ci: explicitly help out aws-lc-sys with bindgen
This commit is contained in:
@@ -242,42 +242,40 @@ jobs:
|
||||
run: |
|
||||
set -euxo pipefail
|
||||
sudo apt-get -y update
|
||||
# toolchain needed by bindgen & vendored C builds
|
||||
sudo apt-get -y install clang llvm-dev libclang-dev pkg-config cmake make build-essential musl-tools
|
||||
# install the external bindgen that aws-lc-sys can call
|
||||
cargo install --locked bindgen-cli
|
||||
# make libclang discoverable to bindgen
|
||||
echo "LIBCLANG_PATH=$(llvm-config --libdir)" >> "$GITHUB_ENV"
|
||||
# force install to avoid stale cache issues
|
||||
cargo install --force --locked bindgen-cli
|
||||
echo "$HOME/.cargo/bin" >> "$GITHUB_PATH"
|
||||
# sanity check (fail early if not visible)
|
||||
# help bindgen find libclang
|
||||
echo "LIBCLANG_PATH=$(llvm-config --libdir)" >> "$GITHUB_ENV"
|
||||
# quick visibility checks (fail early if missing)
|
||||
which bindgen
|
||||
bindgen --version
|
||||
clang --version
|
||||
|
||||
- name: Configure bindgen target flags (musl)
|
||||
- name: Configure bindgen target flags for musl cross-compile
|
||||
if: matrix.job.os == 'ubuntu-latest' && contains(matrix.job.target, 'musl')
|
||||
shell: bash
|
||||
run: |
|
||||
set -euxo pipefail
|
||||
case "${{ matrix.job.target }}" in
|
||||
set -euo pipefail
|
||||
triple='${{ matrix.job.target }}'
|
||||
# Bindgen needs explicit target to avoid host header confusion
|
||||
echo "BINDGEN_EXTRA_CLANG_ARGS_${triple//-/_}=--target=$triple" >> "$GITHUB_ENV"
|
||||
# CC hints help any C sub-builds in the tree
|
||||
case "$triple" in
|
||||
x86_64-unknown-linux-musl)
|
||||
echo "BINDGEN_EXTRA_CLANG_ARGS_x86_64_unknown_linux_musl=--target=x86_64-unknown-linux-musl" >> "$GITHUB_ENV"
|
||||
echo "CC_x86_64_unknown_linux_musl=musl-gcc" >> "$GITHUB_ENV"
|
||||
;;
|
||||
aarch64-unknown-linux-musl)
|
||||
# provided by your cross toolchain action
|
||||
echo "BINDGEN_EXTRA_CLANG_ARGS_aarch64_unknown_linux_musl=--target=aarch64-unknown-linux-musl" >> "$GITHUB_ENV"
|
||||
echo "CC_aarch64_unknown_linux_musl=aarch64-linux-musl-gcc" >> "$GITHUB_ENV"
|
||||
;;
|
||||
arm-unknown-linux-musleabihf)
|
||||
echo "BINDGEN_EXTRA_CLANG_ARGS_arm_unknown_linux_musleabihf=--target=arm-unknown-linux-musleabihf" >> "$GITHUB_ENV"
|
||||
echo "CC_arm_unknown_linux_musleabihf=arm-linux-musleabihf-gcc" >> "$GITHUB_ENV"
|
||||
;;
|
||||
armv7-unknown-linux-musleabihf)
|
||||
echo "BINDGEN_EXTRA_CLANG_ARGS_armv7_unknown_linux_musleabihf=--target=armv7-unknown-linux-musleabihf" >> "$GITHUB_ENV"
|
||||
echo "CC_armv7_unknown_linux_musleabihf=armv7-linux-musleabihf-gcc" >> "$GITHUB_ENV"
|
||||
;;
|
||||
esac
|
||||
# helpful when linking C sub-builds
|
||||
echo "PKG_CONFIG_ALLOW_CROSS=1" >> "$GITHUB_ENV"
|
||||
|
||||
- name: OpenSSL (vendored) toolchain for musl
|
||||
|
||||
@@ -9,35 +9,3 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
||||
|
||||
### Other
|
||||
- Initial test release of the `gman` project.
|
||||
|
||||
## v0.0.2 (2025-09-13)
|
||||
|
||||
### Fix
|
||||
|
||||
- Revert back hacky stuff so I can test with act now
|
||||
- Attempting to use pre-generated bindgens for the aws-lc-sys library
|
||||
- Install openSSL differently to make this work
|
||||
- Address edge case for unknown_musl targets
|
||||
- Install LLVM prereqs for release flow
|
||||
- Updated the release flow to install the external bindgen-cli
|
||||
|
||||
## v0.0.1 (2025-09-12)
|
||||
|
||||
### Feat
|
||||
|
||||
- Azure Key Vault support
|
||||
- GCP Secret Manager support
|
||||
- Full AWS SecretsManager support
|
||||
- AWS Secrets Manager support
|
||||
- Added two new flags to output where gman writes logs to and where it expects the config file to live
|
||||
|
||||
### Fix
|
||||
|
||||
- Made the vault file location more fault tolerant
|
||||
- Attempting to maybe be a bit more explicit about config file handling to fix MacOS tests
|
||||
|
||||
### Refactor
|
||||
|
||||
- Refactor configuration structs directly into the provider definition to simplify validation, structs, and future extensions
|
||||
- Made the creation of the log directories a bit more fault tolerant
|
||||
- Renamed the provider field in a config file to type to make things a little easier to understand; also removed husky
|
||||
|
||||
Generated
+2
-1
@@ -1576,13 +1576,14 @@ checksum = "0cc23270f6e1808e30a928bdc84dea0b9b4136a8bc82338574f23baf47bbd280"
|
||||
|
||||
[[package]]
|
||||
name = "gman"
|
||||
version = "0.0.2"
|
||||
version = "0.0.1"
|
||||
dependencies = [
|
||||
"anyhow",
|
||||
"argon2",
|
||||
"assert_cmd",
|
||||
"async-trait",
|
||||
"aws-config",
|
||||
"aws-lc-sys",
|
||||
"aws-sdk-secretsmanager",
|
||||
"azure_identity",
|
||||
"azure_security_keyvault_secrets",
|
||||
|
||||
+2
-1
@@ -1,6 +1,6 @@
|
||||
[package]
|
||||
name = "gman"
|
||||
version = "0.0.2"
|
||||
version = "0.0.1"
|
||||
edition = "2024"
|
||||
authors = ["Alex Clarke <alex.j.tusa@gmail.com>"]
|
||||
description = "Universal secret management and injection tool"
|
||||
@@ -60,6 +60,7 @@ azure_identity = "0.27.0"
|
||||
azure_security_keyvault_secrets = "0.6.0"
|
||||
openssl = { version = "0.10", features = ["vendored"] }
|
||||
openssl-sys = { version = "0.9", features = ["vendored"] }
|
||||
aws-lc-sys = { version = "0.31.0", features = ["bindgen"] }
|
||||
|
||||
[dev-dependencies]
|
||||
pretty_assertions = "1.4.1"
|
||||
|
||||
Reference in New Issue
Block a user