Skip to content

Commit

Permalink
Switch to maturin. (pyca#8815)
Browse files Browse the repository at this point in the history
It seems to be much faster at doing things locally.
  • Loading branch information
alex authored Jul 5, 2024
1 parent a5fb2d4 commit 5b23baa
Show file tree
Hide file tree
Showing 5 changed files with 75 additions and 62 deletions.
2 changes: 1 addition & 1 deletion .github/requirements/build-requirements.in
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
# Must be kept sync with build-system.requires at pyproject.toml
setuptools>=61.0.0
cffi>=1.12; platform_python_implementation != 'PyPy'
setuptools-rust>=1.7.0
maturin>=1,<2

# WARN: changing the requirements here DOES NOT update the dependencies used for building at the github workflow, as the build process used build-requirements.txt
# To update build-requirements.txt according to the dependencies here, run pip-compile --allow-unsafe --generate-hashes build-requirements.in
26 changes: 16 additions & 10 deletions .github/requirements/build-requirements.txt
Original file line number Diff line number Diff line change
Expand Up @@ -58,27 +58,33 @@ cffi==1.16.0 ; platform_python_implementation != "PyPy" \
--hash=sha256:fa3a0128b152627161ce47201262d3140edb5a5c3da88d73a1b790a959126956 \
--hash=sha256:fcc8eb6d5902bb1cf6dc4f187ee3ea80a1eba0a89aba40a5cb20a5087d961357
# via -r build-requirements.in
maturin==1.5.0 \
--hash=sha256:0b976116b7cfaafbc8c3f0acfaec6702520c49e86e48ea80e2c282b7f8118c1a \
--hash=sha256:1b29bf8771f27d2e6b2685c82de952b5732ee79e5c0030ffd5dab5ccb99137a1 \
--hash=sha256:2e4c01370a5c10b6c4887bee66d3582bdb38c3805168c1393f072bd266da08d4 \
--hash=sha256:76e3270ff87b5484976d23e3d88475cd64acf41b54f561263f253d8fca0baab3 \
--hash=sha256:9cba3737cb92ce5c1bd82cbb9b1fde412b2aac8882ac38b8340980f5eb858d8c \
--hash=sha256:a5c038ded82c7595d99e94a208aa8af2b5c94eef4c8fcf5ef6e841957e506201 \
--hash=sha256:b3a499ff5960e46115488e68011809ce99857864ce3a91cf5d0fff3adbd89e8c \
--hash=sha256:d277adf9b27143627ba7be7ea254513d3e85008fb16a94638b56884a41b4e5a2 \
--hash=sha256:d6a314472e07b6bdfa4cdf97d24cda1defe008d36d4b75de2efd3383e7a2d7bf \
--hash=sha256:e046ea2aed687991d58c42f6276dfcc0c037092934654f538b5877fd57dd3a9c \
--hash=sha256:eb35dfe5994ad2c34d2874a73720847ecc2adb28f934e9a7cbcdb8826b240e60 \
--hash=sha256:f271f315fb78d2ff5fdf60f8d3ada2a04a66ac6fbd3cbb318c4eb4e9766449bc \
--hash=sha256:faa0d099a8045afc9977284cb3a1c26e5ebc9a7f0fe4d53b7ee17f62fd279f4a
# via -r build-requirements.in
pycparser==2.22 \
--hash=sha256:491c8be9c040f5390f5bf44a5b07752bd07f56edf992381b05c701439eec10f6 \
--hash=sha256:c3702b6d3dd8c7abc1afa565d7e63d53a1d0bd86cdc24edd75470f4de499cfcc
# via cffi
semantic-version==2.10.0 \
--hash=sha256:bdabb6d336998cbb378d4b9db3a4b56a1e3235701dc05ea2690d9a997ed5041c \
--hash=sha256:de78a3b8e0feda74cabc54aab2da702113e33ac9d9eb9d2389bcf1f58b7d9177
# via setuptools-rust
setuptools-rust==1.9.0 \
--hash=sha256:409caf49dcf7ad9bd510b4bf4011fbad504e745fae98f57fe1c06f3a97719638 \
--hash=sha256:704df0948f2e4cc60c2596ad6e840ea679f4f43e58ed4ad0c1857807240eab96
# via -r build-requirements.in
tomli==2.0.1 \
--hash=sha256:939de3e7a6161af0c887ef91b7d41a53e7c5a1ca976325f429cb46ea9bc30ecc \
--hash=sha256:de526c12914f0c550d15924c62d72abc48d6fe7364aa87328337a31007fe8a4f
# via setuptools-rust
# via maturin

# The following packages are considered to be unsafe in a requirements file:
setuptools==70.2.0 \
--hash=sha256:b8b8060bb426838fbe942479c90296ce976249451118ef566a5a0b7d8b78fb05 \
--hash=sha256:bd63e505105011b25c3c11f753f7e3b8465ea739efddaccef8f0efac2137bac1
# via
# -r build-requirements.in
# setuptools-rust
25 changes: 16 additions & 9 deletions .github/workflows/wheel-builder.yml
Original file line number Diff line number Diff line change
Expand Up @@ -61,8 +61,8 @@ jobs:
fail-fast: false
matrix:
PYTHON:
- { VERSION: "cp311-cp311", ABI_VERSION: 'cp37' }
- { VERSION: "cp311-cp311", ABI_VERSION: 'cp39' }
- { VERSION: "cp311-cp311", ABI_VERSION: 'py37' }
- { VERSION: "cp311-cp311", ABI_VERSION: 'py39' }
- { VERSION: "pp39-pypy39_pp73" }
- { VERSION: "pp310-pypy310_pp73" }
MANYLINUX:
Expand Down Expand Up @@ -127,8 +127,12 @@ jobs:
- name: Build the wheel
run: |
if [ -n "${{ matrix.PYTHON.ABI_VERSION }}" ]; then
PY_LIMITED_API="--config-settings=--build-option=--py-limited-api=${{ matrix.PYTHON.ABI_VERSION }} --no-build-isolation"
PY_LIMITED_API="--config-settings=build-args=--features=pyo3/abi3-${{ matrix.PYTHON.ABI_VERSION }} --no-build-isolation"
fi
# `maturin` has a binary that needs to be on the $PATH, so we
# activate the venv.
source .venv/bin/activate
OPENSSL_DIR="/opt/pyca/cryptography/openssl" \
OPENSSL_STATIC=1 \
.venv/bin/python -m pip wheel -v --no-deps $PY_LIMITED_API cryptograph*.tar.gz -w dist/ && mv dist/cryptography*.whl tmpwheelhouse
Expand Down Expand Up @@ -162,7 +166,7 @@ jobs:
matrix:
PYTHON:
- VERSION: '3.11'
ABI_VERSION: 'cp37'
ABI_VERSION: 'py37'
# Despite the name, this is built for the macOS 11 SDK on arm64 and 10.9+ on intel
DOWNLOAD_URL: 'https://www.python.org/ftp/python/3.11.3/python-3.11.3-macos11.pkg'
BIN_PATH: '/Library/Frameworks/Python.framework/Versions/3.11/bin/python3'
Expand All @@ -174,7 +178,7 @@ jobs:
# build against
_PYTHON_HOST_PLATFORM: 'macosx-10.9-universal2'
- VERSION: '3.11'
ABI_VERSION: 'cp39'
ABI_VERSION: 'py39'
# Despite the name, this is built for the macOS 11 SDK on arm64 and 10.9+ on intel
DOWNLOAD_URL: 'https://www.python.org/ftp/python/3.11.3/python-3.11.3-macos11.pkg'
BIN_PATH: '/Library/Frameworks/Python.framework/Versions/3.11/bin/python3'
Expand Down Expand Up @@ -243,9 +247,12 @@ jobs:
- name: Build the wheel
run: |
if [ -n "${{ matrix.PYTHON.ABI_VERSION }}" ]; then
PY_LIMITED_API="--config-settings=--build-option=--py-limited-api=${{ matrix.PYTHON.ABI_VERSION }} --no-build-isolation"
PY_LIMITED_API="--config-settings=build-args=--features=pyo3/abi3-${{ matrix.PYTHON.ABI_VERSION }} --no-build-isolation"
fi
# `maturin` has a binary that needs to be on the $PATH, so we
# activate the venv.
source venv/bin/activate
OPENSSL_DIR="$(readlink -f ../openssl-macos-universal2/)" \
OPENSSL_STATIC=1 \
venv/bin/python -m pip wheel -v --no-deps $PY_LIMITED_API cryptograph*.tar.gz -w dist/ && mv dist/cryptography*.whl wheelhouse
Expand Down Expand Up @@ -279,8 +286,8 @@ jobs:
- {ARCH: 'x86', WINDOWS: 'win32', RUST_TRIPLE: 'i686-pc-windows-msvc'}
- {ARCH: 'x64', WINDOWS: 'win64', RUST_TRIPLE: 'x86_64-pc-windows-msvc'}
PYTHON:
- {VERSION: "3.11", "ABI_VERSION": "cp37"}
- {VERSION: "3.11", "ABI_VERSION": "cp39"}
- {VERSION: "3.11", "ABI_VERSION": "py37"}
- {VERSION: "3.11", "ABI_VERSION": "py39"}
- {VERSION: "pypy-3.9"}
- {VERSION: "pypy-3.10"}
exclude:
Expand Down Expand Up @@ -334,7 +341,7 @@ jobs:
- run: mkdir wheelhouse
- run: |
if [ -n "${{ matrix.PYTHON.ABI_VERSION }}" ]; then
PY_LIMITED_API="--config-settings=--build-option=--py-limited-api=${{ matrix.PYTHON.ABI_VERSION }} --no-build-isolation"
PY_LIMITED_API="--config-settings=build-args=--features=pyo3/abi3-${{ matrix.PYTHON.ABI_VERSION }} --no-build-isolation"
fi
python -m pip wheel -v --no-deps cryptography*.tar.gz $PY_LIMITED_API -w dist/ && mv dist/cryptography*.whl wheelhouse/
Expand Down
24 changes: 0 additions & 24 deletions MANIFEST.in

This file was deleted.

60 changes: 42 additions & 18 deletions pyproject.toml
Original file line number Diff line number Diff line change
Expand Up @@ -2,13 +2,15 @@
# These requirements must be kept sync with the requirements in
# ./github/requirements/build-requirements.{in,txt}
requires = [
# First version of setuptools to support pyproject.toml configuration
"setuptools>=61.0.0",
"maturin>=1,<2",

# Must be kept in sync with `project.dependencies`
"cffi>=1.12; platform_python_implementation != 'PyPy'",
"setuptools-rust>=1.7.0",
# Needed because cffi imports distutils, and in Python 3.12, distutils has
# been removed from the stdlib, but installing setuptools puts it back.
"setuptools",
]
build-backend = "setuptools.build_meta"
build-backend = "maturin"

[project]
name = "cryptography"
Expand Down Expand Up @@ -56,14 +58,6 @@ source = "https://github.com/pyca/cryptography/"
issues = "https://github.com/pyca/cryptography/issues"
changelog = "https://cryptography.io/en/latest/changelog/"

[tool.setuptools]
zip-safe = false
package-dir = {"" = "src"}

[tool.setuptools.packages.find]
where = ["src"]
include = ["cryptography*"]

[project.optional-dependencies]
ssh = ["bcrypt >=3.1.5"]

Expand All @@ -85,12 +79,42 @@ sdist = ["build"]
# `click` included because its needed to type check `release.py`
pep8test = ["ruff", "mypy", "check-sdist", "click"]

[[tool.setuptools-rust.ext-modules]]
target = "cryptography.hazmat.bindings._rust"
path = "src/rust/Cargo.toml"
py-limited-api = "auto"
rust-version = ">=1.65.0"

[tool.maturin]
python-source = "src"
python-packages = ["cryptography"]
manifest-path = "src/rust/Cargo.toml"
module-name = "cryptography.hazmat.bindings._rust"
locked = true
sdist-generator = "git"
features = ["pyo3/abi3-py37"]
include = [
"CHANGELOG.rst",
"CONTRIBUTING.rst",
"LICENSE",
"LICENSE.APACHE",
"LICENSE.BSD",

"docs/**/*",

"src/_cffi_src/**/*.py",
"src/_cffi_src/**/*.c",
"src/_cffi_src/**/*.h",

"src/rust/**/Cargo.toml",
"src/rust/**/Cargo.lock",
"src/rust/**/*.rs",

"tests/**/*.py",
]
exclude = [
"vectors/**/*",
"src/rust/target/**/*",
"docs/_build/**/*",
".github/**/*",
".readthedocs.yml",
"ci-constraints-requirements.txt",
"mypy.ini",
]

[tool.pytest.ini_options]
addopts = "-r s --capture=no --strict-markers --benchmark-disable"
Expand Down

0 comments on commit 5b23baa

Please sign in to comment.