Work around cryptography requiring Rust compiler

Pins all the build dependencies required by poetry, otherwise
poetry installs arbitrary versions of them, which leads to a wrong
version of cryptography being installed and the build failing.
Note that Cloud dependencies (pillar and the like) has to have their
build dependencies pinned in the same exact manner, for the same reason.

Pins all the runtime dependencies as well, because Cloud can only use
poetry==1.0 due to its source dependencies, so there's no
"poetry lock --no-update" and each "poetry lock" updates arbitrary packages.

deploy/README.md

@@ -35,5 +35,5 @@ For `xxx` there are:
 
 ## Hacking Stuff
 
-To deploy another branch than `production`, do `export DEPLOY_BRANCH=otherbranch` before starting
+To deploy another branch than `production`, do `export STAGING_BRANCH=otherbranch` before starting
 the above commands.

docker/3_buildwheels/build.sh

@@ -33,10 +33,15 @@ docker run --rm -i \
     -v "$TOPDEVDIR:/data/topdev" \
     $DOCKER_IMAGE_NAME <<EOT
 set -e
+set -x
+
+# Globally upgrade Pip, so that we can get a compatible version of the cryptography package.
+# See https://github.com/pyca/cryptography/issues/5771
+pip3 install --upgrade pip setuptools wheel
 
 # Pin poetry to 1.0, as more recent version to not support nested filesystem package
 # dependencies.
-pip3 install wheel poetry==1.0
+pip3 install wheel poetry==1.0 cryptography==2.7
 
 # Build wheels for all dependencies.
 cd /data/topdev/blender-cloud

poetry.lock

@@ -46,6 +46,7 @@ python-versions = "~3.6"
 version = "1.1dev0"
 
 [package.dependencies]
+cryptography = "2.7"
 pillar = "*"
 svn = "~0.3"
 
@@ -215,7 +216,6 @@ version = "7.0"
 [[package]]
 category = "dev"
 description = "Cross-platform colored terminal text."
-marker = "sys_platform == \"win32\""
 name = "colorama"
 optional = false
 python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*"
@@ -345,6 +345,7 @@ python-versions = "~3.6"
 version = "2.3dev0"
 
 [package.dependencies]
+cryptography = "2.7"
 pillar = "*"
 pyjwt = "1.7.1"
 
@@ -702,7 +703,6 @@ version = "1.5"
 [[package]]
 category = "dev"
 description = "More routines for operating on iterables, beyond itertools"
-marker = "python_version > \"2.7\""
 name = "more-itertools"
 optional = false
 python-versions = ">=3.4"
@@ -780,8 +780,8 @@ attrs = "~19"
 bcrypt = "~3"
 bleach = "~3.1"
 blinker = "~1.4"
-celery = "~4.3"
 commonmark = "~0.9"
+cryptography = "2.7"
 elasticsearch = "~6.1"
 elasticsearch-dsl = "~6.1"
 gcloud = "~0.18"
@@ -791,11 +791,18 @@ ndg-httpsclient = "~0.5"
 pillarsdk = "*"
 python-dateutil = "~2.8"
 rauth = "~0.7"
-raven = "~6.10"
 redis = "~3.2"
 shortcodes = "~2.5"
 zencoder = "~0.6"
 
+[package.dependencies.celery]
+extras = ["redis"]
+version = "~4.3"
+
+[package.dependencies.raven]
+extras = ["flask"]
+version = "~6.10"
+
 [package.source]
 reference = ""
 type = "directory"
@@ -831,6 +838,7 @@ python-versions = "^3.5"
 version = "1.10"
 
 [package.dependencies]
+cryptography = "2.7"
 pyOpenSSL = "~19"
 requests = "~2"
 
@@ -1036,6 +1044,15 @@ optional = false
 python-versions = "*"
 version = "6.10.0"
 
+[package.dependencies]
+[package.dependencies.Flask]
+optional = true
+version = ">=0.8"
+
+[package.dependencies.blinker]
+optional = true
+version = ">=1.1"
+
 [package.extras]
 flask = ["Flask (>=0.8)", "blinker (>=1.1)"]
 tests = ["bottle", "celery (>=2.5)", "coverage (<4)", "exam (>=0.5.2)", "flake8 (3.5.0)", "logbook", "mock", "nose", "pytz", "pytest (>=3.2.0,<3.3.0)", "pytest-timeout (1.2.1)", "pytest-xdist (1.18.2)", "pytest-pythonpath (0.7.2)", "pytest-cov (2.5.1)", "pytest-flake8 (1.0.0)", "requests", "tornado (>=4.1,<5.0)", "tox", "webob", "webtest", "wheel", "anyjson", "zconfig", "Flask (>=0.8)", "blinker (>=1.1)", "Flask-Login (>=0.2.0)", "blinker (>=1.1)", "sanic (>=0.7.0)", "aiohttp"]
@@ -1141,6 +1158,7 @@ python-versions = "~3.6"
 version = "1.1dev0"
 
 [package.dependencies]
+cryptography = "2.7"
 pillar = "*"
 
 [package.source]
@@ -1197,6 +1215,17 @@ dev = ["pytest", "coverage", "tox", "sphinx", "pallets-sphinx-themes", "sphinx-i
 termcolor = ["termcolor"]
 watchdog = ["watchdog"]
 
+[[package]]
+category = "main"
+description = "A built-package format for Python"
+name = "wheel"
+optional = false
+python-versions = "!=3.0.*,!=3.1.*,!=3.2.*,!=3.3.*,!=3.4.*,>=2.7"
+version = "0.35.1"
+
+[package.extras]
+test = ["pytest (>=3.0.0)", "pytest-cov"]
+
 [[package]]
 category = "main"
 description = "A flexible forms validation and rendering library for Python web development."
@@ -1232,7 +1261,7 @@ docs = ["sphinx", "jaraco.packaging (>=3.2)", "rst.linker (>=1.9)"]
 testing = ["pathlib2", "contextlib2", "unittest2"]
 
 [metadata]
-content-hash = "265c6813c52bdf5230bc37b324a171cd457bb8ba13629afce81724cc8b5d1a01"
+content-hash = "118d1166a7f31cbd59191bd86521cf9a80a1f537f747bb7d4d5be0bfec71b45d"
 python-versions = "~3.6"
 
 [metadata.files]
@@ -1871,6 +1900,10 @@ werkzeug = [
     {file = "Werkzeug-0.15.4-py2.py3-none-any.whl", hash = "sha256:865856ebb55c4dcd0630cdd8f3331a1847a819dda7e8c750d3db6f2aa6c0209c"},
     {file = "Werkzeug-0.15.4.tar.gz", hash = "sha256:a0b915f0815982fb2a09161cb8f31708052d0951c3ba433ccc5e1aa276507ca6"},
 ]
+wheel = [
+    {file = "wheel-0.35.1-py2.py3-none-any.whl", hash = "sha256:497add53525d16c173c2c1c733b8f655510e909ea78cc0e29d374243544b77a2"},
+    {file = "wheel-0.35.1.tar.gz", hash = "sha256:99a22d87add3f634ff917310a3d87e499f19e663413a52eb9232c447aa646c9f"},
+]
 wtforms = [
     {file = "WTForms-2.2.1-py2.py3-none-any.whl", hash = "sha256:e3ee092c827582c50877cdbd49e9ce6d2c5c1f6561f849b3b068c1b8029626f1"},
     {file = "WTForms-2.2.1.tar.gz", hash = "sha256:0cdbac3e7f6878086c334aa25dc5a33869a3954e9d1e015130d65a69309b3b61"},

pyproject.toml

@@ -15,11 +15,61 @@ pillar = {path = "../pillar"}
 attract = {path = "../attract"}
 flamenco = {path = "../flamenco"}
 svnman = {path = "../pillar-svnman"}
+amqp = "2.5.0"
+asn1crypto = "0.24.0"
+attrs = "19.1.0"
+babel = "2.7.0"
+bcrypt = "3.1.6"
+billiard = "3.6.0.0"
+bleach = "3.1.0"
+celery = "4.3.0"
+cerberus = "1.3.1"
+certifi = "2019.3.9"
+cffi = "1.12.3"
+chardet = "3.0.4"
+click = "7.0"
+commonmark = "0.9.0"
+cryptography = "2.7"
+eve = "0.9.1"
+fasteners = "0.15"
+flask = "1.0.3"
+flask-wtf = "0.14.2"
+future = "0.17.1"
+google-apitools = "0.5.28"
+googleapis-common-protos = "1.6.0"
+grpcio = "1.21.1"
+httplib2 = "0.12.3"
+ipaddress = "1.0.22"
+jinja2 = "2.10.1"
+kombu = "4.6.0"
+protobuf = "3.8.0"
+pyasn1 = "0.4.5"
+pyasn1-modules = "0.2.5"
+pycparser = "2.19"
+pymongo = "3.8.0"
+pyopenssl = "19.0.0"
+pytz = "2019.1"
+requests = "2.22.0"
+rsa = "4.0"
+setuptools = "51.0.0"
+shortcodes = "2.5.0"
+simplejson = "3.16.0"
+six = "1.12.0"
+wheel = "0.35.1"
+wtforms = "2.2.1"
 
 [tool.poetry.dev-dependencies]
 pillar-devdeps = {path = "../pillar/devdeps"}
-
+responses = "0.10.6"
+zipp = "0.5.1"
+py = "1.8.0"
+colorama = "0.4.1"
+importlib-metadata = "0.17"
+more-itertools = "7.0.0"
+coverage = "4.5.3"
+pluggy = "0.12.0"
+atomicwrites = "1.3.0"
 
 [build-system]
-requires = ["poetry>=0.12"]
+requires = ["poetry==1.0","cryptography==2.7","setuptools==51.0.0","wheel==0.35.1"]
 build-backend = "poetry.masonry.api"