Bug 1896415
| Summary: | fedmsg fails to build in rawhide: x509 related tests fail | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Tomáš Hrnčiar <thrnciar> |
| Component: | fedmsg | Assignee: | Fedora Infrastructure SIG <infra-sig> |
| Status: | CLOSED RAWHIDE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | rawhide | CC: | clime7, infra-sig, kevin, lewk, mhroncok, randy, rbean, thrnciar |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2020-12-29 23:29:37 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 1868278, 1890881 | ||
This is the case with Python 3.9 as well: https://koji.fedoraproject.org/koji/taskinfo?taskID=55316359 This is most likely related to https://fedoraproject.org/wiki/Changes/StrongCryptoSettings2 Can the X509 tests be skipped? We could skip those... or relax the requirement. I'll try and look at this this week. It builds fine with 3.9 now: https://koji.fedoraproject.org/koji/buildinfo?buildID=1658566 Can you re-try with 3.10a? https://copr.fedorainfracloud.org/coprs/g/python/python3.10/package/fedmsg/ says success. Thanks. |
fedmsg fails to build with Python 3.10.0a2. =================================== FAILURES =================================== ___________________ X509BaseTests.test_signed_by_expired_ca ____________________ self = <fedmsg.tests.crypto.test_x509.X509BaseTests testMethod=test_signed_by_expired_ca> def test_signed_by_expired_ca(self): """Assert certs signed by an expired CA fail validation.""" self.config['certname'] = 'signed_by_expired_ca' self.config['ca_cert_location'] = os.path.join(SSLDIR, 'expired_ca.crt') # There's no CRL for this CA. self.config['crl_location'] = None signed = self.sign({'message': 'so secure'}, **self.config) > self.assertFalse(self.validate(signed, **self.config)) E AssertionError: True is not false fedmsg/tests/crypto/test_x509.py:193: AssertionError _______________ X509CryptographyTests.test_signed_by_expired_ca ________________ self = <fedmsg.tests.crypto.test_x509.X509CryptographyTests testMethod=test_signed_by_expired_ca> def test_signed_by_expired_ca(self): """Assert certs signed by an expired CA fail validation.""" self.config['certname'] = 'signed_by_expired_ca' self.config['ca_cert_location'] = os.path.join(SSLDIR, 'expired_ca.crt') # There's no CRL for this CA. self.config['crl_location'] = None signed = self.sign({'message': 'so secure'}, **self.config) > self.assertFalse(self.validate(signed, **self.config)) E AssertionError: True is not false fedmsg/tests/crypto/test_x509.py:193: AssertionError For the build logs, see: https://copr-be.cloud.fedoraproject.org/results/@python/python3.10/fedora-rawhide-x86_64/01756926-fedmsg/ For all our attempts to build fedmsg with Python 3.10, see: https://copr.fedorainfracloud.org/coprs/g/python/python3.10/package/fedmsg/ Testing and mass rebuild of packages is happening in copr. You can follow these instructions to test locally in mock if your package builds with Python 3.10: https://copr.fedorainfracloud.org/coprs/g/python/python3.10/ Let us know here if you have any questions. Python 3.10 will be included in Fedora 35. To make that update smoother, we're building Fedora packages with early pre-releases of Python 3.10. A build failure prevents us from testing all dependent packages (transitive [Build]Requires), so if this package is required a lot, it's important for us to get it fixed soon. We'd appreciate help from the people who know this package best, but if you don't want to work on this now, let us know so we can try to work around it on our side.