GH-36456: [R] Link to correct version of OpenSSL when using autobrew #36551
Conversation
github-actions
bot
added
Component: R
awaiting committer review
|
@github-actions crossbow submit r-binary-packages homebrew-r-autobrew |
|
Revision: b896259 Submitted crossbow builds: ursacomputing/crossbow @ actions-3d21794472
|
|
@github-actions crossbow submit r-binary-packages homebrew-r-autobrew |
|
Revision: 15700d4 Submitted crossbow builds: ursacomputing/crossbow @ actions-007d7f7198
|
|
@github-actions crossbow submit r-binary-packages homebrew-r-autobrew |
|
Revision: 6a538f4 Submitted crossbow builds: ursacomputing/crossbow @ actions-0bc60af847
|
|
@github-actions crossbow submit r-binary-packages homebrew-r-autobrew |
|
Revision: 047bc6a Submitted crossbow builds: ursacomputing/crossbow @ actions-bd672e75e9
|
|
@github-actions crossbow submit r-binary-packages homebrew-r-autobrew |
|
Revision: 047bc6a Submitted crossbow builds: ursacomputing/crossbow @ actions-47a81f0980
|
|
@nealrichardson If my reading of all this is correct, I think this will change the OpenSSL that is linked by default in the CRAN package that everybody uses. Is there a reason that this wasn't done before that I'm not aware of? |
|
No reason I recall that it wasn't done before. How does upstream autobrew handle this? If we're pinning a version, why not pin 3 instead of 1.1? (Edit: oh I see you mentioned that in the description) |
|
@nealrichardson Thanks!
I am not sure what this means! I assumed the formula in the autobrew repos is modified to reflect the one I modified here before each release? My understanding of autobrew is admittedly limited. |
There was a problem hiding this comment.
+1
Great!
(But I don't know why [email protected] is chosen instead of openssl@3 by Apache Arrow C++ when both of them are installed...)
github-actions
bot
added
awaiting merge
We do, but @jeroen maintains the actual autobrew formulae and scripts (here, here, and here, specifically), of which ours are copies that we modify to test on every commit. When changes to Homebrew happen or CRAN mandates new things, he handles it there, and we should watch (at release time, or when things break) for changes we need to pull in accordingly to stay in sync. I don't see openssl pinned there, so I'm not sure what's different such that we need it--something with the self-hosted runner setup, perhaps? If so, that's probably ok, though might be worth adding comments that that's the case. Re: openssl version, Homebrew actually has |
|
You already explicitly depend on openssl via thrift (and aws-sdk maybe)? ## brew deps --tree apache-arrow-static
autobrew/cran/apache-arrow-static
├── aws-sdk-cpp-static
├── brotli
├── lz4
├── snappy
├── thrift
│ └── openssl@3
│ └── ca-certificates
└── zstd
├── lz4
└── xzUpstream homebrew bumped thrift and aws-sdk to openssl@3 a few weeks ago, so the next release of the apache-arrow-static bundle will automatically include openssl@3. The current PR will probably create a conflict because you end up depending on both openssl@11 and openssl@3. This may work in a dynamic linked stack, but once you try to statically link the entire stack in the R package this will probably create symbol conflicts. |
|
@github-actions crossbow submit r-binary-packages homebrew-r-autobrew |
|
Revision: 018ca98 Submitted crossbow builds: ursacomputing/crossbow @ actions-225ba98cc6
|
|
@github-actions crossbow submit r-binary-packages homebrew-r-autobrew |
Co-authored-by: Sutou Kouhei <[email protected]>
|
@github-actions crossbow submit r-binary-packages homebrew-r-autobrew |
|
Revision: ae451ee Submitted crossbow builds: ursacomputing/crossbow @ actions-0fd077276c
|
|
@github-actions crossbow submit r-binary-packages homebrew-r-autobrew |
|
Revision: 0043b1c Submitted crossbow builds: ursacomputing/crossbow @ actions-1602f52d96
|
|
Ok: I opened #36707 for the CI failure and for the r-binary-packages failure; also, I removed any unnecessary changes to the formulae. |
r/configure
Outdated
There was a problem hiding this comment.
Could you revert changes in this file?
github-actions
bot
added
awaiting merge
…36551) ### Rationale for this change The r-binary-packages job (which uses autobrew) and the autobrew nightly jobs are failing because they are linking to a different version of OpenSSL than the package was built against. I believe this occurred because Arrow and its dependencies are built against the autobrew headers which included openssl. The `ssl` and `crypto` libraries weren't explicitly linked, so I think whatever LibreSSL fork MacOS installs by default was getting linked. This was perhaps compatible using the version of autobrew for High Sierra/the version of LibreSSL on High Sierra but was not compatible with the version of autobrew for Big Sur/the version of LibreSSL on Big Sur. ### What changes are included in this PR? This PR explicitly adds OpenSSL 1.1 to the autobrew formulas and explicitly adds `-lssl -lcrypto` to the PKG_LIBS (1.1 because that's what was in the corresponding homebrew formula). ### Are these changes tested? Existing nightly tests cover these changes. ### Are there any user-facing changes? No. * Closes: #36456 Lead-authored-by: Dewey Dunnington <[email protected]> Co-authored-by: Dewey Dunnington <[email protected]> Co-authored-by: Sutou Kouhei <[email protected]> Signed-off-by: Dewey Dunnington <[email protected]>
…obrew (apache#36551) ### Rationale for this change The r-binary-packages job (which uses autobrew) and the autobrew nightly jobs are failing because they are linking to a different version of OpenSSL than the package was built against. I believe this occurred because Arrow and its dependencies are built against the autobrew headers which included openssl. The `ssl` and `crypto` libraries weren't explicitly linked, so I think whatever LibreSSL fork MacOS installs by default was getting linked. This was perhaps compatible using the version of autobrew for High Sierra/the version of LibreSSL on High Sierra but was not compatible with the version of autobrew for Big Sur/the version of LibreSSL on Big Sur. ### What changes are included in this PR? This PR explicitly adds OpenSSL 1.1 to the autobrew formulas and explicitly adds `-lssl -lcrypto` to the PKG_LIBS (1.1 because that's what was in the corresponding homebrew formula). ### Are these changes tested? Existing nightly tests cover these changes. ### Are there any user-facing changes? No. * Closes: apache#36456 Lead-authored-by: Dewey Dunnington <[email protected]> Co-authored-by: Dewey Dunnington <[email protected]> Co-authored-by: Sutou Kouhei <[email protected]> Signed-off-by: Dewey Dunnington <[email protected]>
|
After merging your PR, Conbench analyzed the 6 benchmarking runs that have been run so far on merge-commit ed87a5b. There were no benchmark performance regressions. 🎉 The full Conbench report has more details. It also includes information about possible false positives for unstable benchmarks that are known to sometimes produce them. |
…obrew (apache#36551) ### Rationale for this change The r-binary-packages job (which uses autobrew) and the autobrew nightly jobs are failing because they are linking to a different version of OpenSSL than the package was built against. I believe this occurred because Arrow and its dependencies are built against the autobrew headers which included openssl. The `ssl` and `crypto` libraries weren't explicitly linked, so I think whatever LibreSSL fork MacOS installs by default was getting linked. This was perhaps compatible using the version of autobrew for High Sierra/the version of LibreSSL on High Sierra but was not compatible with the version of autobrew for Big Sur/the version of LibreSSL on Big Sur. ### What changes are included in this PR? This PR explicitly adds OpenSSL 1.1 to the autobrew formulas and explicitly adds `-lssl -lcrypto` to the PKG_LIBS (1.1 because that's what was in the corresponding homebrew formula). ### Are these changes tested? Existing nightly tests cover these changes. ### Are there any user-facing changes? No. * Closes: apache#36456 Lead-authored-by: Dewey Dunnington <[email protected]> Co-authored-by: Dewey Dunnington <[email protected]> Co-authored-by: Sutou Kouhei <[email protected]> Signed-off-by: Dewey Dunnington <[email protected]>
Rationale for this change
The r-binary-packages job (which uses autobrew) and the autobrew nightly jobs are failing because they are linking to a different version of OpenSSL than the package was built against. I believe this occurred because Arrow and its dependencies are built against the autobrew headers which included openssl. The
sslandcryptolibraries weren't explicitly linked, so I think whatever LibreSSL fork MacOS installs by default was getting linked. This was perhaps compatible using the version of autobrew for High Sierra/the version of LibreSSL on High Sierra but was not compatible with the version of autobrew for Big Sur/the version of LibreSSL on Big Sur.What changes are included in this PR?
This PR explicitly adds OpenSSL 1.1 to the autobrew formulas and explicitly adds
-lssl -lcryptoto the PKG_LIBS (1.1 because that's what was in the corresponding homebrew formula).Are these changes tested?
Existing nightly tests cover these changes.
Are there any user-facing changes?
No.