Move AWS-LC assertion up

We're currently seeing some [odd][1] CI failures in mainline CPython (at time of this commit message that's 3.14). There's some guidance in CPython's 3.12 release notes around setuputils and distutils that may be relevant here. [1]: https://github.com/aws/aws-lc/actions/runs/9037986216/job/24838188660?pr=1587 [2]: https://docs.python.org/3.12/whatsnew/3.12.html
WillChilds-Klein · May 10, 2024 · ca4114f · ca4114f
1 parent 3835635
commit ca4114f
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/tests/ci/integration/run_python_integration.sh b/tests/ci/integration/run_python_integration.sh
@@ -78,13 +78,14 @@ function python_run_3rd_party_tests() {
     echo creating virtualenv to isolate dependencies...
     ./python -m virtualenv ${venv} || ./python -m venv ${venv}
     source ${venv}/bin/activate
+    # assert that the virtual env's python is built against AWS-LC
+    ./python -c 'import ssl; print(ssl.OPENSSL_VERSION)' | grep AWS-LC
     echo installing other OpenSSL-dependent modules...
     ./python -m ensurepip
     ./python -m pip install 'boto3[crt]' 'cryptography'
     # this appears to be needed by more recent python versions
     ./python -m pip install setuptools
     echo running minor integration test of those dependencies...
-    ./python -c 'import ssl; print(ssl.OPENSSL_VERSION)' | grep AWS-LC
     ./python <<EOF
 import boto3
 import botocore
@@ -126,7 +127,6 @@ assert pt == f.decrypt(f.encrypt(pt))
 
 version = cryptography.hazmat.backends.openssl.backend.openssl_version_text()
 assert 'OpenSSL' in version, f"PyCA didn't link OpenSSL: {version}"
-
 EOF
     deactivate # function defined by .venv/bin/activate
     rm -rf ${venv}