Python | 发包 2018 入坑记录

最近业务须要抽离，抽离出来的应用须要作成 Django 第三方包的形式，能够在任何 Django（也没那么神奇，例若有些版本就没测试）版本项目中，直接安装使用，因此这里仍是须要发包到 pypi。

第一次发包

我是先发到 test 环境 https://testpypi.python.org/，看下发包仍是不是符合个人预期，毕竟很长时间没发过包。

twine upload  -r pypitest dist/django-xxxxx-0.0.1.tar.gz
Uploading distributions to https://test.pypi.org/legacy/
Uploading django-xxxxx-0.0.1.tar.gz
  0%|                                                                                                            | 0.00/18.5k [00:00<?, ?B/s]
SSLError: HTTPSConnectionPool(host='test.pypi.org', port=443): Max retries exceeded with url: /legacy/ (Caused by SSLError(SSLError(1, u'[SSL: TLSV1_ALERT_PROTOCOL_VERSION] tlsv1 alert protocol version (_ssl.c:661)'),))

结果打脸，查了下资料，http://pyfound.blogspot.hk/20...，摘出来一部分

There are two deadlines to upgrade your Python to a version with the latest TLS. The first comes soon, on April 30, 2017, when python.org sites without Extended Validation Certificates will stop supporting TLS 1.0 and 1.1. These sites include:

testpypi.python.org
test.pypi.org
files.pythonhosted.org

大意是什么呢，意思就是提醒赶忙升级 python，那个后面只会只支持使用 TLS 1.2 版本的协议，低版本的再也不支持了，很不幸，testpypi.python.org 这个测试站点中止支持 TLS 1.0 和 1.1

接着按照给出的例子，本身测了下

python -m pip install --upgrade requests
python -c "import requests; print(requests.get('https://www.howsmyssl.com/a/check', verify=False).json()['tls_version'])"

TLS 1.0

If you see "TLS 1.2", your interpreter's TLS is up to date. If you see "TLS 1.0" or an error like "tlsv1 alert protocol version", then you must upgrade. ↩

第二次发包

按照文档上讲的，个人 python 过期了，那就直接升到 2.7.14；升完再跑一遍

python -c "import requests; print(requests.get('https://www.howsmyssl.com/a/check', verify=False).json()['tls_version'])"
/Users/allen/Develop/py3env/lib/python3.6/site-packages/urllib3/connectionpool.py:858: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings
  InsecureRequestWarning)
TLS 1.2

这下是否能够省心了，继续个人发包

twine upload  -r pypitest dist/django-xxxxx-0.0.1.tar.gz
Uploading distributions to https://test.pypi.org/legacy/
Uploading django-xxxxx-0.0.1.tar.gz
  0%|                                                                                                            | 0.00/18.5k [00:00<?, ?B/s]
SSLError: HTTPSConnectionPool(host='test.pypi.org', port=443): Max retries exceeded with url: /legacy/ (Caused by SSLError(SSLError(1, u'[SSL: TLSV1_ALERT_PROTOCOL_VERSION] tlsv1 alert protocol version (_ssl.c:661)'),))

很不幸，继续躺着，谷歌了下 pip install pyOpenSSL 若是已经安装了，更新下，保险；

第三次发包

twine upload  -r pypitest dist/django-xxxxx-0.0.1.tar.gz
Uploading distributions to https://test.pypi.org/legacy/
Uploading django-xxxxx-0.0.1.tar.gz
100%|███████████████████████████████████████████████████████████████████████████████████████████████████| 18.5k/18.5k [00:08<00:00, 2.13kB/s]

终于跑起来了，小结下

• 若是 Python 版本低，升级
• 若是 pyOpenSSL 版本低，升级
• 若是 requests 版本低，升级