Thanks for providing a comprehensive post here. Compilation/testing under qemu is, unfortunately, too slow to be practical within our CI (which we've spent years getting to under 10 minutes cycle time). There's also a secondary challenge in that while armv7l tags are defined for manylinux on PyPI, the manylinux project does not itself ship armv7l containers.
So official support from us has two primary prerequisites: 1) We need a way to run tests in CI against armv7l compiled code without affecting total cycle time. We already shard tests for Windows so maybe this would be possible by running armv7l containers on CircleCI aarch64 native runners? I know aarch32 exists for BC on armv8a, but I don't know how that interacts with the armv7l ABI. Is it possible to do this? 2) We need manylinux images to base our own wheel builder containers on top of. This isn't a hard blocker if #1 is possible, although it'd be best to contribute it upstream to pypa/manylinux and we just consume it. -Paul (reaperhulk) On Fri, Mar 18, 2022 at 8:26 PM Pēteris Caune <cuu...@monkeyseemonkeydo.lv> wrote: > > Hello, > > I'd like to bring up the topic of binary wheel packages for armv7l. They have > already been discussed before, for example in this issue: > https://github.com/pyca/cryptography/issues/6286 > > Quoting reaperhulk's comment from the issue: > > > Getting armv7l in hosted CI isn't really possible at this time and armv7l > > systems tend to be very low performance compared to their aarch64 brethren. > > We won't ship wheels for platforms we don't directly test, so that's the > > primary obstacle here. > > I develop a Python project which uses cryptography, and was revisiting the > topic of building armv7l docker images that include cryptography. In the past > I had resorted to using piwheels prebuilt wheels but looks like I managed to > build it from source on GitHub Actions. Here's a quick summary on how it > works: > > - My project is hosted on GitHub, and has a GHA workflow to automatically > build and publish a docker docker image on every release > - On GHA, you can build armv7l images by using docker buildx: > https://github.com/docker/setup-buildx-action > - But there's a bug in ... QEMU, if I understand correctly, which causes > cryptography build to fail: https://github.com/rust-lang/cargo/issues/8719 > - That bug is not fixed, but there is a workaround, which is even packaged up > as a reusable GHA action: > https://github.com/marketplace/actions/docker-on-tmpfs > > By using that workaround, I got cryptography to compile for armv7l with no > errors. It took a long time to complete, but I'm not making releases often, > so that's fine by me. For reference, here's my GHA workflow: > https://github.com/healthchecks/healthchecks/blob/master/.github/workflows/publish_docker_image.yml > > I have no idea if it would be practical or feasible to integrate this > technique in the cryptography build process (so an official wheel can be > built), but I thought I would share this in case somebody is interested to > investigate it. If there's no resources or interest to support this, I fully > understand. > > Pēteris > > _______________________________________________ > Cryptography-dev mailing list > Cryptography-dev@python.org > https://mail.python.org/mailman/listinfo/cryptography-dev _______________________________________________ Cryptography-dev mailing list Cryptography-dev@python.org https://mail.python.org/mailman/listinfo/cryptography-dev
