GH-34157: [C++] Configure bundled AWS SDK to use aws-lc instead of OpenSSL

[js8544]

Using OpenSSL causes various issues like #33808 (comment) and #34111. We should try to use aws-lc for libcrypto and libssl. We need to hide them inside s2n-tls to avoid name conflicts with OpenSSL used by other libraries.

Some notes:

1. Only linux needs s2n-tls and aws-lc.
2. Because aws-c-http requires curl which requires libcrypto from OpenSSL, we need to hide Aws::libcrypto by S2N_INTERN_LIBCRYPTO=ON.
3. aws-c-cal also uses libcrypto, but it can't hide it. So we need to use OpenSSL instead of aws-lc for it.
4. Mac and windows don't need s2n-tls, but do need some security libs from system, like -framework Security and ncrypt.lib.
5. arrow-s3fs-test is re-enabled.
6. Force Java Gandiva to use static protobuf lib.

• Closes: [C++] Configure bundled AWS SDK to use aws-lc instead of OpenSSL #34157

[github-actions]

• Closes: [C++] Configure bundled AWS SDK to use aws-lc instead of OpenSSL #34157

[js8544]

@github-actions crossbow submit -g cpp -g r

[js8544]

@github-actions crossbow submit java-jars

[js8544]

@github-actions crossbow submit -g cpp -g r

[js8544]

@github-actions crossbow submit java-jars

[js8544]

@github-actions crossbow submit java-jars

[js8544]

@github-actions crossbow submit -g cpp -g r

[js8544]

@github-actions crossbow submit java-jars

[js8544]

@github-actions crossbow submit -g cpp -g r

[js8544]

@github-actions crossbow submit java-jars

[js8544]

@github-actions crossbow submit -g cpp -g r

[js8544]

@github-actions crossbow submit java-jars

[js8544]

Ah, this is caused by Homebrew/homebrew-core#122277 . Homebrew stopped providing libprotobuf.a.

We need to prepare libprotobuf.a for us. But it is not related to this pull request. Could you open a new issue for it?

Nice find! I thought of this reason but didn't find this change. I created a new issue #34189 for this.

[js8544]

CI failures are unrelated. I think this is ready to to merged. cc @kou

[kou]

@github-actions crossbow submit -g cpp -g r java-jars

[js8544]

@github-actions crossbow submit -g cpp -g r java-jars
I just rebased to fix the zstd version issue.

[github-actions]

Revision: f44c1bf

Submitted crossbow builds: ursacomputing/crossbow @ actions-7b13f07b9d

Task	Status
conda-linux-aarch64-cpu-r41
conda-linux-aarch64-cpu-r42
conda-linux-x64-cpu-r41
conda-linux-x64-cpu-r42
conda-osx-arm64-cpu-r41
conda-osx-arm64-cpu-r42
conda-osx-x64-cpu-r41
conda-osx-x64-cpu-r42
conda-win-x64-cpu-r41
homebrew-r-autobrew
homebrew-r-brew
java-jars
r-binary-packages
test-alpine-linux-cpp
test-build-cpp-fuzz
test-conda-cpp
test-conda-cpp-valgrind
test-cuda-cpp
test-debian-10-cpp-amd64
test-debian-10-cpp-i386
test-debian-11-cpp-amd64
test-debian-11-cpp-i386
test-fedora-35-cpp
test-fedora-r-clang-sanitizer
test-r-arrow-backwards-compatibility
test-r-depsource-bundled
test-r-depsource-system
test-r-dev-duckdb
test-r-devdocs
test-r-gcc-11
test-r-gcc-12
test-r-install-local
test-r-install-local-minsizerel
test-r-library-r-base-latest
test-r-linux-as-cran
test-r-linux-rchk
test-r-linux-valgrind
test-r-minimal-build
test-r-offline-maximal
test-r-offline-minimal
test-r-rhub-debian-gcc-devel-lto-latest
test-r-rhub-debian-gcc-release-custom-ccache
test-r-rhub-ubuntu-gcc-release-latest
test-r-rstudio-r-base-4.1-opensuse153
test-r-rstudio-r-base-4.2-centos7-devtoolset-8
test-r-rstudio-r-base-4.2-focal
test-r-ubuntu-22.04
test-r-versions
test-ubuntu-18.04-cpp
test-ubuntu-18.04-cpp-release
test-ubuntu-18.04-cpp-static
test-ubuntu-18.04-r-sanitizer
test-ubuntu-20.04-cpp
test-ubuntu-20.04-cpp-20
test-ubuntu-20.04-cpp-bundled
test-ubuntu-20.04-cpp-thread-sanitizer
test-ubuntu-22.04-cpp

[kou]

Sorry. Can we try this?

diff --git a/ci/scripts/java_jni_macos_build.sh b/ci/scripts/java_jni_macos_build.sh
index 391d05642..37bbe1283 100755
--- a/ci/scripts/java_jni_macos_build.sh
+++ b/ci/scripts/java_jni_macos_build.sh
@@ -109,6 +109,7 @@ fi
 popd
 
 
+export JAVA_JNI_CMAKE_ARGS="-DProtobuf_ROOT=${build_dir}/cpp/protobuf_ep-install"
 ${arrow_dir}/ci/scripts/java_jni_build.sh \
   ${arrow_dir} \
   ${install_dir} \

[js8544]

@github-actions crossbow submit java-jars

[github-actions]

Revision: 89c547c

Submitted crossbow builds: ursacomputing/crossbow @ actions-4bf574a4e3

Task	Status
java-jars

[js8544]

Sorry. Can we try this?

diff --git a/ci/scripts/java_jni_macos_build.sh b/ci/scripts/java_jni_macos_build.sh
index 391d05642..37bbe1283 100755
--- a/ci/scripts/java_jni_macos_build.sh
+++ b/ci/scripts/java_jni_macos_build.sh
@@ -109,6 +109,7 @@ fi
 popd
 
 
+export JAVA_JNI_CMAKE_ARGS="-DProtobuf_ROOT=${build_dir}/cpp/protobuf_ep-install"
 ${arrow_dir}/ci/scripts/java_jni_build.sh \
   ${arrow_dir} \
   ${install_dir} \

It works. Thanks for suggesting this!

[kou]

+1

Thanks!

[kou]

@github-actions crossbow submit -g wheel

[github-actions]

Revision: 89c547c

Submitted crossbow builds: ursacomputing/crossbow @ actions-5407ab76c8

Task	Status
wheel-macos-big-sur-cp310-arm64
wheel-macos-big-sur-cp311-arm64
wheel-macos-big-sur-cp38-arm64
wheel-macos-big-sur-cp39-arm64
wheel-macos-mojave-cp310-amd64
wheel-macos-mojave-cp311-amd64
wheel-macos-mojave-cp37-amd64
wheel-macos-mojave-cp38-amd64
wheel-macos-mojave-cp39-amd64
wheel-manylinux2014-cp310-amd64
wheel-manylinux2014-cp310-arm64
wheel-manylinux2014-cp311-amd64
wheel-manylinux2014-cp311-arm64
wheel-manylinux2014-cp37-amd64
wheel-manylinux2014-cp37-arm64
wheel-manylinux2014-cp38-amd64
wheel-manylinux2014-cp38-arm64
wheel-manylinux2014-cp39-amd64
wheel-manylinux2014-cp39-arm64
wheel-windows-cp310-amd64
wheel-windows-cp311-amd64
wheel-windows-cp37-amd64
wheel-windows-cp38-amd64
wheel-windows-cp39-amd64

[kou]

@js8544 It seems that we need more work for manylinux wheels. Could you open a new issue for it?

[ursabot]

Benchmark runs are scheduled for baseline = b955da0 and contender = 798b417. 798b417 is a master commit associated with this PR. Results will be available as each benchmark for each run completes.
Conbench compare runs links:
[Finished ⬇️0.0% ⬆️0.0%] ec2-t3-xlarge-us-east-2
[Failed ⬇️0.18% ⬆️0.03%] test-mac-arm
[Finished ⬇️0.0% ⬆️0.0%] ursa-i9-9960x
[Finished ⬇️0.22% ⬆️0.03%] ursa-thinkcentre-m75q
Buildkite builds:
[Finished] 798b417e ec2-t3-xlarge-us-east-2
[Finished] 798b417e test-mac-arm
[Finished] 798b417e ursa-i9-9960x
[Finished] 798b417e ursa-thinkcentre-m75q
[Finished] b955da05 ec2-t3-xlarge-us-east-2
[Failed] b955da05 test-mac-arm
[Finished] b955da05 ursa-i9-9960x
[Finished] b955da05 ursa-thinkcentre-m75q
Supported benchmarks:
ec2-t3-xlarge-us-east-2: Supported benchmark langs: Python, R. Runs only benchmarks with cloud = True
test-mac-arm: Supported benchmark langs: C++, Python, R
ursa-i9-9960x: Supported benchmark langs: Python, R, JavaScript
ursa-thinkcentre-m75q: Supported benchmark langs: C++, Java

[ursabot]

['Python', 'R'] benchmarks have high level of regressions.
test-mac-arm