python/tools/distribution/create_release.sh - third_party/tink - Git at Google

 #!/bin/bash
 # Copyright 2020 Google LLC
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
 #      http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
 ################################################################################

 # This script creates the release artifacts of Tink Python which includes a
 # source distribution and binary wheels for Linux and macOS.  All Python tests
 # are exectued for each binary wheel and the source distribution.

 set -euo pipefail

 declare -a PYTHON_VERSIONS=
 PYTHON_VERSIONS+=("3.7")
 PYTHON_VERSIONS+=("3.8")
 PYTHON_VERSIONS+=("3.9")
 readonly PYTHON_VERSIONS

 readonly PLATFORM="$(uname | tr '[:upper:]' '[:lower:]')"

 readonly TINK_SRC_PATH="${PWD}/.."
 readonly TINK_VERSION="$(grep ^TINK "${TINK_SRC_PATH}/tink_version.bzl" \
   | awk '{gsub(/"/, "", $3); print $3}')"

 readonly IMAGE_NAME="quay.io/pypa/manylinux2014_x86_64"
 readonly IMAGE_DIGEST="sha256:d4604fe14cb0d691031f202ee7daf240e6d463297b060e2de60994d82a8f22ac"
 readonly IMAGE="${IMAGE_NAME}@${IMAGE_DIGEST}"

 build_linux() {
   echo "### Building Linux binary wheels ###"

   if [[ -n "${KOKORO_ROOT}" ]] ; then
     eval "$(pyenv init -)"
     pyenv versions
   fi

   mkdir -p release

   # Use signatures for getting images from registry (see
   # https://docs.docker.com/engine/security/trust/content_trust/).
   export DOCKER_CONTENT_TRUST=1

   # Build binary wheels.
   docker run --volume "${TINK_SRC_PATH}:/tmp/tink" --workdir /tmp/tink/python \
     "${IMAGE}" /tmp/tink/python/tools/distribution/build_linux_binary_wheels.sh

   ## Test binary wheels.
   docker run --volume "${TINK_SRC_PATH}:/tmp/tink" --workdir /tmp/tink/python \
     "${IMAGE}" /tmp/tink/python/tools/distribution/test_linux_binary_wheels.sh

   echo "### Building Linux source distribution ###"
   local sorted=( $( echo "${PYTHON_VERSIONS[@]}" \
     | xargs -n1 | sort -V | xargs ) )
   local latest="${sorted[${#sorted[@]}-1]}"
   enable_py_version "${latest}"

   # Build source distribution.
   export TINK_PYTHON_SETUPTOOLS_OVERRIDE_BASE_PATH="${TINK_SRC_PATH}"
   python3 setup.py sdist
   local sdist_filename="tink-${TINK_VERSION}.tar.gz"
   set_owner_within_tar "dist/${sdist_filename}"
   cp "dist/${sdist_filename}" release/

   # Test install from source distribution.
   python3 --version
   pip3 list
   pip3 install -v "release/${sdist_filename}"
   pip3 list
   find tink/ -not -path "*cc/pybind*" -type f -name "*_test.py" -print0 \
     | xargs -0 -n1 python3
 }

 build_macos() {
   echo "### Building macOS binary wheels ###"

   mkdir -p release

   for v in "${PYTHON_VERSIONS[@]}"; do
     enable_py_version "${v}"

     # Build binary wheel.
     pip3 wheel -w release .

     # Test binary wheel.
     # TODO(ckl): Implement test.
   done
 }

 enable_py_version() {
   # A partial version number (e.g. "3.9").
   local partial_version="$1"

   # The latest installed Python version that matches the partial version number
   # (e.g. "3.9.5").
   local version="$(pyenv versions --bare | grep "${partial_version}" | tail -1)"

   # Set current Python version via environment variable.
   pyenv shell "${version}"

   # Update environment.
   pip3 install --upgrade pip
   pip3 install --upgrade setuptools
   pip3 install --upgrade wheel
 }

 # setuptools does not replicate the distutils feature of explicitly setting
 # user/group ownership on the files within the source distribution archive.
 #
 # This function is an easy workaround that doesn't require monkey-patching
 # setuptools. This behavior is desired to produce deterministic release
 # artifacts.
 set_owner_within_tar() {
   local tar_file="$1"
   local tmp_dir="$(mktemp -d tink-py-tar-XXXXXX)"
   tar -C "${tmp_dir}" -xzf "${tar_file}"
   local tink_dir="$(basename $(ls -d ${tmp_dir}/tink*))"
   tar -C "${tmp_dir}" -czf "${tar_file}" \
     --owner=root --group=root "${tink_dir}"
   rm -r "${tmp_dir}"
 }

 main() {
   if [[ "${PLATFORM}" == 'linux' ]]; then
     build_linux
   elif [[ "${PLATFORM}" == 'darwin' ]]; then
     build_macos
   else
     echo "${PLATFORM} is not a supported platform."
     exit 1
   fi
 }

 main "$@"
	#!/bin/bash
	# Copyright 2020 Google LLC
	#
	# Licensed under the Apache License, Version 2.0 (the "License");
	# you may not use this file except in compliance with the License.
	# You may obtain a copy of the License at
	#
	# http://www.apache.org/licenses/LICENSE-2.0
	#
	# Unless required by applicable law or agreed to in writing, software
	# distributed under the License is distributed on an "AS IS" BASIS,
	# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	# See the License for the specific language governing permissions and
	# limitations under the License.
	################################################################################

	# This script creates the release artifacts of Tink Python which includes a
	# source distribution and binary wheels for Linux and macOS. All Python tests
	# are exectued for each binary wheel and the source distribution.

	set -euo pipefail

	declare -a PYTHON_VERSIONS=
	PYTHON_VERSIONS+=("3.7")
	PYTHON_VERSIONS+=("3.8")
	PYTHON_VERSIONS+=("3.9")
	readonly PYTHON_VERSIONS

	readonly PLATFORM="$(uname \| tr '[:upper:]' '[:lower:]')"

	readonly TINK_SRC_PATH="${PWD}/.."
	readonly TINK_VERSION="$(grep ^TINK "${TINK_SRC_PATH}/tink_version.bzl" \
	\| awk '{gsub(/"/, "", $3); print $3}')"

	readonly IMAGE_NAME="quay.io/pypa/manylinux2014_x86_64"
	readonly IMAGE_DIGEST="sha256:d4604fe14cb0d691031f202ee7daf240e6d463297b060e2de60994d82a8f22ac"
	readonly IMAGE="${IMAGE_NAME}@${IMAGE_DIGEST}"

	build_linux() {
	echo "### Building Linux binary wheels ###"

	if [[ -n "${KOKORO_ROOT}" ]] ; then
	eval "$(pyenv init -)"
	pyenv versions
	fi

	mkdir -p release

	# Use signatures for getting images from registry (see
	# https://docs.docker.com/engine/security/trust/content_trust/).
	export DOCKER_CONTENT_TRUST=1

	# Build binary wheels.
	docker run --volume "${TINK_SRC_PATH}:/tmp/tink" --workdir /tmp/tink/python \
	"${IMAGE}" /tmp/tink/python/tools/distribution/build_linux_binary_wheels.sh

	## Test binary wheels.
	docker run --volume "${TINK_SRC_PATH}:/tmp/tink" --workdir /tmp/tink/python \
	"${IMAGE}" /tmp/tink/python/tools/distribution/test_linux_binary_wheels.sh

	echo "### Building Linux source distribution ###"
	local sorted=( $( echo "${PYTHON_VERSIONS[@]}" \
	\| xargs -n1 \| sort -V \| xargs ) )
	local latest="${sorted[${#sorted[@]}-1]}"
	enable_py_version "${latest}"

	# Build source distribution.
	export TINK_PYTHON_SETUPTOOLS_OVERRIDE_BASE_PATH="${TINK_SRC_PATH}"
	python3 setup.py sdist
	local sdist_filename="tink-${TINK_VERSION}.tar.gz"
	set_owner_within_tar "dist/${sdist_filename}"
	cp "dist/${sdist_filename}" release/

	# Test install from source distribution.
	python3 --version
	pip3 list
	pip3 install -v "release/${sdist_filename}"
	pip3 list
	find tink/ -not -path "cc/pybind" -type f -name "*_test.py" -print0 \
	\| xargs -0 -n1 python3
	}

	build_macos() {
	echo "### Building macOS binary wheels ###"

	mkdir -p release

	for v in "${PYTHON_VERSIONS[@]}"; do
	enable_py_version "${v}"

	# Build binary wheel.
	pip3 wheel -w release .

	# Test binary wheel.
	# TODO(ckl): Implement test.
	done
	}

	enable_py_version() {
	# A partial version number (e.g. "3.9").
	local partial_version="$1"

	# The latest installed Python version that matches the partial version number
	# (e.g. "3.9.5").
	local version="$(pyenv versions --bare \| grep "${partial_version}" \| tail -1)"

	# Set current Python version via environment variable.
	pyenv shell "${version}"

	# Update environment.
	pip3 install --upgrade pip
	pip3 install --upgrade setuptools
	pip3 install --upgrade wheel
	}

	# setuptools does not replicate the distutils feature of explicitly setting
	# user/group ownership on the files within the source distribution archive.
	#
	# This function is an easy workaround that doesn't require monkey-patching
	# setuptools. This behavior is desired to produce deterministic release
	# artifacts.
	set_owner_within_tar() {
	local tar_file="$1"
	local tmp_dir="$(mktemp -d tink-py-tar-XXXXXX)"
	tar -C "${tmp_dir}" -xzf "${tar_file}"
	local tink_dir="$(basename $(ls -d ${tmp_dir}/tink*))"
	tar -C "${tmp_dir}" -czf "${tar_file}" \
	--owner=root --group=root "${tink_dir}"
	rm -r "${tmp_dir}"
	}

	main() {
	if [[ "${PLATFORM}" == 'linux' ]]; then
	build_linux
	elif [[ "${PLATFORM}" == 'darwin' ]]; then
	build_macos
	else
	echo "${PLATFORM} is not a supported platform."
	exit 1
	fi
	}

	main "$@"