diff options
author | Marius Gedminas <marius@gedmin.as> | 2022-09-12 21:14:24 +0300 |
---|---|---|
committer | Marius Gedminas <marius@gedmin.as> | 2022-09-12 21:14:35 +0300 |
commit | 8b0f6ab057c787fd0b1b523a8e1687e022223e08 (patch) | |
tree | 63e3bde7c22c37b3efe496180235a4bbda08aa33 | |
parent | 2231265da5ee98a7d53375386c55a4b4476a73cb (diff) | |
download | zope-security-8b0f6ab057c787fd0b1b523a8e1687e022223e08.tar.gz |
Configuring for c-code
Add a regression test for CFLAGS not having -Ofast, which is known to
break things. See https://github.com/zopefoundation/meta/pull/155 for
reference.
-rw-r--r-- | .github/workflows/tests.yml | 39 | ||||
-rwxr-xr-x | .manylinux-install.sh | 28 | ||||
-rw-r--r-- | .meta.toml | 2 | ||||
-rw-r--r-- | src/zope/security/tests/test_compile_flags.py | 30 | ||||
-rw-r--r-- | tox.ini | 5 |
5 files changed, 88 insertions, 16 deletions
diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 116f04a..efb9837 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -61,8 +61,8 @@ env: PIP_NO_PYTHON_VERSION_WARNING: 1 PIP_NO_WARN_SCRIPT_LOCATION: 1 - CFLAGS: -Ofast -pipe - CXXFLAGS: -Ofast -pipe + CFLAGS: -O3 -pipe + CXXFLAGS: -O3 -pipe # Uploading built wheels for releases. # TWINE_PASSWORD is encrypted and stored directly in the # github repo settings. @@ -91,6 +91,7 @@ jobs: # Sigh. Note that the matrix must be kept in sync # with `test`, and `docs` must use a subset. runs-on: ${{ matrix.os }} + if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name != github.event.pull_request.base.repo.full_name strategy: fail-fast: false matrix: @@ -104,7 +105,7 @@ jobs: - "3.8" - "3.9" - "3.10" - - "3.11.0-beta.3" + - "3.11.0-rc.1" os: [ubuntu-20.04, macos-latest] exclude: - os: macos-latest @@ -153,6 +154,16 @@ jobs: pip install -U pip pip install -U setuptools wheel twine cffi + - name: Build zope.security (3.11.0-rc.1) + if: ${{ startsWith(matrix.python-version, '3.11.0-rc.1') }} + run: | + # Next, build the wheel *in place*. This helps ccache, and also lets us cache the configure + # output (pip install uses a random temporary directory, making this difficult). + python setup.py build_ext -i + python setup.py bdist_wheel + # Also install it, so that we get dependencies in the (pip) cache. + pip install -U 'faulthandler; python_version == "2.7" and platform_python_implementation == "CPython"' + pip install --pre .[test] - name: Build zope.security (Python 3.10 on MacOS) if: > startsWith(runner.os, 'Mac') @@ -166,7 +177,7 @@ jobs: python setup.py bdist_wheel # Also install it, so that we get dependencies in the (pip) cache. pip install -U 'faulthandler; python_version == "2.7" and platform_python_implementation == "CPython"' - pip install --pre .[test] + pip install .[test] - name: Build zope.security (all other versions) if: > @@ -179,7 +190,7 @@ jobs: python setup.py bdist_wheel # Also install it, so that we get dependencies in the (pip) cache. pip install -U 'faulthandler; python_version == "2.7" and platform_python_implementation == "CPython"' - pip install --pre .[test] + pip install .[test] - name: Check zope.security build run: | @@ -199,7 +210,7 @@ jobs: && startsWith(github.ref, 'refs/tags') && startsWith(runner.os, 'Mac') && !startsWith(matrix.python-version, 'pypy') - && !startsWith(matrix.python-version, '3.11.0-beta.3') + && !startsWith(matrix.python-version, '3.11.0-rc.1') env: TWINE_PASSWORD: ${{ secrets.TWINE_PASSWORD }} run: | @@ -221,7 +232,7 @@ jobs: - "3.8" - "3.9" - "3.10" - - "3.11.0-beta.3" + - "3.11.0-rc.1" os: [ubuntu-20.04, macos-latest] exclude: - os: macos-latest @@ -262,7 +273,8 @@ jobs: with: name: zope.security-${{ runner.os }}-${{ matrix.python-version }}.whl path: dist/ - - name: Install zope.security + - name: Install zope.security 3.11.0-rc.1 + if: ${{ startsWith(matrix.python-version, '3.11.0-rc.1') }} run: | pip install -U wheel setuptools # coverage has a wheel on PyPI for a future python version which is @@ -274,6 +286,17 @@ jobs: # might also save some build time? unzip -n dist/zope.security-*whl -d src pip install --pre -U -e .[test] + - name: Install zope.security + if: ${{ !startsWith(matrix.python-version, '3.11.0-rc.1') }} + run: | + pip install -U wheel setuptools + pip install -U coverage + pip install -U 'faulthandler; python_version == "2.7" and platform_python_implementation == "CPython"' + # Unzip into src/ so that testrunner can find the .so files + # when we ask it to load tests from that directory. This + # might also save some build time? + unzip -n dist/zope.security-*whl -d src + pip install -U -e .[test] - name: Run tests with C extensions if: ${{ !startsWith(matrix.python-version, 'pypy') }} run: | diff --git a/.manylinux-install.sh b/.manylinux-install.sh index ac3e13d..75ba0a8 100755 --- a/.manylinux-install.sh +++ b/.manylinux-install.sh @@ -26,6 +26,20 @@ ls -ld /cache/pip # We need some libraries because we build wheels from scratch: yum -y install libffi-devel +tox_env_map() { + case $1 in + *"cp27"*) echo 'py27';; + *"cp35"*) echo 'py35';; + *"cp311"*) echo 'py311';; + *"cp36"*) echo 'py36';; + *"cp37"*) echo 'py37';; + *"cp38"*) echo 'py38';; + *"cp39"*) echo 'py39';; + *"cp310"*) echo 'py310';; + *) echo 'py';; + esac +} + # Compile wheels for PYBIN in /opt/python/*/bin; do if \ @@ -37,12 +51,18 @@ for PYBIN in /opt/python/*/bin; do [[ "${PYBIN}" == *"cp38"* ]] || \ [[ "${PYBIN}" == *"cp39"* ]] || \ [[ "${PYBIN}" == *"cp310"* ]] ; then - "${PYBIN}/pip" install --pre -e /io/ - "${PYBIN}/pip" wheel /io/ --pre -w wheelhouse/ + if [[ "${PYBIN}" == *"cp311"* ]] ; then + "${PYBIN}/pip" install --pre -e /io/ + "${PYBIN}/pip" wheel /io/ --pre -w wheelhouse/ + else + "${PYBIN}/pip" install -e /io/ + "${PYBIN}/pip" wheel /io/ -w wheelhouse/ + fi if [ `uname -m` == 'aarch64' ]; then cd /io/ - "${PYBIN}/pip" install tox - "${PYBIN}/tox" -e py + ${PYBIN}/pip install tox + TOXENV=$(tox_env_map "${PYBIN}") + ${PYBIN}/tox -e ${TOXENV} cd .. fi rm -rf /io/build /io/*.egg-info @@ -2,7 +2,7 @@ # https://github.com/zopefoundation/meta/tree/master/config/c-code [meta] template = "c-code" -commit-id = "9f8458e3f26368d43f9fae284fc063a97b2a651c" +commit-id = "2231265da5ee98a7d53375386c55a4b4476a73cb" [python] with-appveyor = true diff --git a/src/zope/security/tests/test_compile_flags.py b/src/zope/security/tests/test_compile_flags.py new file mode 100644 index 0000000..18b72c8 --- /dev/null +++ b/src/zope/security/tests/test_compile_flags.py @@ -0,0 +1,30 @@ +############################################################################## +# +# Copyright (c) 2022 Zope Foundation and Contributors. +# All Rights Reserved. +# +# This software is subject to the provisions of the Zope Public License, +# Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution. +# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED +# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED +# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS +# FOR A PARTICULAR PURPOSE +# +############################################################################## +import struct +import unittest + +import zope.security.checker # noqa: try to load a C module for side effects +import zope.security.proxy # noqa: try to load a C module for side effects + + +class TestFloatingPoint(unittest.TestCase): + + def test_no_fast_math_optimization(self): + # Building with -Ofast enables -ffast-math, which sets certain FPU + # flags that can cause breakage elsewhere. A library such as BTrees + # has no business changing global FPU flags for the entire process. + zero_bits = struct.unpack("!Q", struct.pack("!d", 0.0))[0] + next_up = zero_bits + 1 + smallest_subnormal = struct.unpack("!d", struct.pack("!Q", next_up))[0] + self.assertNotEqual(smallest_subnormal, 0.0) @@ -20,10 +20,9 @@ envlist = [testenv] usedevelop = true -pip_pre = true +pip_pre = py311: true deps = - # repoze.sphinx.autointerface does not yet support Sphinx >= 5: - Sphinx < 5 + Sphinx setenv = pure: PURE_PYTHON=1 !pure-!pypy-!pypy3: PURE_PYTHON=0 |