Updating crates.io index

tonymagalha · July 6, 2022, 3:37pm

Hi guys, I have a problem installing cryptography-37.0.3 in order to use ansible-base-2.10.17.

The installation takes place normally until the moment you stop updating ( Updating crates.io index )

The problem is that the machine I am on does not allow me to access the internet, so after a certain time an error occurs.

I didn't find in the manual a way to perform the offline installation.

I've already put the environment variable CARGO_NET_OFFLINE with the true value and even then I can't proceed.

I believe that Rust at the time of performing the update causes this.

I haven't found any way to install cryptography3 offline without relying on a Rust build

Python: 3.8.11
platform: Linux-3.10.0-1160.11.1.el7.x86_64-x86_64-with-glibc2.17
pip: 21.1.1
setuptools: 62.6.0
setuptools_rust: 1.4.1
rustc: 1.62.0 (a8314ef7d 2022-06-27)

notriddle · July 6, 2022, 3:45pm

In short, it needs to be downloaded somewhere that has internet access, then copied over to your airgapped machine. There's a few different ways that you could do that, but here's the one I recommend:

After downloading and unpacking the cryptography source tarball, run these commands on a computer that has internet access:

$ cd src/rust/
$ cargo vendor
$ mkdir .cargo
$ cat > .cargo/config.toml
[source.crates-io]
replace-with = "vendored-sources"
[source.vendored-sources]
directory = "vendor"

Then copy the modified version of cryptography3 over to the airgapped machine, and build it there. For more information on this, read the manual page on the cargo vendor command.

This is a pretty bad solution. The proper solution is for the cryptography3 people to do this themselves before releasing the package. That way, anyone building an internal mirror of pypi will also have all this Rust code mirrored there, instead of implicitly creating a dependency between pypi and crates.io

kornel · July 6, 2022, 4:32pm

Cargo works offline only after it has cached the index and dependencies that are needed. The cryptography crate uses dependencies from crates.io, so they have to be downloaded first. The problem is similar to running pip install offline.

CARGO_NET_OFFLINE could work if you copy ~/.cargo directory from a machine that has already fetched required dependencies. There's cargo fetch that you can run in a directory with Cargo.toml and Cargo.lock for the Rust part of the cryptography crate.

bjorn3 · July 7, 2022, 12:29pm

There are already wheels for Linux, macOS and Windows: cryptography · PyPI AFAIK a python wheel contains native libraries in already compiled form. @tonymagalha do you think you know why pip doesn't pick up on this wheel?