use downstream packages

Cryptography is currently broken upstream due to deprecation of OpenSSL engines in Fedora 41+ and CentOS Stream 10. I managed to merge a fix upstream, but it will take some time until they release a new version. For more details, see the GitHub issue: pyca/cryptography#11690 Before this commit, some packages were installed from pip. This is not desired, pcs dependencies are given as rpm packages, not python packages. Presumably, even upstream users use downstream packages if they build pcs. Downstream packages have an advantage of being tuned for the distribution, which can resolve the kinds of issues as cryptography has now. Additionally, the pip installed packages were not the ones that can be bundled by autotools, so pcs is still tested with the newest possible bundled dependencies. Some context for not having --system-site-packages from Fabio: it was to stress the build system in different ways one env might have python3-foo installed, another doesn't causing different results say today: we test pcs build X and it works tomorrow some other packages pulls in python3-something that goes from embedded to system and then pcs starts to fail it creates a rather unpredictable build env on rhel8 we could use system stuff, and we needed it IIRC others can have all embedded
kronosnet · Oct 21, 2024 · 146f882 · 146f882
1 parent df73897
commit 146f882
Show file tree

Hide file tree

Showing 3 changed files with 12 additions and 10 deletions.
diff --git a/ci-setup-src b/ci-setup-src
@@ -20,26 +20,23 @@ if [ -f ./configure ]; then
    echo "Random sleep: $sleeptimer"
    sleep $sleeptimer
 
+   rm -rf .venv
+   python3 -m venv --system-site-packages .venv
+   . .venv/bin/activate
+   export PATH="$(pwd)/.venv"/bin/:$PATH
+
    case "${NODE_NAME}" in
     debian*|ubuntu*)
      localbuild=""
-     usesitepackages=--system-site-packages
      ;;
     rhel-8*)
-     localbuild=--enable-local-build
-     usesitepackages=--system-site-packages
+     python3 -m pip install concurrencytest
      ;;
     *)
      localbuild=--enable-local-build
-     usesitepackages=""
      ;;
    esac
-   rm -rf .venv
-   python3 -m venv $usesitepackages .venv
-   . .venv/bin/activate
-   export PATH="$(pwd)/.venv"/bin/:$PATH
-   python3 -m pip install setuptools-scm setuptools-rust wheel
-   python3 -m pip install concurrencytest cryptography lxml pycurl six pyparsing
+
    echo "./configure --enable-destructive-tests --enable-parallel-tests $localbuild $DISTROCONFOPTS PKG_CONFIG_PATH=$EXTERNAL_CONFIG_PATH"
    ./configure --enable-destructive-tests --enable-parallel-tests $localbuild $DISTROCONFOPTS PKG_CONFIG_PATH=$EXTERNAL_CONFIG_PATH
    ;;

diff --git a/ci-update-apt b/ci-update-apt
@@ -74,6 +74,8 @@ required_pkg pkg-config
 required_pkg psmisc
 required_pkg puma
 required_pkg python3-boto3
+required_pkg python3-dateutil
+required_pkg python3-cryptography
 required_pkg python3-dev
 required_pkg python3-googleapi
 required_pkg python3-lxml
@@ -90,6 +92,7 @@ required_pkg python3-suds
 required_pkg python3-systemd
 required_pkg python3-tornado
 required_pkg python3-venv
+required_pkg python3-wheel
 required_pkg rsync
 required_pkg ruby
 required_pkg ruby-backports

diff --git a/ci-update-yum b/ci-update-yum
@@ -156,13 +156,15 @@ required_pkg overpass-fonts
 required_pkg pam-devel
 required_pkg perl
 required_pkg python3-cryptography
+required_pkg python3-dateutil
 required_pkg python3-devel
 required_pkg python3-httplib2
 required_pkg python3-lxml
 required_pkg python3-pexpect
 required_pkg python3-pip
 required_pkg python3-psutil
 required_pkg python3-pycurl
+required_pkg python3-pyparsing
 required_pkg python3-pyroute2
 required_pkg python3-requests
 required_pkg python3-rpm-macros