Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Python 3.10.12 and 3.11.4 update #5800

Merged
merged 15 commits into from
Jul 19, 2023
Merged

Conversation

th0ma7
Copy link
Contributor

@th0ma7 th0ma7 commented Jul 3, 2023

Description

Python 3.10.12 and 3.11.4 update

Fixes n/a

Checklist

  • Build rule all-supported completed successfully
  • New installation of package completed successfully
  • Package upgrade completed successfully (Manually install the package again)
  • Package functionality was tested
  • Any needed documentation is updated/created

Type of change

  • Bug fix
  • New Package
  • Package update
  • Includes small framework changes
  • This change requires a documentation update (e.g. Wiki)

@th0ma7
Copy link
Contributor Author

th0ma7 commented Jul 4, 2023

@hgy59 this will require a second pair of eye... Overall this PR is relatively trivial besides:

  1. the regular testing of newer wheels requiring a changes here and there
  2. a new patch for armv5 for py311 otherwise causing static_assert undefined errors
  3. along with a few tentative fixes for mariadb-connector-c update which requires -std=gnu99 on GCC <= 5.0

The real hit here is openssl3. I've adjusted ALL python31* dependencies to use it starting from now. I'm thinking python is probably a good segway to enforce switching to newer openssl... Although this may be too brutal and require thinking things thru a bit more? Your thoughts on this would be welcomed.

@th0ma7
Copy link
Contributor Author

th0ma7 commented Jul 10, 2023

@hgy59 friendly reminder that your thoughts on openssl3 would be appreciated. thnx in advance.

@th0ma7 th0ma7 requested review from hgy59 and removed request for hgy59 July 13, 2023 01:31
@hgy59
Copy link
Contributor

hgy59 commented Jul 13, 2023

The real hit here is openssl3. I've adjusted ALL python31* dependencies to use it starting from now. I'm thinking python is probably a good segway to enforce switching to newer openssl... Although this may be too brutal and require thinking things thru a bit more? Your thoughts on this would be welcomed.

Recently I tried to build mosquitto with openssl3 as the dependencies are cross/libwebsockets and cross/cjson only and do not touch other packages.
Unfortunately there is a build error on cross/openssl3 for aarch64-6.2.4.
I hope we can fix this and find some other packages with just a few dependencies to avoid an all or nothing migration to openssl3.

@th0ma7
Copy link
Contributor Author

th0ma7 commented Jul 13, 2023

The real hit here is openssl3. I've adjusted ALL python31* dependencies to use it starting from now. I'm thinking python is probably a good segway to enforce switching to newer openssl... Although this may be too brutal and require thinking things thru a bit more? Your thoughts on this would be welcomed.

Recently I tried to build mosquitto with openssl3 as the dependencies are cross/libwebsockets and cross/cjson only and do not touch other packages.
Unfortunately there is a build error on cross/openssl3 for aarch64-6.2.4.
I hope we can fix this and find some other packages with just a few dependencies to avoid an all or nothing migration to openssl3.

@hgy59 look at my commits, i did solved that by disabling asm on that specific arch and version

@hgy59
Copy link
Contributor

hgy59 commented Jul 13, 2023

The real hit here is openssl3. I've adjusted ALL python31* dependencies to use it starting from now. I'm thinking python is probably a good segway to enforce switching to newer openssl... Although this may be too brutal and require thinking things thru a bit more? Your thoughts on this would be welcomed.

Recently I tried to build mosquitto with openssl3 as the dependencies are cross/libwebsockets and cross/cjson only and do not touch other packages.
Unfortunately there is a build error on cross/openssl3 for aarch64-6.2.4.
I hope we can fix this and find some other packages with just a few dependencies to avoid an all or nothing migration to openssl3.

@hgy59 look at my commits, i did solved that by disabling asm on that specific arch and version

There is a patch for aarch64 with older compilers, it is for 6.1 only and must be applied for 6.2.4 too. No need to disable asm.

@th0ma7
Copy link
Contributor Author

th0ma7 commented Jul 13, 2023

@hgy59 I just saw your PR. Let me rebase against master and undo that change related to asm.

Otherwise, are you ok with initiating openssl3 migration starting with this pr?

@hgy59
Copy link
Contributor

hgy59 commented Jul 13, 2023

@th0ma7 I have started a build (one arch only) of all packages with all cross/openssl references updated to cross/openssl3.
This will give a picture of the issues to expect (but it takes some time to complete)...
The github build action is not usable for this, as we get timeouts, like in this PR.

@th0ma7 th0ma7 force-pushed the py310-311-update branch from bfe7029 to c4feb5c Compare July 13, 2023 23:51
@th0ma7
Copy link
Contributor Author

th0ma7 commented Jul 13, 2023

I have started a build (one arch only) of all packages with all cross/openssl references updated to cross/openssl3. This will give a picture of the issues to expect (but it takes some time to complete)... The github build action is not usable for this, as we get timeouts, like in this PR.

@hgy59 ok, let me know what comes out of it. On my end I have succesfully tested python builds on x86_64 + deluge #5801 and all looks good AFAIK. And indeed github action won't be of any help... But let me know if you intend to merge something to master and need to rebase against it and revert what may be superseeded by your PR if any.

@th0ma7
Copy link
Contributor Author

th0ma7 commented Jul 14, 2023

@hgy59 interestingly armv5 github-action was able to fully complete with no errors which gives a nice idea of the situation.

@Safihre
Copy link
Contributor

Safihre commented Jul 19, 2023

So, now what? :)

@th0ma7
Copy link
Contributor Author

th0ma7 commented Jul 19, 2023

So, now what? :)

@Safihre Well its summer time and vacation :)

@hgy59 need assistance with openssl3, or advice/review so i can I merge as is or preferably proceed with reverting to older openssl?

@hgy59
Copy link
Contributor

hgy59 commented Jul 19, 2023

@hgy59 need assistance with openssl3, or advice/review so i can I merge as is or preferably proceed with reverting to older openssl?

my openssl build tests didn't find large show stoppers. One is the erlang/rabbitmq/ejabberd set of packages (that I already started to migrate with #5813 and #5814.
AFAICR there is ympd that needs an update too (but is already on #5652)
(sorry, I am out for vacation and don't have access to my dev env.)

I think you can go forward with python and openssl3

Just found out that openssl 3.1.1 is not an LTS version and will expire on 14th March 2025
There is Openssl 3.0 (currently 3.0.9) that is LTS and supported until 7th September 2026.

I would continue with 3.1.1 if you don't mind.

@th0ma7
Copy link
Contributor Author

th0ma7 commented Jul 19, 2023

my openssl build tests didn't find large show stoppers. One is the erlang/rabbitmq/ejabberd set of packages (that I already started to migrate with #5813 and #5814. AFAICR there is ympd that needs an update too (but is already on #5652) (sorry, I am out for vacation and don't have access to my dev env.)

I think you can go forward with python and openssl3

Will do.

Just found out that openssl 3.1.1 is not an LTS version and will expire on 14th March 2025 There is Openssl 3.0 (currently 3.0.9) that is LTS and supported until 7th September 2026.

I would continue with 3.1.1 if you don't mind.

I tend to agree with that as well.

@th0ma7 th0ma7 merged commit 89a8f39 into SynoCommunity:master Jul 19, 2023
@th0ma7 th0ma7 deleted the py310-311-update branch July 19, 2023 23:33
@mreid-tt
Copy link
Contributor

@th0ma7, is this published already?

@th0ma7
Copy link
Contributor Author

th0ma7 commented Jul 21, 2023

@mreid-tt yup, done yesterday

@mreid-tt mreid-tt added status/published Published and activated (may take up to 48h until visible in DSM package manager) and removed status/needs-review labels Jul 21, 2023
@hogi1200
Copy link

@th0ma7, @hgy59
i just installed the latest python311 package, but it broke my sickchill package (version 20230627-8).
sickchill doesn't start anymore and shows this error
ImportError: libssl.so.1.1: cannot open shared object file: No such file or directory

It looks like this is related to the change in OpenSSL version. Could you kindly check it please.

My system: MARVELL Armada 385 88F6820, DSM 6.2.4-25556 Update 7
Full error log:

Traceback (most recent call last):  
  File "/volume1/@appstore/sickchill/env/bin/./sickchill", line 5, in <module>  
    from SickChill import main  
  File "/volume1/@appstore/sickchill/env/lib/python3.11/site-packages/SickChill.py", line 14, in <module>  
    import sickchill.start  
  File "/volume1/@appstore/sickchill/env/lib/python3.11/site-packages/sickchill/__init__.py", line 5, in <module>  
    from .show.indexers import indexer, ShowIndexer  
  File "/volume1/@appstore/sickchill/env/lib/python3.11/site-packages/sickchill/show/indexers/__init__.py", line 1, in <module>  
    from .handler import ShowIndexer  
  File "/volume1/@appstore/sickchill/env/lib/python3.11/site-packages/sickchill/show/indexers/handler.py", line 3, in <module>  
    from sickchill import logger, settings  
  File "/volume1/@appstore/sickchill/env/lib/python3.11/site-packages/sickchill/logger.py", line 12, in <module>  
    from github import InputFileContent  
  File "/volume1/@appstore/sickchill/env/lib/python3.11/site-packages/github/__init__.py", line 58, in <module>  
    from github.GithubIntegration import GithubIntegration  
  File "/volume1/@appstore/sickchill/env/lib/python3.11/site-packages/github/GithubIntegration.py", line 4, in <module>  
    import jwt  
  File "/volume1/@appstore/sickchill/env/lib/python3.11/site-packages/jwt/__init__.py", line 1, in <module>  
    from .api_jwk import PyJWK, PyJWKSet  
  File "/volume1/@appstore/sickchill/env/lib/python3.11/site-packages/jwt/api_jwk.py", line 6, in <module>  
    from .algorithms import get_default_algorithms  
  File "/volume1/@appstore/sickchill/env/lib/python3.11/site-packages/jwt/algorithms.py", line 6, in <module>  
    from .utils import (  
  File "/volume1/@appstore/sickchill/env/lib/python3.11/site-packages/jwt/utils.py", line 7, in <module>  
    from cryptography.hazmat.primitives.asymmetric.ec import EllipticCurve  
  File "/volume1/@appstore/sickchill/env/lib/python3.11/site-packages/cryptography/hazmat/primitives/asymmetric/ec.py", line 10, in <module>  
    from cryptography.hazmat._oid import ObjectIdentifier  
  File "/volume1/@appstore/sickchill/env/lib/python3.11/site-packages/cryptography/hazmat/_oid.py", line 7, in <module>  
    from cryptography.hazmat.bindings._rust import (  
ImportError: libssl.so.1.1: cannot open shared object file: No such file or directory

@mreid-tt
Copy link
Contributor

This almost sounds like parts of the build is still referring to openssl which does have a libssl.so.1.1 as seen in:

lib:lib/libssl.so.1.1

As compared to openssl3 which does not seem to have this line in its PLIST.

@th0ma7
Copy link
Contributor Author

th0ma7 commented Jul 22, 2023

This really is somothing obvious I should have cought in my testing 😞

@hogi1200 can you test out resulting package from PR #5818 and see if this fixes your issue?

@mreid-tt I've disabled the packages online in the meantime to avoid receving too many of theses issues all over the place.

@hgy59 I'll test things further with my proposed change and see if this fixes things. Otherwise I'll revert the openssl3 portion entirely so we can review how we want to tackle migration later on after summer vacations.

@th0ma7
Copy link
Contributor Author

th0ma7 commented Jul 22, 2023

@hogi1200 my initiatial testing shows that my proposed fix does solves things. I suggest you install the resulting package corresponding to your NAS arch from the github-action build here (once completed) https://github.com/SynoCommunity/spksrc/actions/runs/5630487543 to confirm issue is confirmed to be solved for you.

@th0ma7
Copy link
Contributor Author

th0ma7 commented Jul 22, 2023

@hogi1200 updated python packages should now be available online for you to download and install manuall or pending next update within your package center. Please let it know it issue is still hapening.

@hogi1200
Copy link

@th0ma7
thanks for the quick fix. I installed python311_armv7-6.2.4_3.11.4-6.spk from https://github.com/SynoCommunity/spksrc/actions/runs/5631924879#artifacts and sickchill is working normally again. 👍

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
status/published Published and activated (may take up to 48h until visible in DSM package manager)
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants