diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index d1354ac9..9cecb242 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -36,12 +36,13 @@ jobs: strategy: fail-fast: false matrix: - policy: ["manylinux2014", "musllinux_1_2"] - platform: ["i686", "x86_64"] + policy: ["manylinux2014", "manylinux_2_28", "manylinux_2_34", "musllinux_1_2"] + platform: ["x86_64"] include: - - policy: "manylinux_2_28" - platform: "x86_64" - + - policy: "manylinux2014" + platform: "i686" + - policy: "musllinux_1_2" + platform: "i686" env: POLICY: ${{ matrix.policy }} PLATFORM: ${{ matrix.platform }} diff --git a/.travis.yml b/.travis.yml index 32963ecb..e812d198 100644 --- a/.travis.yml +++ b/.travis.yml @@ -45,6 +45,14 @@ jobs: env: POLICY="manylinux_2_28" PLATFORM="s390x" - arch: ppc64le env: POLICY="manylinux_2_28" PLATFORM="ppc64le" + - arch: arm64-graviton2 + virt: vm + group: edge + env: POLICY="manylinux_2_34" PLATFORM="aarch64" + - arch: s390x + env: POLICY="manylinux_2_34" PLATFORM="s390x" + - arch: ppc64le + env: POLICY="manylinux_2_34" PLATFORM="ppc64le" - arch: arm64-graviton2 virt: vm group: edge diff --git a/README.rst b/README.rst index d4c59740..82dfdfdb 100644 --- a/README.rst +++ b/README.rst @@ -37,6 +37,8 @@ The manylinux project supports: - ``manylinux_2_28`` images for ``x86_64``, ``aarch64``, ``ppc64le`` and ``s390x``. +- ``manylinux_2_34`` images for ``x86_64``, ``aarch64``, ``ppc64le`` and ``s390x``. + - ``musllinux_1_2`` images for ``x86_64``, ``i686``, ``aarch64``, ``ppc64le``, ``s390x`` and ``armv7l``. @@ -92,6 +94,24 @@ etc., we provide `Docker `_ images where we've done the work for you. The images are uploaded to `quay.io`_ and are tagged for repeatable builds. +manylinux_2_34 (AlmaLinux 9 based) +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Toolchain: GCC 13 + +- x86_64 image: ``quay.io/pypa/manylinux_2_34_x86_64`` +- aarch64 image: ``quay.io/pypa/manylinux_2_34_aarch64`` +- ppc64le image: ``quay.io/pypa/manylinux_2_34_ppc64le`` +- s390x image: ``quay.io/pypa/manylinux_2_34_s390x`` + +Built wheels are also expected to be compatible with other +distros using glibc 2.34 or later, including: + +- Debian 12+ +- Ubuntu 21.10+ +- Fedora 35+ +- CentOS/RHEL 9+ + manylinux_2_28 (AlmaLinux 8 based) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/build.sh b/build.sh index 867fad05..6197367f 100755 --- a/build.sh +++ b/build.sh @@ -14,22 +14,16 @@ export PLATFORM # get docker default multiarch image prefix for PLATFORM if [ "${PLATFORM}" == "x86_64" ]; then GOARCH="amd64" - MULTIARCH_PREFIX="amd64/" elif [ "${PLATFORM}" == "i686" ]; then GOARCH="386" - MULTIARCH_PREFIX="i386/" elif [ "${PLATFORM}" == "aarch64" ]; then GOARCH="arm64" - MULTIARCH_PREFIX="arm64v8/" elif [ "${PLATFORM}" == "ppc64le" ]; then GOARCH="ppc64le" - MULTIARCH_PREFIX="ppc64le/" elif [ "${PLATFORM}" == "s390x" ]; then GOARCH="s390x" - MULTIARCH_PREFIX="s390x/" elif [ "${PLATFORM}" == "armv7l" ]; then GOARCH="arm/v7" - MULTIARCH_PREFIX="arm32v7/" else echo "Unsupported platform: '${PLATFORM}'" exit 1 @@ -38,9 +32,9 @@ fi # setup BASEIMAGE and its specific properties if [ "${POLICY}" == "manylinux2014" ]; then if [ "${PLATFORM}" == "s390x" ]; then - BASEIMAGE="s390x/clefos:7" + BASEIMAGE="clefos:7" else - BASEIMAGE="${MULTIARCH_PREFIX}centos:7" + BASEIMAGE="centos:7" fi DEVTOOLSET_ROOTPATH="/opt/rh/devtoolset-10/root" PREPEND_PATH="${DEVTOOLSET_ROOTPATH}/usr/bin:" @@ -50,12 +44,17 @@ if [ "${POLICY}" == "manylinux2014" ]; then LD_LIBRARY_PATH_ARG="${DEVTOOLSET_ROOTPATH}/usr/lib64:${DEVTOOLSET_ROOTPATH}/usr/lib:${DEVTOOLSET_ROOTPATH}/usr/lib64/dyninst:${DEVTOOLSET_ROOTPATH}/usr/lib/dyninst:/usr/local/lib64" fi elif [ "${POLICY}" == "manylinux_2_28" ]; then - BASEIMAGE="${MULTIARCH_PREFIX}almalinux:8" + BASEIMAGE="almalinux:8" DEVTOOLSET_ROOTPATH="/opt/rh/gcc-toolset-12/root" PREPEND_PATH="${DEVTOOLSET_ROOTPATH}/usr/bin:" LD_LIBRARY_PATH_ARG="${DEVTOOLSET_ROOTPATH}/usr/lib64:${DEVTOOLSET_ROOTPATH}/usr/lib:${DEVTOOLSET_ROOTPATH}/usr/lib64/dyninst:${DEVTOOLSET_ROOTPATH}/usr/lib/dyninst" +elif [ "${POLICY}" == "manylinux_2_34" ]; then + BASEIMAGE="almalinux:9" + DEVTOOLSET_ROOTPATH="/opt/rh/gcc-toolset-13/root" + PREPEND_PATH="${DEVTOOLSET_ROOTPATH}/usr/bin:" + LD_LIBRARY_PATH_ARG="${DEVTOOLSET_ROOTPATH}/usr/lib64:${DEVTOOLSET_ROOTPATH}/usr/lib:${DEVTOOLSET_ROOTPATH}/usr/lib64/dyninst:${DEVTOOLSET_ROOTPATH}/usr/lib/dyninst" elif [ "${POLICY}" == "musllinux_1_2" ]; then - BASEIMAGE="${MULTIARCH_PREFIX}alpine:3.20" + BASEIMAGE="alpine:3.20" DEVTOOLSET_ROOTPATH= PREPEND_PATH= LD_LIBRARY_PATH_ARG= diff --git a/docker/Dockerfile b/docker/Dockerfile index 9488bade..fea8d72b 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -1,8 +1,8 @@ # default to latest supported policy, x86_64 -ARG BASEIMAGE=amd64/almalinux:8 -ARG POLICY=manylinux_2_28 +ARG BASEIMAGE=amd64/almalinux:9 +ARG POLICY=manylinux_2_34 ARG PLATFORM=x86_64 -ARG DEVTOOLSET_ROOTPATH=/opt/rh/gcc-toolset-12/root +ARG DEVTOOLSET_ROOTPATH=/opt/rh/gcc-toolset-13/root ARG LD_LIBRARY_PATH_ARG=${DEVTOOLSET_ROOTPATH}/usr/lib64:${DEVTOOLSET_ROOTPATH}/usr/lib:${DEVTOOLSET_ROOTPATH}/usr/lib64/dyninst:${DEVTOOLSET_ROOTPATH}/usr/lib/dyninst ARG PREPEND_PATH=${DEVTOOLSET_ROOTPATH}/usr/bin: diff --git a/docker/build_scripts/build-cpython.sh b/docker/build_scripts/build-cpython.sh index 0eae0e62..a913760f 100755 --- a/docker/build_scripts/build-cpython.sh +++ b/docker/build_scripts/build-cpython.sh @@ -54,6 +54,14 @@ if [ "${BASE_POLICY}_${AUDITWHEEL_ARCH}" == "musllinux_armv7l" ]; then CONFIGURE_ARGS="${CONFIGURE_ARGS} --build=arm-linux-musleabihf" fi +SQLITE_PREFIX=$(find /opt/_internal -maxdepth 1 -name 'sqlite*') +if [ "${SQLITE_PREFIX}" != "" ]; then + case "${CPYTHON_VERSION}" in + 3.6.*|3.7.*|3.8.*|3.9.*|3.10.*) sed -i "s|/usr/local/include/sqlite3|/opt/_internal/sqlite3/include|g ; s|sqlite_extra_link_args = ()|sqlite_extra_link_args = ('-Wl,--enable-new-dtags,-rpath=/opt/_internal/sqlite3/lib',)|g" setup.py;; + *) ;; + esac +fi + OPENSSL_PREFIX=$(find /opt/_internal -maxdepth 1 -name 'openssl*') if [ "${OPENSSL_PREFIX}" != "" ]; then CONFIGURE_ARGS="${CONFIGURE_ARGS} --with-openssl=${OPENSSL_PREFIX}" @@ -63,6 +71,8 @@ if [ "${OPENSSL_PREFIX}" != "" ]; then esac fi +unset _PYTHON_HOST_PLATFORM + # configure with hardening options only for the interpreter & stdlib C extensions # do not change the default for user built extension (yet?) ./configure \ diff --git a/docker/build_scripts/build-openssl.sh b/docker/build_scripts/build-openssl.sh index 6c49d1c6..0b564f3d 100755 --- a/docker/build_scripts/build-openssl.sh +++ b/docker/build_scripts/build-openssl.sh @@ -29,10 +29,10 @@ if [ "${SMALLEST}" = "${OPENSSL_MIN_VERSION}" ]; then exit 0 fi -if which yum; then - yum erase -y openssl-devel -else - apk del openssl-dev +if [ "${OS_ID_LIKE}" = "rhel" ];then + manylinux_pkg_remove openssl-devel +elif [ "${OS_ID_LIKE}" = "alpine" ]; then + manylinux_pkg_remove openssl-dev fi PREFIX=/opt/_internal/openssl-${OPENSSL_VERSION%.*} diff --git a/docker/build_scripts/build-sqlite3.sh b/docker/build_scripts/build-sqlite3.sh index 6d2447d4..d3e9e017 100755 --- a/docker/build_scripts/build-sqlite3.sh +++ b/docker/build_scripts/build-sqlite3.sh @@ -10,6 +10,12 @@ MY_DIR=$(dirname "${BASH_SOURCE[0]}") # Get build utilities source $MY_DIR/build_utils.sh +if [ "${AUDITWHEEL_POLICY}" == "manylinux2014" ] || [ "${AUDITWHEEL_POLICY}" == "manylinux_2_28" ] || [ "${AUDITWHEEL_POLICY}" == "musllinux_1_2" ]; then + PREFIX=/usr/local +else + PREFIX=/opt/_internal/sqlite3 +fi + # Install a more recent SQLite3 check_var ${SQLITE_AUTOCONF_ROOT} check_var ${SQLITE_AUTOCONF_HASH} @@ -18,23 +24,30 @@ fetch_source ${SQLITE_AUTOCONF_ROOT}.tar.gz ${SQLITE_AUTOCONF_DOWNLOAD_URL} check_sha256sum ${SQLITE_AUTOCONF_ROOT}.tar.gz ${SQLITE_AUTOCONF_HASH} tar xfz ${SQLITE_AUTOCONF_ROOT}.tar.gz pushd ${SQLITE_AUTOCONF_ROOT} -DESTDIR=/manylinux-rootfs do_standard_install +# add rpath +sed -i "s|^Libs:|Libs: -Wl,--enable-new-dtags,-rpath=\${libdir} |g" sqlite3.pc.in +DESTDIR=/manylinux-rootfs do_standard_install --prefix=${PREFIX} popd rm -rf ${SQLITE_AUTOCONF_ROOT} ${SQLITE_AUTOCONF_ROOT}.tar.gz -# static library is unused, remove it -rm /manylinux-rootfs/usr/local/lib/libsqlite3.a +# Remove unused files +rm /manylinux-rootfs${PREFIX}/lib/libsqlite3.a +rm -rf /manylinux-rootfs${PREFIX}/share # Strip what we can strip_ /manylinux-rootfs # Install cp -rlf /manylinux-rootfs/* / -if [ "${BASE_POLICY}" == "musllinux" ]; then - ldconfig / -elif [ "${BASE_POLICY}" == "manylinux" ]; then - ldconfig -fi -# Clean-up for runtime -rm -rf /manylinux-rootfs/usr/local/share +if [ "${PREFIX}" == "/usr/local" ]; then + if [ "${BASE_POLICY}" == "musllinux" ]; then + ldconfig / + elif [ "${BASE_POLICY}" == "manylinux" ]; then + ldconfig + fi +else + # python >= 3.11 + mkdir -p /usr/local/lib/pkgconfig/ + ln -s ${PREFIX}/lib/pkgconfig/sqlite3.pc /usr/local/lib/pkgconfig/sqlite3.pc +fi diff --git a/docker/build_scripts/build_utils.sh b/docker/build_scripts/build_utils.sh index b7dc47ba..7e0f37f4 100755 --- a/docker/build_scripts/build_utils.sh +++ b/docker/build_scripts/build_utils.sh @@ -10,50 +10,67 @@ MANYLINUX_CFLAGS="-g -O2 -Wall -fdebug-prefix-map=/=. -fstack-protector-strong - MANYLINUX_CXXFLAGS="-g -O2 -Wall -fdebug-prefix-map=/=. -fstack-protector-strong -Wformat -Werror=format-security" MANYLINUX_LDFLAGS="-Wl,-Bsymbolic-functions -Wl,-z,relro -Wl,-z,now" -export BASE_POLICY=manylinux if [ "${AUDITWHEEL_POLICY:0:10}" == "musllinux_" ]; then export BASE_POLICY=musllinux + PACKAGE_MANAGER=apk +else + export BASE_POLICY=manylinux + if command -v dnf >/dev/null 2>&1; then + PACKAGE_MANAGER=dnf + elif command -v yum >/dev/null 2>&1; then + PACKAGE_MANAGER=yum + else + echo "unsupported image" + exit 1 + fi fi +OS_ID_LIKE=$(. /etc/os-release; echo "${ID} ${ID_LIKE:-}") +case "${OS_ID_LIKE}" in + *rhel*) OS_ID_LIKE=rhel;; + *alpine*) OS_ID_LIKE=alpine;; + *) echo "unsupported image"; exit 1;; +esac + function check_var { - if [ -z "$1" ]; then - echo "required variable not defined" - exit 1 - fi + if [ -z "$1" ]; then + echo "required variable not defined" + exit 1 + fi } function fetch_source { - # This is called both inside and outside the build context (e.g. in Travis) to prefetch - # source tarballs, where curl exists (and works) - local file=$1 - check_var ${file} - local url=$2 - check_var ${url} - if [ -f ${file} ]; then - echo "${file} exists, skipping fetch" - else - curl -fsSL -o ${file} ${url}/${file} - fi + # This is called both inside and outside the build context (e.g. in Travis) to prefetch + # source tarballs, where curl exists (and works) + local file=$1 + check_var ${file} + local url=$2 + check_var ${url} + if [ -f ${file} ]; then + echo "${file} exists, skipping fetch" + else + curl -fsSL -o ${file} ${url}/${file} + fi } function check_sha256sum { - local fname=$1 - check_var ${fname} - local sha256=$2 - check_var ${sha256} - - echo "${sha256} ${fname}" > ${fname}.sha256 - sha256sum -c ${fname}.sha256 - rm -f ${fname}.sha256 + local fname=$1 + check_var ${fname} + local sha256=$2 + check_var ${sha256} + + echo "${sha256} ${fname}" > ${fname}.sha256 + sha256sum -c ${fname}.sha256 + rm -f ${fname}.sha256 } function do_standard_install { - ./configure "$@" CPPFLAGS="${MANYLINUX_CPPFLAGS}" CFLAGS="${MANYLINUX_CFLAGS}" "CXXFLAGS=${MANYLINUX_CXXFLAGS}" LDFLAGS="${MANYLINUX_LDFLAGS}" > /dev/null - make > /dev/null - make install > /dev/null + ./configure "$@" CPPFLAGS="${MANYLINUX_CPPFLAGS}" CFLAGS="${MANYLINUX_CFLAGS}" "CXXFLAGS=${MANYLINUX_CXXFLAGS}" LDFLAGS="${MANYLINUX_LDFLAGS}" > /dev/null + make > /dev/null + make install > /dev/null } function strip_ { @@ -65,3 +82,41 @@ function strip_ { function clean_pyc { find $1 -type f -a \( -name '*.pyc' -o -name '*.pyo' \) -delete } + +function manylinux_pkg_install { + if [ "${PACKAGE_MANAGER}" = "yum" ]; then + yum -y install "$@" + elif [ "${PACKAGE_MANAGER}" = "dnf" ]; then + dnf -y install --allowerasing "$@" + elif [ "${PACKAGE_MANAGER}" = "apk" ]; then + apk add --no-cache "$@" + else + return 1 + fi +} + +function manylinux_pkg_remove { + if [ "${PACKAGE_MANAGER}" = "yum" ]; then + yum erase -y "$@" + elif [ "${PACKAGE_MANAGER}" = "dnf" ];then + dnf erase -y "$@" + elif [ "${PACKAGE_MANAGER}" = "apk" ]; then + apk del "$@" + else + return 1 + fi +} + +function manylinux_pkg_clean { + if [ "${PACKAGE_MANAGER}" = "yum" ]; then + yum clean all + rm -rf /var/cache/yum + elif [ "${PACKAGE_MANAGER}" = "dnf" ]; then + dnf clean all + rm -rf /var/cache/dnf + elif [ "${PACKAGE_MANAGER}" = "apk" ]; then + : + else + return 1 + fi +} diff --git a/docker/build_scripts/install-build-packages.sh b/docker/build_scripts/install-build-packages.sh index 42ed59d2..99de5582 100755 --- a/docker/build_scripts/install-build-packages.sh +++ b/docker/build_scripts/install-build-packages.sh @@ -13,35 +13,21 @@ source $MY_DIR/build_utils.sh # if a devel package is added to COMPILE_DEPS, # make sure the corresponding library is added to RUNTIME_DEPS if applicable -if [ "${BASE_POLICY}" == "manylinux" ]; then - COMPILE_DEPS="bzip2-devel ncurses-devel readline-devel gdbm-devel libpcap-devel xz-devel openssl openssl-devel keyutils-libs-devel krb5-devel libcom_err-devel libidn-devel curl-devel uuid-devel libffi-devel kernel-headers libdb-devel perl-IPC-Cmd" +if [ "${OS_ID_LIKE}" = "rhel" ]; then + COMPILE_DEPS="bzip2-devel ncurses-devel readline-devel gdbm-devel libpcap-devel xz-devel openssl openssl-devel keyutils-libs-devel krb5-devel libcom_err-devel curl-devel uuid-devel libffi-devel kernel-headers libdb-devel perl-IPC-Cmd" if [ "${AUDITWHEEL_POLICY}" == "manylinux2014" ]; then - PACKAGE_MANAGER=yum - COMPILE_DEPS="${COMPILE_DEPS} libXft-devel" + COMPILE_DEPS="${COMPILE_DEPS} libidn-devel libXft-devel" + elif [ "${AUDITWHEEL_POLICY}" == "manylinux_2_28" ]; then + COMPILE_DEPS="${COMPILE_DEPS} libidn-devel tk-devel" else - PACKAGE_MANAGER=dnf - COMPILE_DEPS="${COMPILE_DEPS} tk-devel" + COMPILE_DEPS="${COMPILE_DEPS} libidn2-devel tk-devel" fi -elif [ "${BASE_POLICY}" == "musllinux" ]; then - PACKAGE_MANAGER=apk +elif [ "${OS_ID_LIKE}" == "alpine" ]; then COMPILE_DEPS="bzip2-dev ncurses-dev readline-dev tk-dev gdbm-dev libpcap-dev xz-dev openssl openssl-dev keyutils-dev krb5-dev libcom_err libidn-dev curl-dev util-linux-dev libffi-dev linux-headers" else echo "Unsupported policy: '${AUDITWHEEL_POLICY}'" exit 1 fi - -if [ "${PACKAGE_MANAGER}" == "yum" ]; then - yum -y install ${COMPILE_DEPS} - yum clean all - rm -rf /var/cache/yum -elif [ "${PACKAGE_MANAGER}" == "apk" ]; then - apk add --no-cache ${COMPILE_DEPS} -elif [ "${PACKAGE_MANAGER}" == "dnf" ]; then - dnf -y install --allowerasing ${COMPILE_DEPS} - dnf clean all - rm -rf /var/cache/yum -else - echo "Not implemented" - exit 1 -fi +manylinux_pkg_install ${COMPILE_DEPS} +manylinux_pkg_clean diff --git a/docker/build_scripts/install-entrypoint.sh b/docker/build_scripts/install-entrypoint.sh index df631dbb..fb58799c 100755 --- a/docker/build_scripts/install-entrypoint.sh +++ b/docker/build_scripts/install-entrypoint.sh @@ -23,6 +23,6 @@ if [ "${AUDITWHEEL_PLAT}" = "manylinux2014_i686" ]; then LC_ALL=C "${MY_DIR}/update-system-packages.sh" fi -if [ "${AUDITWHEEL_POLICY:0:10}" == "musllinux_" ]; then +if [ "${AUDITWHEEL_POLICY#musllinux}" != "${AUDITWHEEL_POLICY}" ]; then apk add --no-cache bash fi diff --git a/docker/build_scripts/install-runtime-packages.sh b/docker/build_scripts/install-runtime-packages.sh index 0c8ecf77..dbf91a3e 100755 --- a/docker/build_scripts/install-runtime-packages.sh +++ b/docker/build_scripts/install-runtime-packages.sh @@ -32,9 +32,9 @@ source $MY_DIR/build_utils.sh # MANYLINUX_DEPS: Install development packages (except for libgcc which is provided by gcc install) -if [ "${AUDITWHEEL_POLICY}" == "manylinux2014" ] || [ "${AUDITWHEEL_POLICY}" == "manylinux_2_28" ]; then +if [ "${OS_ID_LIKE}" == "rhel" ]; then MANYLINUX_DEPS="glibc-devel libstdc++-devel glib2-devel libX11-devel libXext-devel libXrender-devel mesa-libGL-devel libICE-devel libSM-devel zlib-devel expat-devel" -elif [ "${BASE_POLICY}" == "musllinux" ]; then +elif [ "${OS_ID_LIKE}" == "alpine" ]; then MANYLINUX_DEPS="musl-dev libstdc++ glib-dev libx11-dev libxext-dev libxrender-dev mesa-dev libice-dev libsm-dev zlib-dev expat-dev" else echo "Unsupported policy: '${AUDITWHEEL_POLICY}'" @@ -42,23 +42,26 @@ else fi # RUNTIME_DEPS: Runtime dependencies. c.f. install-build-packages.sh -if [ "${AUDITWHEEL_POLICY}" == "manylinux2014" ] || [ "${AUDITWHEEL_POLICY}" == "manylinux_2_28" ]; then - RUNTIME_DEPS="zlib bzip2 expat ncurses readline gdbm libpcap xz openssl keyutils-libs libkadm5 libcom_err libidn libcurl uuid libffi libdb" +if [ "${OS_ID_LIKE}" == "rhel" ]; then + RUNTIME_DEPS="zlib bzip2 expat ncurses readline gdbm libpcap xz openssl keyutils-libs libkadm5 libcom_err libcurl uuid libffi libdb" if [ "${AUDITWHEEL_POLICY}" == "manylinux2014" ]; then - RUNTIME_DEPS="${RUNTIME_DEPS} libXft" + RUNTIME_DEPS="${RUNTIME_DEPS} libidn libXft" elif [ "${AUDITWHEEL_POLICY}" == "manylinux_2_28" ]; then - RUNTIME_DEPS="${RUNTIME_DEPS} tk" + RUNTIME_DEPS="${RUNTIME_DEPS} libidn tk" + else + RUNTIME_DEPS="${RUNTIME_DEPS} libidn2 tk" + # for graalpy + RUNTIME_DEPS="${RUNTIME_DEPS} libxcrypt-compat" fi -elif [ "${BASE_POLICY}" == "musllinux" ]; then +elif [ "${OS_ID_LIKE}" == "alpine" ]; then RUNTIME_DEPS="zlib bzip2 expat ncurses-libs readline tk gdbm db xz openssl keyutils-libs krb5-libs libcom_err libidn2 libcurl libuuid libffi" else echo "Unsupported policy: '${AUDITWHEEL_POLICY}'" exit 1 fi -BASETOOLS="autoconf automake bison bzip2 diffutils file make patch unzip" +BASETOOLS="autoconf automake bison bzip2 ca-certificates curl diffutils file make patch unzip" if [ "${AUDITWHEEL_POLICY}" == "manylinux2014" ]; then - PACKAGE_MANAGER=yum BASETOOLS="${BASETOOLS} hardlink hostname which" # See https://unix.stackexchange.com/questions/41784/can-yum-express-a-preference-for-x86-64-over-i386-packages echo "multilib_policy=best" >> /etc/yum.conf @@ -87,9 +90,8 @@ if [ "${AUDITWHEEL_POLICY}" == "manylinux2014" ]; then curl -fsSLo /etc/yum.repos.d/mayeut-devtoolset-10.repo https://copr.fedorainfracloud.org/coprs/mayeut/devtoolset-10/repo/custom-1/mayeut-devtoolset-10-custom-1.repo fi fixup-mirrors -elif [ "${AUDITWHEEL_POLICY}" == "manylinux_2_28" ]; then - PACKAGE_MANAGER=dnf - BASETOOLS="${BASETOOLS} curl glibc-locale-source glibc-langpack-en hardlink hostname libcurl libnsl libxcrypt which" +elif [ "${OS_ID_LIKE}" == "rhel" ]; then + BASETOOLS="${BASETOOLS} glibc-locale-source glibc-langpack-en hardlink hostname libcurl libnsl libxcrypt which" # See https://unix.stackexchange.com/questions/41784/can-yum-express-a-preference-for-x86-64-over-i386-packages echo "multilib_policy=best" >> /etc/yum.conf # Error out if requested packages do not exist @@ -97,32 +99,26 @@ elif [ "${AUDITWHEEL_POLICY}" == "manylinux_2_28" ]; then # Make sure that locale will not be removed sed -i '/^override_install_langs=/d' /etc/yum.conf dnf -y upgrade - dnf -y install dnf-plugins-core - dnf config-manager --set-enabled powertools # for yasm - TOOLCHAIN_DEPS="gcc-toolset-12-binutils gcc-toolset-12-gcc gcc-toolset-12-gcc-c++ gcc-toolset-12-gcc-gfortran" + dnf -y install dnf-plugins-core epel-release + if [ "${AUDITWHEEL_POLICY}" == "manylinux_2_28" ]; then + dnf config-manager --set-enabled powertools + TOOLCHAIN_DEPS="gcc-toolset-12-binutils gcc-toolset-12-gcc gcc-toolset-12-gcc-c++ gcc-toolset-12-gcc-gfortran" + else + dnf config-manager --set-enabled crb + TOOLCHAIN_DEPS="gcc-toolset-13-binutils gcc-toolset-13-gcc gcc-toolset-13-gcc-c++ gcc-toolset-13-gcc-gfortran" + fi if [ "${AUDITWHEEL_ARCH}" == "x86_64" ]; then TOOLCHAIN_DEPS="${TOOLCHAIN_DEPS} yasm" fi -elif [ "${BASE_POLICY}" == "musllinux" ]; then +elif [ "${OS_ID_LIKE}" == "alpine" ]; then TOOLCHAIN_DEPS="binutils gcc g++ gfortran" - BASETOOLS="${BASETOOLS} curl util-linux shadow tar" - PACKAGE_MANAGER=apk - apk add --no-cache ca-certificates gnupg + BASETOOLS="${BASETOOLS} gnupg util-linux shadow tar" else echo "Unsupported policy: '${AUDITWHEEL_POLICY}'" exit 1 fi -if [ "${PACKAGE_MANAGER}" == "yum" ]; then - yum -y install ${BASETOOLS} ${TOOLCHAIN_DEPS} ${MANYLINUX_DEPS} ${RUNTIME_DEPS} -elif [ "${PACKAGE_MANAGER}" == "apk" ]; then - apk add --no-cache ${BASETOOLS} ${TOOLCHAIN_DEPS} ${MANYLINUX_DEPS} ${RUNTIME_DEPS} -elif [ "${PACKAGE_MANAGER}" == "dnf" ]; then - dnf -y install --allowerasing ${BASETOOLS} ${TOOLCHAIN_DEPS} ${MANYLINUX_DEPS} ${RUNTIME_DEPS} -else - echo "Not implemented" - exit 1 -fi +manylinux_pkg_install ${BASETOOLS} ${TOOLCHAIN_DEPS} ${MANYLINUX_DEPS} ${RUNTIME_DEPS} # update system packages, we already updated them but # the following script takes care of cleaning-up some things diff --git a/docker/build_scripts/update-system-packages.sh b/docker/build_scripts/update-system-packages.sh index bec18170..d07e9687 100755 --- a/docker/build_scripts/update-system-packages.sh +++ b/docker/build_scripts/update-system-packages.sh @@ -11,29 +11,26 @@ MY_DIR=$(dirname "${BASH_SOURCE[0]}") source $MY_DIR/build_utils.sh fixup-mirrors -if [ "${AUDITWHEEL_POLICY}" == "manylinux2014" ]; then +if [ "${PACKAGE_MANAGER}" == "yum" ]; then yum -y update if ! localedef -V &> /dev/null; then # somebody messed up glibc-common package to squeeze image size, reinstall the package fixup-mirrors yum -y reinstall glibc-common fi - yum clean all - rm -rf /var/cache/yum -elif [ "${AUDITWHEEL_POLICY}" == "manylinux_2_28" ]; then +elif [ "${PACKAGE_MANAGER}" == "dnf" ]; then dnf -y upgrade - dnf clean all - rm -rf /var/cache/yum -elif [ "${BASE_POLICY}" == "musllinux" ]; then +elif [ "${PACKAGE_MANAGER}" == "apk" ]; then apk upgrade --no-cache else - echo "Unsupported policy: '${AUDITWHEEL_POLICY}'" + echo "Unsupported package manager: '${PACKAGE_MANAGER}'" exit 1 fi +manylinux_pkg_clean fixup-mirrors # do we want to update locales ? -if [ "${BASE_POLICY}" == "manylinux" ]; then +if [ "${OS_ID_LIKE}" == "rhel" ]; then LOCALE_ARCHIVE=/usr/lib/locale/locale-archive TIMESTAMP_FILE=${LOCALE_ARCHIVE}.ml.timestamp if [ ! -f ${TIMESTAMP_FILE} ] || [ ${LOCALE_ARCHIVE} -nt ${TIMESTAMP_FILE} ]; then diff --git a/docker/manylinux-entrypoint b/docker/manylinux-entrypoint index bbe06c0a..e1289aca 100755 --- a/docker/manylinux-entrypoint +++ b/docker/manylinux-entrypoint @@ -6,7 +6,7 @@ if [ "${AUDITWHEEL_ARCH}" == "i686" ] && [ "$(uname -m)" == "x86_64" ]; then linux32 "$@" elif [ "${AUDITWHEEL_ARCH}" == "armv7l" ] && [ "$(uname -m)" != "armv7l" ]; then if [ "$(linux32 uname -m)" == "armv8l" ]; then - export _PYTHON_HOST_PLATFORM="linux_armv7l" + export _PYTHON_HOST_PLATFORM="linux-armv7l" fi linux32 "$@" else