RFE: Add support for building python pip packages #467
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Rename setup.py to setup.py.in so that the version variables can be autopopulated by automake/m4. This will be used in subsequent commits for building python wheels. Wheels are often built in containers, and the build containers don't have knowledge of automake, its configurations, and its environment variables, so we need to pre-populate the version information. Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Change the include of seccomp-syscalls.h from: #include <seccomp-syscalls.h> to: #include "seccomp-syscalls.h Change the include directive of seccomp-syscalls.h to be a local (rather than system-wide) include. This change is required for building python wheels inside of containers where the system-wide include path will likely not include the local path to seccomp-syscalls.h Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Add two new make targets: python-wheel: build a python wheel for this system python-wheels: build the series of python wheels for pip When building the wheels for pip, cibuildwheel utilizes Docker containers. Because of this, it cannot reach outside of the build directory, src/python, so any files outside of this folder - libseccomp.a, seccomp.h, etc. - must be copied into the src/python folder. Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Add three python continuous integration jobs: build-wheel: Build a wheel for the native build system build-wheels: Build wheels suitable for uploading to pip flake: Python lint checker Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
pcmoore
reviewed
Oct 8, 2025
| @echo " dist-gzip: build a release tarball" | ||
| @echo " coverity-tarball: build a tarball for use with Coverity (opt)" | ||
| @echo " python-wheel: build a python wheel for this system" | ||
| @echo " python-wheels: build python wheels for distribution to pip" |
Member
There was a problem hiding this comment.
Maybe it's just me, but I'm fairly certain I'm going to be forever typing the wrong target as they only differ in that plural 's' at the end; would changing python-wheels to python-wheels-pip be reasonable?
pcmoore
reviewed
Oct 8, 2025
| # Enhanced Seccomp Library Python Module Build Script | ||
| # | ||
| # Copyright (c) 2012 Red Hat <pmoore@redhat.com> | ||
| # Copyright (c) 2012-2025 Red Hat <pmoore@redhat.com> |
Member
There was a problem hiding this comment.
Typo? Did you mean to add a line for you/Oracle?
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This patchset adds support for building Python wheels that are suitable for upload to pip.
I uploaded the wheels generated by the Ubuntu 24.04 continuous integration run to the Test PyPi pip repository. Note that I have not uploaded any wheels to the formal pip repository. (We'll likely need to create a seccomp organization in pip just like the seccomp organization in github.)
For local testing, I used the following commands on my machine:
The above commands will load the package into
~/.local/lib/{PYTHON_VERSION}/site-packages/. With the packages loaded into the local python repo, any python program on that machine (run by the same user) can utilize the newly-built packages. For example, I ran several built-in tests in thetests/folder without updating thePYTHONPATHenvironment variable.