Bug 1952343

Summary: Simplify packaging of python-cryptography
Product: Red Hat Enterprise Linux 9 Reporter: Christian Heimes <cheimes>
Component: python-cryptographyAssignee: Christian Heimes <cheimes>
Status: CLOSED CURRENTRELEASE QA Contact: Kaleem <ksiddiqu>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 9.0CC: bstinson, mpolovka, tdawson, torsava
Target Milestone: betaKeywords: Triaged
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: python-cryptography-3.4.7-1.el9 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2021-12-07 21:52:33 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1927510, 1935847, 1951115    

Description Christian Heimes 2021-04-22 06:01:27 UTC 
This bug was initially created as a copy of Bug #1952024

I am copying this bug because: 
RHEL 9 / C9S is having the same issue.


Description of problem:
python-cryptography builds depend on python-cryptography-vectors package. The package provides test vectors for cryptography's test suite. The vectors package must be kept in sync with the cryptography package.

This hard dependency makes updates of cryptography slow, complicated, and tedious. I have to request a side-tag for every Fedora version, build the vectors package first, wait 10 to 30 minutes until its available in buildroot, then build the actual package. It's even more annoying for RHEL.

I would like to get rid of the external python-cryptography-vectors package and add the vectors to the python-cryptography source package.

- upstream has vectors in the same git as the main package
- the packages are only split on PyPI and Fedora
- python3-cryptography-vectors is only used as build dependency of python-cryptography source package

Miro and I discussed the issue. He suggested that I can simply use the source tarball from Github. I also propose to drop the -vectors package.

Version-Release number of selected component (if applicable):
python-cryptography-3.4.6-1
Comment 1 Christian Heimes 2021-04-22 06:02:54 UTC 
I'll create a PR in Gitlab and kick off a new build after Fedora PR https://src.fedoraproject.org/rpms/python-cryptography/pull-request/12 has landed.
Comment 2 Christian Heimes 2021-04-22 11:15:26 UTC 
I have successfully built python-cryptography-3.4.7-1.el9

* https://kojihub.stream.rdu2.redhat.com/koji/taskinfo?taskID=251326
* https://brewweb.engineering.redhat.com/brew/buildinfo?buildID=1585301
Comment 3 Christian Heimes 2021-04-22 11:18:36 UTC 
*** Bug 1927510 has been marked as a duplicate of this bug. ***
Comment 4 Christian Heimes 2021-04-22 12:48:35 UTC 
python-cryptography-3.4.7-1.el9 passed gating because all required tests passed
Comment 11 Michal Polovka 2021-06-08 13:23:23 UTC 
Verified using RHEL9 Beta machine with python3-cryptography-3.4.7-1.el9.x86_64


# dnf repoquery --requires --resolve python3-cryptography
python3-cryptography-3.4.7-1.el9.x86_64.rpm                                                                                                                       
compat-openssl11-1:1.1.1k-1.el9.x86_64
glibc-0:2.33-14.el9.i686
glibc-0:2.33-14.el9.x86_64
libgcc-0:11.0.1-0.3.1.el9.x86_64
openssl-libs-1:1.1.1j-1.el9.i686
openssl-libs-1:1.1.1j-1.el9.x86_64
python3-0:3.9.5-3.el9.i686
python3-0:3.9.5-3.el9.x86_64
python3-cffi-0:1.14.5-2.el9.x86_64
python3-six-0:1.15.0-6.el9.noarch


# rpm -qp --obsoletes python3-cryptography
python-cryptography < 3.4.7-1.el9
python3-cryptography-vectors < 3.4.7

As the fix is present in fixed version, marking as verified.