Add TF wheel compliance verification in Bazel build rule.

The compliance check is disabled by default, but can be turned on by `--@local_tsl//third_party/py:wheel_compliance=true` option. PiperOrigin-RevId: 689511666
openxla · Nov 7, 2024 · 4818a64 · 4818a64
1 parent 3e448cf
commit 4818a64
Show file tree

Hide file tree

Showing 4 changed files with 172 additions and 4 deletions.
diff --git a/third_party/py/BUILD b/third_party/py/BUILD
@@ -52,3 +52,29 @@ config_setting(
         ":wheel_dependency": "True",
     },
 )
+
+# Flag indicating if the target requires wheel compliance verification.
+bool_flag(
+    name = "wheel_compliance",
+    # TODO(ybaturina): Enable the flag by default when hermetic C++ toolchain is ready.
+    build_setting_default = False,
+)
+
+config_setting(
+    name = "enable_wheel_compliance_verification",
+    flag_values = {
+        ":wheel_compliance": "True",
+    },
+)
+
+py_binary(
+    name = "verify_wheel_compliance_py",
+    srcs = [
+        "verify_wheel_compliance.py",
+    ],
+    main = "verify_wheel_compliance.py",
+    visibility = ["//visibility:public"],
+    deps = [
+        "@pypi_auditwheel//:pkg",
+    ],
+)
diff --git a/third_party/tsl/third_party/py/BUILD b/third_party/tsl/third_party/py/BUILD
@@ -52,3 +52,29 @@ config_setting(
         ":wheel_dependency": "True",
     },
 )
+
+# Flag indicating if the target requires wheel compliance verification.
+bool_flag(
+    name = "wheel_compliance",
+    # TODO(ybaturina): Enable the flag by default when hermetic C++ toolchain is ready.
+    build_setting_default = False,
+)
+
+config_setting(
+    name = "enable_wheel_compliance_verification",
+    flag_values = {
+        ":wheel_compliance": "True",
+    },
+)
+
+py_binary(
+    name = "verify_wheel_compliance_py",
+    srcs = [
+        "verify_wheel_compliance.py",
+    ],
+    main = "verify_wheel_compliance.py",
+    visibility = ["//visibility:public"],
+    deps = [
+        "@pypi_auditwheel//:pkg",
+    ],
+)
diff --git a/third_party/tsl/third_party/py/python_wheel_library.bzl b/third_party/tsl/third_party/py/python_wheel_library.bzl
@@ -9,19 +9,24 @@ def _unpacked_wheel_impl(ctx):
             if linker_input.libraries and linker_input.libraries[0].dynamic_library:
                 lib = linker_input.libraries[0].dynamic_library
                 libs.append(lib)
+    wheel = [
+        w
+        for w in ctx.files.wheel_rule_outputs
+        if w.basename.endswith(".whl")
+    ][0]
     script = """
     {zipper} x {wheel} -d {output}
     for lib in {libs}; do
         cp $lib {output}/tensorflow
     done
     """.format(
         zipper = ctx.executable.zipper.path,
-        wheel = ctx.file.wheel.path,
+        wheel = wheel.path,
         output = output_dir.path,
         libs = " ".join(["'%s'" % lib.path for lib in libs]),
     )
     ctx.actions.run_shell(
-        inputs = [ctx.file.wheel] + libs,
+        inputs = ctx.files.wheel_rule_outputs + libs,
         command = script,
         outputs = [output_dir],
         tools = [ctx.executable.zipper],
@@ -34,7 +39,7 @@ def _unpacked_wheel_impl(ctx):
 _unpacked_wheel = rule(
     implementation = _unpacked_wheel_impl,
     attrs = {
-        "wheel": attr.label(mandatory = True, allow_single_file = True),
+        "wheel_rule_outputs": attr.label(mandatory = True, allow_files = True),
         "zipper": attr.label(
             default = Label("@bazel_tools//tools/zip:zipper"),
             cfg = "exec",
@@ -48,7 +53,7 @@ def wheel_library(name, wheel, deps = [], wheel_deps = []):
     unpacked_wheel_name = name + "_unpacked_wheel"
     _unpacked_wheel(
         name = unpacked_wheel_name,
-        wheel = wheel,
+        wheel_rule_outputs = wheel,
         deps = wheel_deps,
     )
     native.py_library(

diff --git a/third_party/tsl/third_party/py/verify_wheel_compliance.py b/third_party/tsl/third_party/py/verify_wheel_compliance.py
@@ -0,0 +1,111 @@
+# Copyright 2024 The Tensorflow Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+"""Tool to verify wheel manylinux compliance."""
+
+import argparse
+import io
+import re
+import sys
+from auditwheel import main_show
+
+
+def parse_args() -> argparse.Namespace:
+  """Arguments parser."""
+  parser = argparse.ArgumentParser(
+      description="Helper for auditwheel", fromfile_prefix_chars="@"
+  )
+  parser.add_argument(
+      "--wheel_path", required=True, help="Path of the wheel, mandatory"
+  )
+  parser.add_argument(
+      "--compliance-tag", help="ManyLinux compliance tag", required=False
+  )
+  parser.add_argument(
+      "--compliance-verification-log-path",
+      help="Path to file with compliance verification results",
+      required=False,
+  )
+  return parser.parse_args()
+
+
+def get_auditwheel_output(wheel_path: str) -> None:
+  """Run "auditwheel show" on the wheel and return the output.
+
+  Args:
+    wheel_path: path of the wheel file
+
+  Returns:
+    "auditwheel show" output
+  """
+  stringio = io.StringIO()
+  previous_stdout = sys.stdout
+  sys.stdout = stringio
+
+  auditwheel_parser = argparse.ArgumentParser(
+      description="Cross-distro Python wheels."
+  )
+  sub_parsers = auditwheel_parser.add_subparsers(metavar="command", dest="cmd")
+  main_show.configure_parser(sub_parsers)
+  auditwheel_args = argparse.Namespace(
+      WHEEL_FILE=wheel_path,
+      verbose=1,
+  )
+  main_show.execute(args=auditwheel_args, p=auditwheel_parser)
+
+  sys.stdout = previous_stdout
+  return stringio.getvalue()
+
+
+def verify_wheel_compliance(
+    auditwheel_log: str,
+    compliance_tag: str,
+    verification_log_path: str,
+) -> None:
+  """Verify wheel compliance.
+
+  Args:
+    auditwheel_log: "auditwheel show" execution results
+    compliance_tag: manyLinux compliance tag
+    verification_log_path: path to file with compliance verification results
+
+  Raises:
+    RuntimeError: if the wheel is not manyLinux compliant.
+  """
+  regex = 'following platform tag: "{}"'.format(compliance_tag)
+  if re.search(regex, auditwheel_log):
+    with open(verification_log_path, "w") as verification_log:
+      verification_log.write(
+          "The wheel is {tag} compliant:\n{log}".format(
+              tag=compliance_tag, log=auditwheel_log
+          )
+      )
+  else:
+    raise RuntimeError(
+        (
+            "The wheel is not compliant with tag {tag}."
+            + " If you want to disable this check, please provide"
+            + " `--//tensorflow/tools/pip_package:wheel_compliance=false`."
+            + "\n{result}"
+        ).format(tag=compliance_tag, result=auditwheel_log)
+    )
+
+
+if __name__ == "__main__":
+  args = parse_args()
+  auditwheel_output = get_auditwheel_output(args.wheel_path)
+  verify_wheel_compliance(
+      auditwheel_output,
+      args.compliance_tag,
+      args.compliance_verification_log_path,
+  )