Pypy 7.3.16 (#22)

* Bump to PyPy 7.3.16 * Bump pip to 24.0 * Script for upload built and signed artifacts * Clean up scripts * Add note about latest pip version
Cyb3r-Jak3 · Apr 25, 2024 · ba658fa · ba658fa
1 parent 103c094
commit ba658fa
Show file tree

Hide file tree

Showing 5 changed files with 84 additions and 10 deletions.
diff --git a/.github/sign.py b/.github/sign.py
@@ -15,7 +15,7 @@ def sign(filename: str):
                 break
             sha256sum.update(data)
     with open(f"{filename}.sha256sum", "w") as f:
-        f.write(f"{sha256sum.hexdigest()}  {filename}")
+        f.write(f"{sha256sum.hexdigest()}  {filename.split('/')[-1]}")
 
 
 if __name__ == "__main__":

diff --git a/.github/upload.py b/.github/upload.py
@@ -0,0 +1,48 @@
+"""Upload the artifacts to Cloudflare R2 Storage"""
+
+import os
+import boto3
+import re
+
+BUCKET_NAME = os.getenv("BUCKET_NAME", "pypy-files")
+pattern = re.compile(r"\d\.\d(\d)?")
+
+s3 = boto3.client(
+    service_name="s3",
+    endpoint_url='https://8be772befd147a8df540aae0fa15c047.r2.cloudflarestorage.com',
+    region_name="auto",
+)
+
+CONTENT_TYPE_MAP = {
+    "sig": "application/pgp-signature",
+    "bz2": "application/x-bzip2",
+    "sha256sum": "text/plain"
+}
+
+
+def upload_file(file_name: str) -> None:
+    """Uploads a file to R2"""
+    python_version = pattern.search(file_name).group()
+    try:
+        s3.upload_file(
+            f"output/{file_name}",
+            BUCKET_NAME,
+            f"pypy/{python_version}/{file_name}",
+            ExtraArgs={
+                "ContentType": CONTENT_TYPE_MAP.get(file_name.split('.')[-1], 'application/octet-stream'),
+                "CacheControl": "public, max-age=31536000",
+                "ContentDisposition": f"attachment; filename={file_name.split('/')[-1]}",
+            }
+        )
+    except Exception as e:
+        print(f"Failed to upload {file_name} to {file_name}: {e}")
+        raise e
+    print(f"Uploaded {file_name}")
+
+
+if __name__ == "__main__":
+    if not os.path.exists("output"):
+        print("No output directory found. Assuming no files to upload. Exiting.")
+        exit(0)
+    for file in os.listdir("output"):
+        upload_file(file)
diff --git a/.github/workflows/build-pypy.yml b/.github/workflows/build-pypy.yml
@@ -17,6 +17,7 @@ permissions:
 env:
   ALPINE_VERSION: 3.19
   BUILDER_IMAGE_TAG: ghcr.io/cyb3r-jak3/alpine-pypy-builder-workflow
+  PYPY_VERSION: 7.3.16
 
 concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}
@@ -63,7 +64,6 @@ jobs:
       fail-fast: true
       matrix:
         PYPY_BASE: ["2.7", "3.9", "3.10"]
-        PYPY_VERSION: ["7.3.15"]
         RUNNER: ["self-hosted", "ubuntu-latest"]
 
     steps:
@@ -89,7 +89,7 @@ jobs:
         run: |
           import os
           import requests
-          base_url = "https://pypy.cyberjake.xyz/pypy/${{ matrix.PYPY_BASE }}/pypy${{ matrix.PYPY_BASE }}-v${{ matrix.PYPY_VERSION }}-linux-${{ env.PYPY_ARCH }}-alpine.tar.bz2"
+          base_url = "https://pypy.cyberjake.xyz/pypy/${{ matrix.PYPY_BASE }}/pypy${{ matrix.PYPY_BASE }}-v${{ env.PYPY_VERSION }}-linux-${{ env.PYPY_ARCH }}-alpine.tar.bz2"
           file_resp = requests.head(base_url)
           signature_resp = requests.head(f"{base_url}.sig")
           if file_resp.status_code == 404 or signature_resp.status_code == 404:
@@ -115,9 +115,9 @@ jobs:
       - name: Run Build
         if: steps.file-check.outputs.STATUS == 404
         run: |
-          PYPY_SHA256SUM=$(curl -s https://api.cyberjake.xyz/pypy/checksums/pypy${{ matrix.PYPY_BASE }}-v${{ matrix.PYPY_VERSION }}-src.tar.bz2 | jq --raw-output .results[0].checksum)
+          PYPY_SHA256SUM=$(curl -s https://api.cyberjake.xyz/pypy/checksums/pypy${{ matrix.PYPY_BASE }}-v${{ env.PYPY_VERSION }}-src.tar.bz2 | jq --raw-output .results[0].checksum)
           echo "${PYPY_SHA256SUM}"
-          docker run --platform linux/${{ env.ARCH }}  -v $(pwd)/tmp:/tmp -e PYPY_BASE=${{ matrix.PYPY_BASE }} -e PYPY_VERSION=${{ matrix.PYPY_VERSION }} -e PYPY_SHA256SUM="${PYPY_SHA256SUM}" ${{ env.BUILDER_IMAGE_TAG }}:${{ env.ALPINE_VERSION }}-${{ github.sha }}
+          docker run --platform linux/${{ env.ARCH }}  -v $(pwd)/tmp:/tmp -e PYPY_BASE=${{ matrix.PYPY_BASE }} -e PYPY_VERSION=${{ env.PYPY_VERSION }} -e PYPY_SHA256SUM="${PYPY_SHA256SUM}" ${{ env.BUILDER_IMAGE_TAG }}:${{ env.ALPINE_VERSION }}-${{ github.sha }}
 
       - name: Import GPG key
         uses: crazy-max/ghaction-import-gpg@v6
@@ -132,19 +132,44 @@ jobs:
         run: |
           wget --quiet -O sign.py https://raw.githubusercontent.com/Cyb3r-Jak3/docker-alpine-pypy/${{ github.sha }}/.github/sign.py
           mkdir output
-          mv ./tmp/usession-release-pypy${{ matrix.PYPY_BASE }}-v${{ matrix.PYPY_VERSION }}-*/build/**.tar.bz2 ./output/pypy${{ matrix.PYPY_BASE }}-v${{ matrix.PYPY_VERSION }}-linux-${{ env.PYPY_ARCH }}-alpine.tar.bz2
+          mv ./tmp/usession-release-pypy${{ matrix.PYPY_BASE }}-v${{ env.PYPY_VERSION }}-*/build/**.tar.bz2 ./output/pypy${{ matrix.PYPY_BASE }}-v${{ env.PYPY_VERSION }}-linux-${{ env.PYPY_ARCH }}-alpine.tar.bz2
           find ./output/ -type f -exec python3 sign.py {} \;
           
       - name: Upload PyPy to Artifacts
         if: steps.file-check.outputs.STATUS == 404
-        # Leave with v3 so we can use the same name for the artifact
         uses: actions/upload-artifact@v4
         with:
-          name: pypy-${{ env.ARCH }}-${{ matrix.PYPY_BASE }}-${{ matrix.PYPY_VERSION }}
+          name: pypy-${{ env.ARCH }}-${{ matrix.PYPY_BASE }}-${{ env.PYPY_VERSION }}
           path: ./output
 
       - name: Clean files
         if: steps.file-check.outputs.STATUS == 404
         run: |
           rm -rf output/
           rm -rf tmp/
+
+  Upload:
+    runs-on: ubuntu-latest
+    name: Upload PyPy builds
+    needs: Build
+
+    steps:
+      - name: Download upload script
+        run: |
+          wget --quiet -O upload.py https://raw.githubusercontent.com/Cyb3r-Jak3/docker-alpine-pypy/${{ github.sha }}/.github/upload.py
+          pip install boto3==1.34.90
+
+      - name: Download PyPy builds
+        uses: actions/download-artifact@v4
+        with:
+          pattern: 'pypy-*'
+          merge-multiple: true
+          path: ./output
+
+      - name: Upload PyPy builds
+        run: |
+          python upload.py
+        env:
+          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+
diff --git a/docker-bake.hcl b/docker-bake.hcl
@@ -7,7 +7,7 @@ target "docker-metadata-action" {
 }
 
 variable "PYPY_VERSION" {
-    default = "7.3.15"
+    default = "7.3.16"
 }
 
 variable "ALPINE_VERSION" {

diff --git a/export/Dockerfile b/export/Dockerfile
@@ -10,7 +10,7 @@ ENV GPG_KEY=44FE09DEE9E9EC21EF903F06CA614AB6BD73BB06
 
 # Download the source
 ARG PYPY_BASE=3.10
-ARG PYPY_VERSION=7.3.15
+ARG PYPY_VERSION=7.3.16
 
 RUN set -ex; \
     apk add --no-cache --virtual .fetch-deps \
@@ -41,6 +41,7 @@ RUN set -ex; \
     pypy --version
 
 # if this is called "PIP_VERSION", pip explodes with "ValueError: invalid truth value '<VERSION>'"
+# 20.3.4 is the last version that supports Python 2.7
 ENV PYTHON_PIP_VERSION 20.3.4
 ARG PIP_URL=https://bootstrap.pypa.io/get-pip.py
 RUN set -ex; \