/linux_aarch64_build_typereleasechannel_targetsconda-forge_main.yaml index 7c338a89b..831bf9f01 100644 --- a/.ci_support/linux_aarch64_build_typereleasechannel_targetsconda-forge_main.yaml +++ b/.ci_support/linux_aarch64_build_typereleasechannel_targetsconda-forge_main.yaml @@ -19,7 +19,7 @@ cxx_compiler: cxx_compiler_version: - '14' docker_image: -- quay.io/condaforge/linux-anvil-x86_64:alma9 +- quay.io/condaforge/linux-anvil-aarch64:alma9 expat: - '2' libffi: diff --git a/.github/workflows/conda-build.yml b/.github/workflows/conda-build.yml new file mode 100644 index 000000000..13c8050e5 --- /dev/null +++ b/.github/workflows/conda-build.yml @@ -0,0 +1,247 @@ +# This file was generated automatically from conda-smithy. To update this configuration, +# update the conda-forge.yml and/or the recipe/meta.yaml. +# -*- mode: yaml -*- + +name: Build conda package +on: + push: + + pull_request: + +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }} + cancel-in-progress: true + +jobs: + build: + name: ${{ matrix.CONFIG }} + runs-on: ${{ matrix.runs_on }} + timeout-minutes: 360 + strategy: + fail-fast: false + max-parallel: 50 + matrix: + include: + - CONFIG: linux_64_build_typedebugchannel_targetsconda-forge_python_debug + STORE_BUILD_ARTIFACTS: True + SHORT_CONFIG: linux_64_build_typedebugchannel_targetsc_hcab9fe85 + UPLOAD_PACKAGES: True + os: ubuntu + runs_on: ['ubuntu-latest'] + DOCKER_IMAGE: quay.io/condaforge/linux-anvil-x86_64:alma9 + tools_install_dir: ~/miniforge3 + build_workspace_dir: build_artifacts + docker_run_args: + - CONFIG: linux_64_build_typereleasechannel_targetsconda-forge_main + STORE_BUILD_ARTIFACTS: True + SHORT_CONFIG: linux_64_build_typereleasechannel_target_h0a44af7c + UPLOAD_PACKAGES: True + os: ubuntu + runs_on: ['ubuntu-latest'] + DOCKER_IMAGE: quay.io/condaforge/linux-anvil-x86_64:alma9 + tools_install_dir: ~/miniforge3 + build_workspace_dir: build_artifacts + docker_run_args: + - CONFIG: linux_aarch64_build_typedebugchannel_targetsconda-forge_python_debug + STORE_BUILD_ARTIFACTS: True + SHORT_CONFIG: linux_aarch64_build_typedebugchannel_tar_h4e1127e8 + UPLOAD_PACKAGES: True + os: ubuntu + runs_on: ['ubuntu-24.04-arm'] + DOCKER_IMAGE: quay.io/condaforge/linux-anvil-aarch64:alma9 + tools_install_dir: ~/miniforge3 + build_workspace_dir: build_artifacts + docker_run_args: + - CONFIG: linux_aarch64_build_typereleasechannel_targetsconda-forge_main + STORE_BUILD_ARTIFACTS: True + SHORT_CONFIG: linux_aarch64_build_typereleasechannel_t_hcde06680 + UPLOAD_PACKAGES: True + os: ubuntu + runs_on: ['ubuntu-24.04-arm'] + DOCKER_IMAGE: quay.io/condaforge/linux-anvil-aarch64:alma9 + tools_install_dir: ~/miniforge3 + build_workspace_dir: build_artifacts + docker_run_args: + - CONFIG: linux_ppc64le_build_typedebugchannel_targetsconda-forge_python_debug + STORE_BUILD_ARTIFACTS: True + SHORT_CONFIG: linux_ppc64le_build_typedebugchannel_tar_he8193b4f + UPLOAD_PACKAGES: True + os: ubuntu + runs_on: ['ubuntu-latest'] + DOCKER_IMAGE: quay.io/condaforge/linux-anvil-x86_64:alma9 + tools_install_dir: ~/miniforge3 + build_workspace_dir: build_artifacts + docker_run_args: + - CONFIG: linux_ppc64le_build_typereleasechannel_targetsconda-forge_main + STORE_BUILD_ARTIFACTS: True + SHORT_CONFIG: linux_ppc64le_build_typereleasechannel_t_h12bca821 + UPLOAD_PACKAGES: True + os: ubuntu + runs_on: ['ubuntu-latest'] + DOCKER_IMAGE: quay.io/condaforge/linux-anvil-x86_64:alma9 + tools_install_dir: ~/miniforge3 + build_workspace_dir: build_artifacts + docker_run_args: + steps: + + - name: Checkout code + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + + - name: Build on Linux + id: build-linux + if: matrix.os == 'ubuntu' + env: + MINIFORGE_HOME: ${{ matrix.tools_install_dir }} + CONDA_BLD_PATH: ${{ matrix.build_workspace_dir }} + CONFIG: ${{ matrix.CONFIG }} + UPLOAD_PACKAGES: ${{ matrix.UPLOAD_PACKAGES }} + DOCKER_IMAGE: ${{ matrix.DOCKER_IMAGE }} + CI: github_actions + CONDA_FORGE_DOCKER_RUN_ARGS: "${{ matrix.docker_run_args }}" + BINSTAR_TOKEN: ${{ secrets.BINSTAR_TOKEN }} + FEEDSTOCK_TOKEN: ${{ secrets.FEEDSTOCK_TOKEN }} + STAGING_BINSTAR_TOKEN: ${{ secrets.STAGING_BINSTAR_TOKEN }} + shell: bash + run: | + if [[ "$(uname -m)" == "x86_64" ]]; then + echo "::group::Configure binfmt_misc" + docker run --rm --privileged multiarch/qemu-user-static:register --reset --credential yes + fi + export flow_run_id="github_$GITHUB_RUN_ID" + export remote_url="https://github.com/$GITHUB_REPOSITORY" + export sha="$GITHUB_SHA" + export FEEDSTOCK_NAME="$(basename $GITHUB_REPOSITORY)" + export GIT_BRANCH="$(basename $GITHUB_REF)" + if [[ "${GITHUB_EVENT_NAME}" == "pull_request" ]]; then + export IS_PR_BUILD="True" + else + export IS_PR_BUILD="False" + fi + export MINIFORGE_HOME="${MINIFORGE_HOME/#~/${HOME}}" + export CONDA_BLD_PATH="${CONDA_BLD_PATH/#~/${HOME}}" + echo "::endgroup::" + ./.scripts/run_docker_build.sh + + - name: Build on macOS + id: build-macos + if: matrix.os == 'macos' + env: + MINIFORGE_HOME: ${{ matrix.tools_install_dir }} + CONDA_BLD_PATH: ${{ matrix.build_workspace_dir }} + CONFIG: ${{ matrix.CONFIG }} + UPLOAD_PACKAGES: ${{ matrix.UPLOAD_PACKAGES }} + CI: github_actions + BINSTAR_TOKEN: ${{ secrets.BINSTAR_TOKEN }} + FEEDSTOCK_TOKEN: ${{ secrets.FEEDSTOCK_TOKEN }} + STAGING_BINSTAR_TOKEN: ${{ secrets.STAGING_BINSTAR_TOKEN }} + shell: bash + run: | + export flow_run_id="github_$GITHUB_RUN_ID" + export remote_url="https://github.com/$GITHUB_REPOSITORY" + export sha="$GITHUB_SHA" + export FEEDSTOCK_NAME="$(basename $GITHUB_REPOSITORY)" + export GIT_BRANCH="$(basename $GITHUB_REF)" + if [[ "${GITHUB_EVENT_NAME}" == "pull_request" ]]; then + export IS_PR_BUILD="True" + else + export IS_PR_BUILD="False" + fi + export MINIFORGE_HOME="${MINIFORGE_HOME/#~/${HOME}}" + export CONDA_BLD_PATH="${CONDA_BLD_PATH/#~/${HOME}}" + ./.scripts/run_osx_build.sh + + - name: Build on windows + id: build-windows + if: matrix.os == 'windows' + shell: cmd + run: | + set "flow_run_id=github_%GITHUB_RUN_ID%" + set "remote_url=https://github.com/%GITHUB_REPOSITORY%" + set "sha=%GITHUB_SHA%" + call ".scripts\run_win_build.bat" + env: + MINIFORGE_HOME: ${{ matrix.tools_install_dir }} + CONDA_BLD_PATH: ${{ matrix.build_workspace_dir }} + PYTHONUNBUFFERED: 1 + CONFIG: ${{ matrix.CONFIG }} + CI: github_actions + UPLOAD_PACKAGES: ${{ matrix.UPLOAD_PACKAGES }} + BINSTAR_TOKEN: ${{ secrets.BINSTAR_TOKEN }} + FEEDSTOCK_TOKEN: ${{ secrets.FEEDSTOCK_TOKEN }} + STAGING_BINSTAR_TOKEN: ${{ secrets.STAGING_BINSTAR_TOKEN }} + + - name: Determine build outcome + # this is to merge the status of the linux/osx/win builds into + # something we can easily reuse during artefact generation + id: determine-status + if: ${{ always() }} + shell: bash + env: + OS: ${{ matrix.os }} + run: | + if [[ "$OS" == "ubuntu" ]]; then + STATUS=${{ steps.build-linux.outcome }} + elif [[ "$OS" == "macos" ]]; then + STATUS=${{ steps.build-macos.outcome }} + elif [[ "$OS" == "windows" ]]; then + STATUS=${{ steps.build-windows.outcome }} + fi + if [ -z "$STATUS" ]; then + # steps that never ran will have empty status + STATUS="cancelled" + fi + echo "status=$STATUS" >> $GITHUB_OUTPUT + + - name: Prepare conda build artifacts + continue-on-error: true + id: prepare-artifacts + shell: bash + # we do not want to trigger artefact creation if the build was cancelled + if: ${{ always() && steps.determine-status.outputs.status != 'cancelled' && matrix.STORE_BUILD_ARTIFACTS }} + env: + CONDA_BLD_PATH: ${{ matrix.build_workspace_dir }} + CI: github_actions + CONFIG: ${{ matrix.CONFIG }} + SHORT_CONFIG: ${{ matrix.SHORT_CONFIG }} + JOB_STATUS: ${{ steps.determine-status.outputs.status }} + OS: ${{ matrix.os }} + run: | + export MINIFORGE_HOME="${MINIFORGE_HOME/#~/${HOME}}" + export CONDA_BLD_PATH="${CONDA_BLD_PATH/#~/${HOME}}" + export CI_RUN_ID=$GITHUB_RUN_ID + export FEEDSTOCK_NAME="$(basename $GITHUB_REPOSITORY)" + export ARTIFACT_STAGING_DIR="$GITHUB_WORKSPACE" + # Archive everything in CONDA_BLD_PATH except environments + # Archive the CONDA_BLD_PATH environments only when the job fails + # Use different prefix for successful and failed build artifacts + # so random failures don't prevent rebuilds from creating artifacts. + if [ $JOB_STATUS == "failure" ]; then + export BLD_ARTIFACT_PREFIX="conda_artifacts" + export ENV_ARTIFACT_PREFIX="conda_envs" + else + export BLD_ARTIFACT_PREFIX="conda_pkgs" + fi + if [ $OS == "windows" ]; then + pwsh -Command ". '.scripts/create_conda_build_artifacts.bat'" + else + ./.scripts/create_conda_build_artifacts.sh + fi + + - name: Store conda build artifacts + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 + if: ${{ always() && steps.prepare-artifacts.outcome == 'success' }} + with: + name: ${{ steps.prepare-artifacts.outputs.BLD_ARTIFACT_NAME }} + path: ${{ steps.prepare-artifacts.outputs.BLD_ARTIFACT_PATH }} + retention-days: 14 + continue-on-error: true + + - name: Store conda build environment artifacts + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 + # only relevant if build failed, see above + if: ${{ always() && steps.determine-status.outputs.status == 'failure' && steps.prepare-artifacts.outcome == 'success' }} + with: + name: ${{ steps.prepare-artifacts.outputs.ENV_ARTIFACT_NAME }} + path: ${{ steps.prepare-artifacts.outputs.ENV_ARTIFACT_PATH }} + retention-days: 14 + continue-on-error: true \ No newline at end of file diff --git a/.gitignore b/.gitignore index 47b5408a8..86a9c55b4 100644 --- a/.gitignore +++ b/.gitignore @@ -6,6 +6,7 @@ # Ignore all files and folders in root * !/conda-forge.yml +!.recipe_maintainers.json # Don't ignore any files/folders if the parent folder is 'un-ignored' # This also avoids warnings when adding an already-checked file with an ignored parent. diff --git a/.scripts/build_steps.sh b/.scripts/build_steps.sh index 780a358ff..c83e212f4 100755 --- a/.scripts/build_steps.sh +++ b/.scripts/build_steps.sh @@ -20,6 +20,7 @@ export PYTHONUNBUFFERED=1 export RECIPE_ROOT="${RECIPE_ROOT:-/home/conda/recipe_root}" export CI_SUPPORT="${FEEDSTOCK_ROOT}/.ci_support" export CONFIG_FILE="${CI_SUPPORT}/${CONFIG}.yaml" +export RATTLER_CACHE_DIR="${FEEDSTOCK_ROOT}/build_artifacts/pkg_cache" cat >~/.condarc < /opt/conda/conda-meta/history micromamba install --root-prefix ~/.conda --prefix /opt/conda \ --yes --override-channels --channel conda-forge --strict-channel-priority \ - pip python=3.12 conda-build conda-forge-ci-setup=4 "conda-build>=24.1" + pip python=3.12 conda-build conda-forge-ci-setup=4 "conda-build>=26.3" export CONDA_LIBMAMBA_SOLVER_NO_CHANNELS_FROM_INSTALLED=1 # set up the condarc diff --git a/.scripts/create_conda_build_artifacts.bat b/.scripts/create_conda_build_artifacts.bat index 0bb6fc0bf..6120712cc 100755 --- a/.scripts/create_conda_build_artifacts.bat +++ b/.scripts/create_conda_build_artifacts.bat @@ -7,7 +7,7 @@ rem CI_RUN_ID (unique identifier for the CI job run) rem FEEDSTOCK_NAME rem CONFIG (build matrix configuration string) rem SHORT_CONFIG (uniquely-shortened configuration string) -rem CONDA_BLD_DIR (path to the conda-bld directory) +rem CONDA_BLD_PATH (path to the conda-bld directory) rem ARTIFACT_STAGING_DIR (use working directory if unset) rem BLD_ARTIFACT_PREFIX (prefix for the conda build artifact name, skip if unset) rem ENV_ARTIFACT_PREFIX (prefix for the conda build environments artifact name, skip if unset) @@ -20,7 +20,7 @@ rem ENV_ARTIFACT_NAME rem ENV_ARTIFACT_PATH rem Check that the conda-build directory exists -if not exist %CONDA_BLD_DIR% ( +if not exist %CONDA_BLD_PATH% ( echo conda-build directory does not exist exit 1 ) @@ -42,7 +42,7 @@ if defined BLD_ARTIFACT_PREFIX ( echo BLD_ARTIFACT_NAME: !BLD_ARTIFACT_NAME! set "BLD_ARTIFACT_PATH=%ARTIFACT_STAGING_DIR%\%FEEDSTOCK_NAME%_%BLD_ARTIFACT_PREFIX%_%ARCHIVE_UNIQUE_ID%.zip" - 7z a "!BLD_ARTIFACT_PATH!" "%CONDA_BLD_DIR%" -xr^^!.git/ -xr^^!_*_env*/ -xr^^!*_cache/ -bb + 7z a "!BLD_ARTIFACT_PATH!" "%CONDA_BLD_PATH%" -xr^^!.git/ -xr^^!_*_env*/ -xr^^!*_cache/ -bb if errorlevel 1 exit 1 echo BLD_ARTIFACT_PATH: !BLD_ARTIFACT_PATH! @@ -62,7 +62,7 @@ if defined ENV_ARTIFACT_PREFIX ( echo ENV_ARTIFACT_NAME: !ENV_ARTIFACT_NAME! set "ENV_ARTIFACT_PATH=%ARTIFACT_STAGING_DIR%\%FEEDSTOCK_NAME%_%ENV_ARTIFACT_PREFIX%_%ARCHIVE_UNIQUE_ID%.zip" - 7z a "!ENV_ARTIFACT_PATH!" -r "%CONDA_BLD_DIR%"/_*_env*/ -bb + 7z a "!ENV_ARTIFACT_PATH!" -r "%CONDA_BLD_PATH%"/_*_env*/ -bb if errorlevel 1 exit 1 echo ENV_ARTIFACT_PATH: !ENV_ARTIFACT_PATH! diff --git a/.scripts/create_conda_build_artifacts.sh b/.scripts/create_conda_build_artifacts.sh index 819c3b9cc..1e3acc78a 100755 --- a/.scripts/create_conda_build_artifacts.sh +++ b/.scripts/create_conda_build_artifacts.sh @@ -7,7 +7,7 @@ # FEEDSTOCK_NAME # CONFIG (build matrix configuration string) # SHORT_CONFIG (uniquely-shortened configuration string) -# CONDA_BLD_DIR (path to the conda-bld directory) +# CONDA_BLD_PATH (path to the conda-bld directory) # ARTIFACT_STAGING_DIR (use working directory if unset) # BLD_ARTIFACT_PREFIX (prefix for the conda build artifact name, skip if unset) # ENV_ARTIFACT_PREFIX (prefix for the conda build environments artifact name, skip if unset) @@ -26,7 +26,7 @@ source .scripts/logging_utils.sh set -e # Check that the conda-build directory exists -if [ ! -d "$CONDA_BLD_DIR" ]; then +if [ ! -d "$CONDA_BLD_PATH" ]; then echo "conda-build directory does not exist" exit 1 fi @@ -64,8 +64,8 @@ if [[ ! -z "$BLD_ARTIFACT_PREFIX" ]]; then ( startgroup "Archive conda build directory" ) 2> /dev/null # Try 7z and fall back to zip if it fails (for cross-platform use) - if ! 7z a "$BLD_ARTIFACT_PATH" "$CONDA_BLD_DIR" '-xr!.git/' '-xr!_*_env*/' '-xr!*_cache/' -bb; then - pushd "$CONDA_BLD_DIR" + if ! 7z a "$BLD_ARTIFACT_PATH" "$CONDA_BLD_PATH" '-xr!.git/' '-xr!_*_env*/' '-xr!*_cache/' -bb; then + pushd "$CONDA_BLD_PATH" zip -r -y -T "$BLD_ARTIFACT_PATH" . -x '*.git/*' '*_*_env*/*' '*_cache/*' popd fi @@ -92,8 +92,8 @@ if [[ ! -z "$ENV_ARTIFACT_PREFIX" ]]; then ( startgroup "Archive conda build environments" ) 2> /dev/null # Try 7z and fall back to zip if it fails (for cross-platform use) - if ! 7z a "$ENV_ARTIFACT_PATH" -r "$CONDA_BLD_DIR"/'_*_env*/' -bb; then - pushd "$CONDA_BLD_DIR" + if ! 7z a "$ENV_ARTIFACT_PATH" -r "$CONDA_BLD_PATH"/'_*_env*/' -bb; then + pushd "$CONDA_BLD_PATH" zip -r -y -T "$ENV_ARTIFACT_PATH" . -i '*_*_env*/*' popd fi diff --git a/.scripts/run_docker_build.sh b/.scripts/run_docker_build.sh index b63b5a05a..10d6a2af9 100755 --- a/.scripts/run_docker_build.sh +++ b/.scripts/run_docker_build.sh @@ -11,6 +11,8 @@ source .scripts/logging_utils.sh set -xeo pipefail +DOCKER_EXECUTABLE="${DOCKER_EXECUTABLE:-docker}" + THISDIR="$( cd "$( dirname "$0" )" >/dev/null && pwd )" PROVIDER_DIR="$(basename "$THISDIR")" @@ -27,7 +29,7 @@ if [[ "${sha:-}" == "" ]]; then popd fi -docker info +${DOCKER_EXECUTABLE} info # In order for the conda-build process in the container to write to the mounted # volumes, we need to run with the same id as the host machine, which is @@ -35,6 +37,7 @@ docker info export HOST_USER_ID=$(id -u) # Check if docker-machine is being used (normally on OSX) and get the uid from # the VM + if hash docker-machine 2> /dev/null && docker-machine active > /dev/null; then export HOST_USER_ID=$(docker-machine ssh $(docker-machine active) id -u) fi @@ -76,16 +79,34 @@ if [ -z "${CI}" ]; then DOCKER_RUN_ARGS="-it ${DOCKER_RUN_ARGS}" fi -( endgroup "Configure Docker" ) 2> /dev/null +# Default volume suffix for Docker (preserve original behavior) +VOLUME_SUFFIX=",z" +# Podman-specific handling +if [ "${DOCKER_EXECUTABLE}" = "podman" ]; then + # Fix file permissions for rootless podman builds + podman unshare chown -R ${HOST_USER_ID}:${HOST_USER_ID} "${ARTIFACTS}" + podman unshare chown -R ${HOST_USER_ID}:${HOST_USER_ID} "${RECIPE_ROOT}" + + # Add SELinux label only if enforcing + if command -v getenforce &>/dev/null && [ "$(getenforce)" = "Enforcing" ]; then + VOLUME_SUFFIX=",z" + else + VOLUME_SUFFIX="" + fi +fi + +( endgroup "Configure Docker" ) 2> /dev/null ( startgroup "Start Docker" ) 2> /dev/null export UPLOAD_PACKAGES="${UPLOAD_PACKAGES:-True}" export IS_PR_BUILD="${IS_PR_BUILD:-False}" -docker pull "${DOCKER_IMAGE}" -docker run ${DOCKER_RUN_ARGS} \ - -v "${RECIPE_ROOT}":/home/conda/recipe_root:rw,z,delegated \ - -v "${FEEDSTOCK_ROOT}":/home/conda/feedstock_root:rw,z,delegated \ + +${DOCKER_EXECUTABLE} pull "${DOCKER_IMAGE}" + +${DOCKER_EXECUTABLE} run ${DOCKER_RUN_ARGS} \ + -v "${RECIPE_ROOT}":/home/conda/recipe_root:rw${VOLUME_SUFFIX},delegated \ + -v "${FEEDSTOCK_ROOT}":/home/conda/feedstock_root:rw${VOLUME_SUFFIX},delegated \ -e CONFIG \ -e HOST_USER_ID \ -e UPLOAD_PACKAGES \ diff --git a/.scripts/run_osx_build.sh b/.scripts/run_osx_build.sh index bac7141a9..b0eda55cd 100755 --- a/.scripts/run_osx_build.sh +++ b/.scripts/run_osx_build.sh @@ -26,7 +26,7 @@ chmod +x "${micromamba_exe}" echo "Creating environment" "${micromamba_exe}" create --yes --root-prefix "${MAMBA_ROOT_PREFIX}" --prefix "${MINIFORGE_HOME}" \ --channel conda-forge \ - pip python=3.12 conda-build conda-forge-ci-setup=4 "conda-build>=24.1" + pip python=3.12 conda-build conda-forge-ci-setup=4 "conda-build>=26.3" echo "Moving pkgs cache from ${MAMBA_ROOT_PREFIX} to ${MINIFORGE_HOME}" mv "${MAMBA_ROOT_PREFIX}/pkgs" "${MINIFORGE_HOME}" echo "Cleaning up micromamba" @@ -73,7 +73,7 @@ if [[ "${OSX_SDK_DIR:-}" == "" ]]; then /usr/bin/sudo chown "${USER}" "${OSX_SDK_DIR}" fi else - if tmpf=$(mktemp -p "$OSX_SDK_DIR" tmp.XXXXXXXX 2>/dev/null); then + if tmpf=$(mktemp "$OSX_SDK_DIR"/tmp.XXXXXXXX 2>/dev/null); then rm -f "$tmpf" echo "OSX_SDK_DIR is writeable without sudo, continuing" else diff --git a/.scripts/run_win_build.bat b/.scripts/run_win_build.bat index 27c552b1a..c07d98e61 100755 --- a/.scripts/run_win_build.bat +++ b/.scripts/run_win_build.bat @@ -31,7 +31,7 @@ if !errorlevel! neq 0 exit /b !errorlevel! echo Creating environment call "%MICROMAMBA_EXE%" create --yes --root-prefix "%MAMBA_ROOT_PREFIX%" --prefix "%MINIFORGE_HOME%" ^ --channel conda-forge ^ - pip python=3.12 conda-build conda-forge-ci-setup=4 "conda-build>=24.1" + pip python=3.12 conda-build conda-forge-ci-setup=4 "conda-build>=26.3" if !errorlevel! neq 0 exit /b !errorlevel! echo Removing %MAMBA_ROOT_PREFIX% del /S /Q "%MAMBA_ROOT_PREFIX%" >nul diff --git a/README.md b/README.md index 36ec5225a..4e47b6bf9 100644 --- a/README.md +++ b/README.md @@ -25,7 +25,14 @@ Current build status ==================== - +
+ + + @@ -39,48 +46,6 @@ Current build status
GitHub Actions + + + +
Azure
- - - - - - - - - - - - - - - - - -
VariantStatus
linux_64_build_typedebugchannel_targetsconda-forge_python_debug - - variant - -
linux_64_build_typereleasechannel_targetsconda-forge_main - - variant - -
linux_aarch64_build_typedebugchannel_targetsconda-forge_python_debug - - variant - -
linux_aarch64_build_typereleasechannel_targetsconda-forge_main - - variant - -
linux_ppc64le_build_typedebugchannel_targetsconda-forge_python_debug - - variant - -
linux_ppc64le_build_typereleasechannel_targetsconda-forge_main - - variant - -
osx_64_build_typedebugchannel_targetsconda-forge_python_debug @@ -136,14 +101,14 @@ Current release info Installing python ================= -Installing `python` from the `conda-forge` channel can be achieved by adding `conda-forge` to your channels with: +Installing `python` from the `conda-forge/label/python_debug` channel can be achieved by adding `conda-forge/label/python_debug` to your channels with: ``` -conda config --add channels conda-forge +conda config --add channels conda-forge/label/python_debug conda config --set channel_priority strict ``` -Once the `conda-forge` channel has been enabled, `cpython, libpython-static, python, python-gil` can be installed with `conda`: +Once the `conda-forge/label/python_debug` channel has been enabled, `cpython, libpython-static, python, python-gil` can be installed with `conda`: ``` conda install cpython libpython-static python python-gil @@ -158,26 +123,26 @@ mamba install cpython libpython-static python python-gil It is possible to list all of the versions of `cpython` available on your platform with `conda`: ``` -conda search cpython --channel conda-forge +conda search cpython --channel conda-forge/label/python_debug ``` or with `mamba`: ``` -mamba search cpython --channel conda-forge +mamba search cpython --channel conda-forge/label/python_debug ``` Alternatively, `mamba repoquery` may provide more information: ``` # Search all versions available on your platform: -mamba repoquery search cpython --channel conda-forge +mamba repoquery search cpython --channel conda-forge/label/python_debug # List packages depending on `cpython`: -mamba repoquery whoneeds cpython --channel conda-forge +mamba repoquery whoneeds cpython --channel conda-forge/label/python_debug # List dependencies of `cpython`: -mamba repoquery depends cpython --channel conda-forge +mamba repoquery depends cpython --channel conda-forge/label/python_debug ``` diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 438c19be3..03594e446 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -28,6 +28,5 @@ stages: condition: and(succeeded(), eq(dependencies.Check.outputs['Skip.result.start_main'], 'true')) dependsOn: Check jobs: - - template: ./.azure-pipelines/azure-pipelines-linux.yml - template: ./.azure-pipelines/azure-pipelines-osx.yml - template: ./.azure-pipelines/azure-pipelines-win.yml \ No newline at end of file diff --git a/build-locally.py b/build-locally.py index 825a4aff9..05493e4d8 100755 --- a/build-locally.py +++ b/build-locally.py @@ -28,13 +28,6 @@ def setup_environment(ns): os.path.dirname(__file__), "miniforge3" ) - # The default cache location might not be writable using docker on macOS. - if ns.config.startswith("linux") and platform.system() == "Darwin": - os.environ["CONDA_FORGE_DOCKER_RUN_ARGS"] = ( - os.environ.get("CONDA_FORGE_DOCKER_RUN_ARGS", "") - + " -e RATTLER_CACHE_DIR=/tmp/rattler_cache" - ) - def run_docker_build(ns): script = ".scripts/run_docker_build.sh" diff --git a/conda-forge.yml b/conda-forge.yml index e84c0a690..9b2309474 100644 --- a/conda-forge.yml +++ b/conda-forge.yml @@ -1,9 +1,5 @@ -azure: - store_build_artifacts: true build_platform: - linux_aarch64: linux_64 linux_ppc64le: linux_64 - osx_arm64: osx_64 conda_build: pkg_format: '2' conda_forge_output_validation: true @@ -12,5 +8,8 @@ github: tooling_branch_name: main provider: linux_aarch64: default - linux_ppc64le: native + osx_arm64: default test: native_and_emulated +workflow_settings: + store_build_artifacts: + - value: true diff --git a/recipe/meta.yaml b/recipe/meta.yaml index e42a81ab4..4165d9eff 100644 --- a/recipe/meta.yaml +++ b/recipe/meta.yaml @@ -4,7 +4,7 @@ {% set ver2 = '.'.join(version.split('.')[0:2]) %} {% set ver2nd = ''.join(version.split('.')[0:2]) %} {% set ver3nd = ''.join(version.split('.')[0:3]) %} -{% set build_number = 0 %} +{% set build_number = 1 %} # this makes the linter happy {% set channel_targets = channel_targets or 'conda-forge main' %} @@ -82,6 +82,8 @@ source: - patches/0024-Do-not-pass-g-to-GCC-when-not-Py_DEBUG.patch - patches/0025-Unvendor-expat.patch - patches/0026-Do-not-define-pid_t-as-it-might-conflict-with-the-ac.patch + # backport https://github.com/python/cpython/pull/100373 + - patches/0027-gh-100372-Use-BIO_eof-to-detect-EOF-for-SSL_FILETYPE.patch build: number: {{ build_number }} diff --git a/recipe/patches/0001-Win32-Change-FD_SETSIZE-from-512-to-2048.patch b/recipe/patches/0001-Win32-Change-FD_SETSIZE-from-512-to-2048.patch index 7b648f9f7..6a95ce880 100644 --- a/recipe/patches/0001-Win32-Change-FD_SETSIZE-from-512-to-2048.patch +++ b/recipe/patches/0001-Win32-Change-FD_SETSIZE-from-512-to-2048.patch @@ -1,7 +1,7 @@ -From 5ae5d7606ab9d9ce138c3fd3fc0632bb54c72fc6 Mon Sep 17 00:00:00 2001 +From 9a7eda9dc9742996c5e081db78c7d3246df7c4c6 Mon Sep 17 00:00:00 2001 From: Ray Donnelly Date: Wed, 16 Aug 2017 11:53:55 +0100 -Subject: [PATCH 01/26] Win32: Change FD_SETSIZE from 512 to 2048 +Subject: [PATCH 01/27] Win32: Change FD_SETSIZE from 512 to 2048 https://github.com/ContinuumIO/anaconda-issues/issues/1241 --- diff --git a/recipe/patches/0002-Win32-distutils-Add-support-to-cygwinccompiler-for-V.patch b/recipe/patches/0002-Win32-distutils-Add-support-to-cygwinccompiler-for-V.patch index 280059137..258e7236a 100644 --- a/recipe/patches/0002-Win32-distutils-Add-support-to-cygwinccompiler-for-V.patch +++ b/recipe/patches/0002-Win32-distutils-Add-support-to-cygwinccompiler-for-V.patch @@ -1,7 +1,7 @@ -From 5ecbdccda85a9d6e04910e3fd6eeabe3f82f9e37 Mon Sep 17 00:00:00 2001 +From 22b3ebb0410b3382435eb2b33ba0e832972ce31d Mon Sep 17 00:00:00 2001 From: Ray Donnelly Date: Wed, 16 Aug 2017 11:59:00 +0100 -Subject: [PATCH 02/26] Win32: distutils: Add support to cygwinccompiler for +Subject: [PATCH 02/27] Win32: distutils: Add support to cygwinccompiler for VS>=2015 Really this is for mingw-w64 though diff --git a/recipe/patches/0003-bpo-45258-search-for-isysroot-in-addition-to-sysroot.patch b/recipe/patches/0003-bpo-45258-search-for-isysroot-in-addition-to-sysroot.patch index dde08c72e..db78de148 100644 --- a/recipe/patches/0003-bpo-45258-search-for-isysroot-in-addition-to-sysroot.patch +++ b/recipe/patches/0003-bpo-45258-search-for-isysroot-in-addition-to-sysroot.patch @@ -1,7 +1,7 @@ -From 4060a693b20afa706069d7a5559b561ef5d5d853 Mon Sep 17 00:00:00 2001 +From 7fefe7f31a0abdaf54004aece9dc0849ca9765b2 Mon Sep 17 00:00:00 2001 From: Isuru Fernando Date: Tue, 21 Sep 2021 13:05:20 -0500 -Subject: [PATCH 03/26] bpo-45258: search for -isysroot in addition to +Subject: [PATCH 03/27] bpo-45258: search for -isysroot in addition to --sysroot -isysroot is for macOS, while --sysroot is for gcc/linux diff --git a/recipe/patches/0004-runtime_library_dir_option-Use-1st-word-of-CC-as-com.patch b/recipe/patches/0004-runtime_library_dir_option-Use-1st-word-of-CC-as-com.patch index 13a4c9abc..5d85bcae3 100644 --- a/recipe/patches/0004-runtime_library_dir_option-Use-1st-word-of-CC-as-com.patch +++ b/recipe/patches/0004-runtime_library_dir_option-Use-1st-word-of-CC-as-com.patch @@ -1,7 +1,7 @@ -From 1b83da93b8868aa77ac7452b885199f7da47a263 Mon Sep 17 00:00:00 2001 +From a681a384e84095bbb5d7acd51cbda182710e8288 Mon Sep 17 00:00:00 2001 From: Ray Donnelly Date: Thu, 5 Oct 2017 02:00:41 +0100 -Subject: [PATCH 04/26] runtime_library_dir_option: Use 1st word of CC as +Subject: [PATCH 04/27] runtime_library_dir_option: Use 1st word of CC as compiler Previous, 'CC' got passed to os.path.basename, so any paths in it after diff --git a/recipe/patches/0005-Win32-Do-not-download-externals.patch b/recipe/patches/0005-Win32-Do-not-download-externals.patch index 9ba3c55ab..c8fbcb210 100644 --- a/recipe/patches/0005-Win32-Do-not-download-externals.patch +++ b/recipe/patches/0005-Win32-Do-not-download-externals.patch @@ -1,7 +1,7 @@ -From 0b764f2f76e8215f910257121d8a7dfaa6156066 Mon Sep 17 00:00:00 2001 +From d87162d367ee4e70ff0de0ef0bf52f9284528051 Mon Sep 17 00:00:00 2001 From: Ray Donnelly Date: Thu, 7 Sep 2017 11:35:47 +0100 -Subject: [PATCH 05/26] Win32: Do not download externals +Subject: [PATCH 05/27] Win32: Do not download externals --- PCbuild/build.bat | 2 +- diff --git a/recipe/patches/0006-Fix-find_library-so-that-it-looks-in-sys.prefix-lib-.patch b/recipe/patches/0006-Fix-find_library-so-that-it-looks-in-sys.prefix-lib-.patch index 87eae554a..7908b0d8c 100644 --- a/recipe/patches/0006-Fix-find_library-so-that-it-looks-in-sys.prefix-lib-.patch +++ b/recipe/patches/0006-Fix-find_library-so-that-it-looks-in-sys.prefix-lib-.patch @@ -1,7 +1,8 @@ -From e66bc6c54834bad1224d78f24e07f0f7c98f3fb9 Mon Sep 17 00:00:00 2001 +From c03b4821890811e2f1a0be4ab621bcdf8e3ef4d7 Mon Sep 17 00:00:00 2001 From: Ray Donnelly Date: Tue, 5 Dec 2017 22:47:59 +0000 -Subject: [PATCH] Fix find_library so that it looks in sys.prefix/lib first +Subject: [PATCH 06/27] Fix find_library so that it looks in sys.prefix/lib + first --- Lib/ctypes/macholib/dyld.py | 4 ++++ diff --git a/recipe/patches/0007-bpo-22699-Allow-compiling-on-debian-ubuntu-with-a-di.patch b/recipe/patches/0007-bpo-22699-Allow-compiling-on-debian-ubuntu-with-a-di.patch index c5b37796c..a42aba8e3 100644 --- a/recipe/patches/0007-bpo-22699-Allow-compiling-on-debian-ubuntu-with-a-di.patch +++ b/recipe/patches/0007-bpo-22699-Allow-compiling-on-debian-ubuntu-with-a-di.patch @@ -1,7 +1,7 @@ -From 7388ba0e24de4702a0d9f493457528ba012e3f58 Mon Sep 17 00:00:00 2001 +From cf0626c5ef3ce26b742e3761d19f3c662eaea926 Mon Sep 17 00:00:00 2001 From: Isuru Fernando Date: Thu, 16 Sep 2021 15:46:09 -0500 -Subject: [PATCH 07/26] bpo-22699: Allow compiling on debian/ubuntu with a +Subject: [PATCH 07/27] bpo-22699: Allow compiling on debian/ubuntu with a different compiler This PR fixes one issue mentioned in the bpo diff --git a/recipe/patches/0008-Disable-registry-lookup-unless-CONDA_PY_ALLOW_REG_PA.patch b/recipe/patches/0008-Disable-registry-lookup-unless-CONDA_PY_ALLOW_REG_PA.patch index 6465d2474..43b501a59 100644 --- a/recipe/patches/0008-Disable-registry-lookup-unless-CONDA_PY_ALLOW_REG_PA.patch +++ b/recipe/patches/0008-Disable-registry-lookup-unless-CONDA_PY_ALLOW_REG_PA.patch @@ -1,7 +1,7 @@ -From bd93c62a12b74eccabff866eba265828d04db569 Mon Sep 17 00:00:00 2001 +From 79f4df3a44f5ccc31795fdfa3e93502b436aaa50 Mon Sep 17 00:00:00 2001 From: Ray Donnelly Date: Sat, 27 Oct 2018 18:48:30 +0100 -Subject: [PATCH 08/26] Disable registry lookup unless CONDA_PY_ALLOW_REG_PATHS +Subject: [PATCH 08/27] Disable registry lookup unless CONDA_PY_ALLOW_REG_PATHS is not 0 Co-authored-by: Isuru Fernando diff --git a/recipe/patches/0009-Unvendor-openssl.patch b/recipe/patches/0009-Unvendor-openssl.patch index 4cb22f4b3..e4e7fe5c4 100644 --- a/recipe/patches/0009-Unvendor-openssl.patch +++ b/recipe/patches/0009-Unvendor-openssl.patch @@ -1,7 +1,7 @@ -From f76056be11240cd0567c5147e2a44a6b0ac3987b Mon Sep 17 00:00:00 2001 +From a7a02cea51b83a8a8cc3feb771b9f4ac61e853f6 Mon Sep 17 00:00:00 2001 From: Nehal J Wani Date: Sat, 24 Nov 2018 20:38:02 -0600 -Subject: [PATCH 09/26] Unvendor openssl +Subject: [PATCH 09/27] Unvendor openssl Co-authored-by: Isuru Fernando --- diff --git a/recipe/patches/0010-Unvendor-sqlite3.patch b/recipe/patches/0010-Unvendor-sqlite3.patch index 23dc633cc..9f3213b49 100644 --- a/recipe/patches/0010-Unvendor-sqlite3.patch +++ b/recipe/patches/0010-Unvendor-sqlite3.patch @@ -1,7 +1,7 @@ -From a70df903ab7f87c3b8f1f8e38bf0a2cbea84eb9c Mon Sep 17 00:00:00 2001 +From a95d07a73d5dd38cf69b3b7a7ea1e103032f1c0a Mon Sep 17 00:00:00 2001 From: Nehal J Wani Date: Tue, 5 Oct 2021 12:42:06 -0700 -Subject: [PATCH 10/26] Unvendor sqlite3 +Subject: [PATCH 10/27] Unvendor sqlite3 --- PCbuild/_sqlite3.vcxproj | 11 +++++------ diff --git a/recipe/patches/0011-Use-ranlib-from-env-if-env-variable-is-set.patch b/recipe/patches/0011-Use-ranlib-from-env-if-env-variable-is-set.patch index 41b2a142b..ee3d0a45c 100644 --- a/recipe/patches/0011-Use-ranlib-from-env-if-env-variable-is-set.patch +++ b/recipe/patches/0011-Use-ranlib-from-env-if-env-variable-is-set.patch @@ -1,7 +1,7 @@ -From 219ebc14d52e8da756a999bf7330083c22b2c56b Mon Sep 17 00:00:00 2001 +From b433af6400f676e354786cfe2f2944c314b8c2b7 Mon Sep 17 00:00:00 2001 From: Isuru Fernando Date: Sun, 3 Nov 2019 15:09:45 -0600 -Subject: [PATCH 11/26] Use ranlib from env if env variable is set +Subject: [PATCH 11/27] Use ranlib from env if env variable is set --- Lib/distutils/sysconfig.py | 3 +++ diff --git a/recipe/patches/0012-Add-CondaEcosystemModifyDllSearchPath.patch b/recipe/patches/0012-Add-CondaEcosystemModifyDllSearchPath.patch index 81d5e8578..c62a60000 100644 --- a/recipe/patches/0012-Add-CondaEcosystemModifyDllSearchPath.patch +++ b/recipe/patches/0012-Add-CondaEcosystemModifyDllSearchPath.patch @@ -1,7 +1,7 @@ -From 9f1c1af81c44cb299d46b9e1d435c177bb0bb12d Mon Sep 17 00:00:00 2001 +From 6928b97faf3e2d7abf06b268e0533fdc66af022a Mon Sep 17 00:00:00 2001 From: Ray Donnelly Date: Tue, 24 Dec 2019 18:37:17 +0100 -Subject: [PATCH 12/26] Add CondaEcosystemModifyDllSearchPath() +Subject: [PATCH 12/27] Add CondaEcosystemModifyDllSearchPath() The python interpreter is modifed so that it works as if the python interpreter was called with the following conda directories. diff --git a/recipe/patches/0013-Add-d1trimfile-SRC_DIR-to-make-pdbs-more-relocatable.patch b/recipe/patches/0013-Add-d1trimfile-SRC_DIR-to-make-pdbs-more-relocatable.patch index 003d8cfcb..7059beac4 100644 --- a/recipe/patches/0013-Add-d1trimfile-SRC_DIR-to-make-pdbs-more-relocatable.patch +++ b/recipe/patches/0013-Add-d1trimfile-SRC_DIR-to-make-pdbs-more-relocatable.patch @@ -1,7 +1,7 @@ -From e1a3cf6c461ba26537d4a643b82d0b336ecdea79 Mon Sep 17 00:00:00 2001 +From ac099b810a66b3243af276957aefe32fad3fae93 Mon Sep 17 00:00:00 2001 From: Ray Donnelly Date: Tue, 31 Dec 2019 20:46:36 +0100 -Subject: [PATCH 13/26] Add /d1trimfile:%SRC_DIR% to make pdbs more relocatable +Subject: [PATCH 13/27] Add /d1trimfile:%SRC_DIR% to make pdbs more relocatable --- Lib/distutils/_msvccompiler.py | 9 ++++++++- diff --git a/recipe/patches/0014-Doing-d1trimfile.patch b/recipe/patches/0014-Doing-d1trimfile.patch index 15cae2698..17c629193 100644 --- a/recipe/patches/0014-Doing-d1trimfile.patch +++ b/recipe/patches/0014-Doing-d1trimfile.patch @@ -1,7 +1,7 @@ -From 4b6ac3dcbd45df642a2393246c976076c8da45d8 Mon Sep 17 00:00:00 2001 +From af79c715415f62c4818099e1ad40e893dfa2f58d Mon Sep 17 00:00:00 2001 From: Ray Donnelly Date: Tue, 31 Dec 2019 21:47:47 +0100 -Subject: [PATCH 14/26] Doing d1trimfile +Subject: [PATCH 14/27] Doing d1trimfile --- PCbuild/_asyncio.vcxproj | 20 ++++++++++++++++++++ diff --git a/recipe/patches/0015-cross-compile-darwin.patch b/recipe/patches/0015-cross-compile-darwin.patch index 384e5ee27..e39029681 100644 --- a/recipe/patches/0015-cross-compile-darwin.patch +++ b/recipe/patches/0015-cross-compile-darwin.patch @@ -1,7 +1,7 @@ -From d6f588dd44e11fcf7d3f2b13c9516bed14362015 Mon Sep 17 00:00:00 2001 +From 65796485aad9113b473df540f307778f91253baa Mon Sep 17 00:00:00 2001 From: Ray Donnelly Date: Fri, 2 Oct 2020 00:03:12 +0200 -Subject: [PATCH 15/26] cross compile darwin +Subject: [PATCH 15/27] cross compile darwin By Isuru Fernando. --- diff --git a/recipe/patches/0016-Fix-TZPATH-on-windows.patch b/recipe/patches/0016-Fix-TZPATH-on-windows.patch index 66eb7afb9..507a6150c 100644 --- a/recipe/patches/0016-Fix-TZPATH-on-windows.patch +++ b/recipe/patches/0016-Fix-TZPATH-on-windows.patch @@ -1,7 +1,7 @@ -From 0d1ab30bd7bdb37de202313888fb3f6f391ac0ec Mon Sep 17 00:00:00 2001 +From 4f9ef5a955d3214f76470512320601a7a7b8d162 Mon Sep 17 00:00:00 2001 From: Isuru Fernando Date: Wed, 7 Oct 2020 10:08:30 -0500 -Subject: [PATCH 16/26] Fix TZPATH on windows +Subject: [PATCH 16/27] Fix TZPATH on windows --- Lib/sysconfig.py | 1 + diff --git a/recipe/patches/0017-Make-dyld-search-work-with-SYSTEM_VERSION_COMPAT-1.patch b/recipe/patches/0017-Make-dyld-search-work-with-SYSTEM_VERSION_COMPAT-1.patch index c390d021d..ecf4eaed5 100644 --- a/recipe/patches/0017-Make-dyld-search-work-with-SYSTEM_VERSION_COMPAT-1.patch +++ b/recipe/patches/0017-Make-dyld-search-work-with-SYSTEM_VERSION_COMPAT-1.patch @@ -1,7 +1,7 @@ -From 1ac880e995fd0e893dc9b389e988a467a226cd3a Mon Sep 17 00:00:00 2001 +From 26b681dcb1f2242e124b099de5db93613efbf628 Mon Sep 17 00:00:00 2001 From: Isuru Fernando Date: Mon, 25 Jan 2021 03:28:08 -0600 -Subject: [PATCH 17/26] Make dyld search work with SYSTEM_VERSION_COMPAT=1 +Subject: [PATCH 17/27] Make dyld search work with SYSTEM_VERSION_COMPAT=1 In macOS Big Sur, if the executable was compiled with `MACOSX_DEPLOYMENT_TARGET=10.15` or below, then SYSTEM_VERSION_COMPAT=1 is the default which means that Big Sur diff --git a/recipe/patches/0018-Fix-LDSHARED-when-CC-is-overriden-on-Linux-too.patch b/recipe/patches/0018-Fix-LDSHARED-when-CC-is-overriden-on-Linux-too.patch index 400a3c8ff..3a304ecab 100644 --- a/recipe/patches/0018-Fix-LDSHARED-when-CC-is-overriden-on-Linux-too.patch +++ b/recipe/patches/0018-Fix-LDSHARED-when-CC-is-overriden-on-Linux-too.patch @@ -1,7 +1,7 @@ -From 4200142e479ed89fdd8f226113d38481c9268661 Mon Sep 17 00:00:00 2001 +From 8574a0efce79ca9a31e1d8e34fbe223bad316c13 Mon Sep 17 00:00:00 2001 From: Isuru Fernando Date: Mon, 16 Aug 2021 02:18:50 -0700 -Subject: [PATCH 18/26] Fix LDSHARED when CC is overriden on Linux too +Subject: [PATCH 18/27] Fix LDSHARED when CC is overriden on Linux too --- Lib/distutils/sysconfig.py | 5 ++--- diff --git a/recipe/patches/0019-Unvendor-bzip2.patch b/recipe/patches/0019-Unvendor-bzip2.patch index 3bfdf33f0..774a1d7a2 100644 --- a/recipe/patches/0019-Unvendor-bzip2.patch +++ b/recipe/patches/0019-Unvendor-bzip2.patch @@ -1,7 +1,7 @@ -From 5b44c64b08f77214ee8d3590fcfad86be0fbcbd3 Mon Sep 17 00:00:00 2001 +From 5fec0f5f0301cce5ab58c7d90332dec13a0c6134 Mon Sep 17 00:00:00 2001 From: Isuru Fernando Date: Mon, 16 Aug 2021 02:56:27 -0700 -Subject: [PATCH 19/26] Unvendor bzip2 +Subject: [PATCH 19/27] Unvendor bzip2 --- PCbuild/_bz2.vcxproj | 15 +++++---------- diff --git a/recipe/patches/0020-Unvendor-libffi.patch b/recipe/patches/0020-Unvendor-libffi.patch index 0084da3b8..a2d8033cb 100644 --- a/recipe/patches/0020-Unvendor-libffi.patch +++ b/recipe/patches/0020-Unvendor-libffi.patch @@ -1,7 +1,7 @@ -From 4db440591d4d36d7131493bbb31eefaa9f53fa5c Mon Sep 17 00:00:00 2001 +From 7708ae7b860b591ab3ee28e88e9e04aee4b26dd6 Mon Sep 17 00:00:00 2001 From: Isuru Fernando Date: Mon, 16 Aug 2021 03:07:40 -0700 -Subject: [PATCH 20/26] Unvendor libffi +Subject: [PATCH 20/27] Unvendor libffi --- PCbuild/libffi.props | 17 ++++------------- diff --git a/recipe/patches/0021-Unvendor-tcltk.patch b/recipe/patches/0021-Unvendor-tcltk.patch index 008bdc3b8..fefc7346c 100644 --- a/recipe/patches/0021-Unvendor-tcltk.patch +++ b/recipe/patches/0021-Unvendor-tcltk.patch @@ -1,7 +1,7 @@ -From f38aa32e3f9bf268ebcf7a6f34446fc7b7e8b32a Mon Sep 17 00:00:00 2001 +From b57b04b19f7495ad1f9bbe562fd846f33382fa36 Mon Sep 17 00:00:00 2001 From: Isuru Fernando Date: Fri, 20 Aug 2021 10:23:51 -0700 -Subject: [PATCH 21/26] Unvendor tcltk +Subject: [PATCH 21/27] Unvendor tcltk --- PCbuild/tcltk.props | 12 +++++------- diff --git a/recipe/patches/0022-unvendor-xz.patch b/recipe/patches/0022-unvendor-xz.patch index 389adbe3f..45e51459b 100644 --- a/recipe/patches/0022-unvendor-xz.patch +++ b/recipe/patches/0022-unvendor-xz.patch @@ -1,7 +1,7 @@ -From 11801ce8ce56a8100a8086cb7ac28cca893511fc Mon Sep 17 00:00:00 2001 +From 80f627bf8604ea4e647516fdf3ef06903a79f8e7 Mon Sep 17 00:00:00 2001 From: Isuru Fernando Date: Sat, 25 Sep 2021 10:07:05 -0700 -Subject: [PATCH 22/26] unvendor xz +Subject: [PATCH 22/27] unvendor xz --- PCbuild/_lzma.vcxproj | 10 +++------- diff --git a/recipe/patches/0023-unvendor-zlib.patch b/recipe/patches/0023-unvendor-zlib.patch index 6a7b0d76e..3b3a61597 100644 --- a/recipe/patches/0023-unvendor-zlib.patch +++ b/recipe/patches/0023-unvendor-zlib.patch @@ -1,7 +1,7 @@ -From e72f4bd73bb8c21753386995f02d814fc42b6909 Mon Sep 17 00:00:00 2001 +From bceba983ea3bcae3a3d12cc1fe991815ec1a155f Mon Sep 17 00:00:00 2001 From: Isuru Fernando Date: Wed, 29 Sep 2021 15:21:55 -0700 -Subject: [PATCH 23/26] unvendor zlib +Subject: [PATCH 23/27] unvendor zlib --- PCbuild/pythoncore.vcxproj | 33 ++------------- diff --git a/recipe/patches/0024-Do-not-pass-g-to-GCC-when-not-Py_DEBUG.patch b/recipe/patches/0024-Do-not-pass-g-to-GCC-when-not-Py_DEBUG.patch index 19ffb1e37..c267f3220 100644 --- a/recipe/patches/0024-Do-not-pass-g-to-GCC-when-not-Py_DEBUG.patch +++ b/recipe/patches/0024-Do-not-pass-g-to-GCC-when-not-Py_DEBUG.patch @@ -1,7 +1,7 @@ -From 20e65d9c304c6bb626747bac844d661c1039e6ba Mon Sep 17 00:00:00 2001 +From 47bdd6a741f1b742dad262021891a8f3340994cf Mon Sep 17 00:00:00 2001 From: Ray Donnelly Date: Wed, 16 Aug 2017 11:45:28 +0100 -Subject: [PATCH 24/26] Do not pass -g to GCC when not Py_DEBUG +Subject: [PATCH 24/27] Do not pass -g to GCC when not Py_DEBUG This bloats our exe and our modules a lot. --- diff --git a/recipe/patches/0025-Unvendor-expat.patch b/recipe/patches/0025-Unvendor-expat.patch index 2f0b3ffc2..3d1ab5ef1 100644 --- a/recipe/patches/0025-Unvendor-expat.patch +++ b/recipe/patches/0025-Unvendor-expat.patch @@ -1,7 +1,7 @@ -From cbc2a487680c1c6e28c70346022a765f2ef7bdca Mon Sep 17 00:00:00 2001 +From cd8227c09dc0a13784cc633ac10a715c5fe9615c Mon Sep 17 00:00:00 2001 From: Isuru Fernando Date: Wed, 29 Mar 2023 23:07:10 -0500 -Subject: [PATCH 25/26] Unvendor expat +Subject: [PATCH 25/27] Unvendor expat --- PCbuild/_elementtree.vcxproj | 25 ++---------- diff --git a/recipe/patches/0026-Do-not-define-pid_t-as-it-might-conflict-with-the-ac.patch b/recipe/patches/0026-Do-not-define-pid_t-as-it-might-conflict-with-the-ac.patch index 48cf04f23..3f412dc57 100644 --- a/recipe/patches/0026-Do-not-define-pid_t-as-it-might-conflict-with-the-ac.patch +++ b/recipe/patches/0026-Do-not-define-pid_t-as-it-might-conflict-with-the-ac.patch @@ -1,7 +1,7 @@ -From bbdf1c349b2dfd2ebba8b5d8d6551c031d8c69a7 Mon Sep 17 00:00:00 2001 +From 16b4bb6e8872c09fe5403833c53bff9fb70dcb0a Mon Sep 17 00:00:00 2001 From: Isuru Fernando Date: Sun, 12 Jan 2025 10:37:29 +0530 -Subject: [PATCH 26/26] Do not define pid_t as it might conflict with the +Subject: [PATCH 26/27] Do not define pid_t as it might conflict with the actual definition --- diff --git a/recipe/patches/0027-gh-100372-Use-BIO_eof-to-detect-EOF-for-SSL_FILETYPE.patch b/recipe/patches/0027-gh-100372-Use-BIO_eof-to-detect-EOF-for-SSL_FILETYPE.patch new file mode 100644 index 000000000..7466f5bf9 --- /dev/null +++ b/recipe/patches/0027-gh-100372-Use-BIO_eof-to-detect-EOF-for-SSL_FILETYPE.patch @@ -0,0 +1,64 @@ +From da64a40c2682590235eaf00f3970940058456e27 Mon Sep 17 00:00:00 2001 +From: David Benjamin +Date: Fri, 24 Mar 2023 09:04:30 -0400 +Subject: [PATCH 27/27] gh-100372: Use BIO_eof to detect EOF for + SSL_FILETYPE_ASN1 (GH-100373) + +In PEM, we need to parse until error and then suppress `PEM_R_NO_START_LINE`, because PEM allows arbitrary leading and trailing data. DER, however, does not. Parsing until error and suppressing `ASN1_R_HEADER_TOO_LONG` doesn't quite work because that error also covers some cases that should be rejected. + +Instead, check `BIO_eof` early and stop the loop that way. + +Automerge-Triggered-By: GH:Yhg1s +--- + Lib/test/test_ssl.py | 2 ++ + Modules/_ssl.c | 10 ++++++---- + 2 files changed, 8 insertions(+), 4 deletions(-) + +diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py +index 0b169c37d57..aa8ce81db66 100644 +--- a/Lib/test/test_ssl.py ++++ b/Lib/test/test_ssl.py +@@ -1559,6 +1559,8 @@ def test_load_verify_cadata(self): + "not enough data: cadata does not contain a certificate" + ): + ctx.load_verify_locations(cadata=b"broken") ++ with self.assertRaises(ssl.SSLError): ++ ctx.load_verify_locations(cadata=cacert_der + b"A") + + @unittest.skipIf(Py_DEBUG_WIN32, "Avoid mixing debug/release CRT on Windows") + def test_load_dh_params(self): +diff --git a/Modules/_ssl.c b/Modules/_ssl.c +index 6275d94d644..9c2e8c391d0 100644 +--- a/Modules/_ssl.c ++++ b/Modules/_ssl.c +@@ -3978,7 +3978,7 @@ _add_ca_certs(PySSLContext *self, const void *data, Py_ssize_t len, + { + BIO *biobuf = NULL; + X509_STORE *store; +- int retval = -1, err, loaded = 0; ++ int retval = -1, err, loaded = 0, was_bio_eof = 0; + + assert(filetype == SSL_FILETYPE_ASN1 || filetype == SSL_FILETYPE_PEM); + +@@ -4006,6 +4006,10 @@ _add_ca_certs(PySSLContext *self, const void *data, Py_ssize_t len, + int r; + + if (filetype == SSL_FILETYPE_ASN1) { ++ if (BIO_eof(biobuf)) { ++ was_bio_eof = 1; ++ break; ++ } + cert = d2i_X509_bio(biobuf, NULL); + } else { + cert = PEM_read_bio_X509(biobuf, NULL, +@@ -4041,9 +4045,7 @@ _add_ca_certs(PySSLContext *self, const void *data, Py_ssize_t len, + } + _setSSLError(get_state_ctx(self), msg, 0, __FILE__, __LINE__); + retval = -1; +- } else if ((filetype == SSL_FILETYPE_ASN1) && +- (ERR_GET_LIB(err) == ERR_LIB_ASN1) && +- (ERR_GET_REASON(err) == ASN1_R_HEADER_TOO_LONG)) { ++ } else if ((filetype == SSL_FILETYPE_ASN1) && was_bio_eof) { + /* EOF ASN1 file, not an error */ + ERR_clear_error(); + retval = 0; diff --git a/recipe/run_test.py b/recipe/run_test.py index 9c37abce8..1f64b3078 100644 --- a/recipe/run_test.py +++ b/recipe/run_test.py @@ -107,3 +107,11 @@ # See https://github.com/conda-forge/python-feedstock/issues/718 for context: assert sys.hash_info.algorithm.startswith("siphash") + +# xref https://github.com/conda-forge/openssl-feedstock/issues/237 +import ssl +print("openssl:", ssl.OPENSSL_VERSION) +pem = ssl.get_server_certificate(("pypi.org", 443)) +der = ssl.PEM_cert_to_DER_cert(pem) +ctx = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT) +ctx.load_verify_locations(cadata=der)