Resolve "Error when using backup-utility with GitLab 17.5.4" (!2147) · Merge requests · GitLab.org / Build / CNG

What does this MR do?

We pin gsutil but not pyOpenSSL which is a direct dependency that gets installed when we pip3 install gsutil.

The latest version 24.3.0 introduces 2 breaking changes which break gsutil.

The pyOpenSSL 24.3.0 release notes say:

Removed the deprecated OpenSSL.crypto.sign and OpenSSL.crypto.verify. cryptography.hazmat.primitives.asymmetric’s signature APIs should be used instead.

Run gsutil -m cp -r gs://<bucket-path> / to copy a remote object to local storage.

The gsutil will raise the module 'OpenSSL.crypto' has no attribute 'sign' error.

Proposal

Pin pyOpenSSL to 24.2.1.
Use ci_files/variables.yml for version tracking.

Possible follow-ups

Create a Renovate config pinning pyOpenSSL to 24.2.1.

Related issues

Related to #2135 (closed)

Checklist

See Definition of done.

For anything in this list which will not be completed, please provide a reason in the MR discussion

Required

Merge Request Title, and Description are up to date, accurate, and descriptive
MR targeting the appropriate branch
MR has a green pipeline on GitLab.com
When ready for review, MR is labeled "~workflow::ready for review" per the Distribution MR workflow

Expected (please provide an explanation if not completing)

Test plan indicating conditions for success has been posted and passes
Documentation created/updated
Integration tests added to GitLab QA
The impact any change in container size has should be evaluated
New dependencies are managed with GitLab forked renovatebot

Closes #2135 (closed)

Edited Dec 20, 2024 by Jason Plum

Resolve "Error when using backup-utility with GitLab 17.5.4"