Mitigate new Rust compiler dependency on Linux via transitive cryptography dependency

Description

cryptography is a transitive dependency of the synapseclient on Linux (keyring -> SecretStorage -> cryptography).

The recently released cryptography 3.4 requires a Rust compiler to compile from source. A Python interpreter on a Linux system without a Rust compiler that does not already have cryptography installed and that cannot install from one of the pre-compiled wheels (for example because it's using an old version of pip or because there is no wheel for the architecture) will raise an error when installing synapseclient.

e.g.
```
docker run -ti ubuntu:16.04 /bin/bash

  1. downgrade pip to a version that doesn't won't be able to install from a wheel
    pip install pip==18.1

pip install synapseclient

running build_rust

=============================DEBUG ASSISTANCE=============================
If you are seeing a compilation error please try the following steps to
successfully install cryptography:
1) Upgrade to the latest pip and try again. This will fix errors for most
users. See: https://pip.pypa.io/en/stable/installing/#upgrading-pip
2) Read https://cryptography.io/en/latest/installation.html for specific
instructions for your platform.
3) Check our frequently asked questions for more information:
https://cryptography.io/en/latest/faq.html
4) Ensure you have a recent Rust toolchain installed:
https://cryptography.io/en/latest/installation.html#rust
5) If you are experiencing issues with Rust for this release only you may
set the environment variable `CRYPTOGRAPHY_DONT_BUILD_RUST=1`.
=============================DEBUG ASSISTANCE=============================

error: Can not find Rust compiler

----------------------------------------
Command "/usr/local/bin/python -u -c "import setuptools, tokenize;_file='/tmp/pip-install-szcg2p02/cryptography/setup.py';f=getattr(tokenize, 'open', open)(file_);code=f.read().replace('\r\n', '\n');f.close();exec(compile(code, _file_, 'exec'))" install --record /tmp/pip-record-mby_dibi/install-record.txt --single-version-externally-managed --compile" failed with error code 1 in /tmp/pip-install-szcg2p02/cryptography/
You are using pip version 18.1, however version 21.0.1 is available.
You should consider upgrading via the 'pip install --upgrade pip' command.

This is an issue with synapser https://sagebionetworks.jira.com/browse/SYNR-1475 but can also affect a standalone Python installation as above.

A temporary workaround is to use the ```export CRYPTOGRAPHY_DONT_BUILD_RUST=true``` flag but this will not work past cyrptography 3.4.

We could pin 3.4 as a dependency of synapseclient on Linux, but preferably only if it's not already installed as if someone has a 3.4 version of cryptography we wouldn't want to downgrade them.

Environment

Linux with pip < 20

Activity

Show:
Jordan Kiang
March 3, 2021, 12:51 AM

This can be verified on a 20.04 ubuntu installation with a manually downgraded pip that won't support the cryptography wheels:

Current version fails after downgrading pip to 18.1:

RC installs successfully with the same pip version:

Fixed

Assignee

Jordan Kiang

Reporter

Jordan Kiang

Labels

None

Validator

None

Development Area

None

Release Version History

None

Slack Channel

None

Fix versions

Affects versions

Priority

Major