Dark-Alex-17/gman
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

ci: explicitly help out aws-lc-sys with bindgen

Browse Source
This commit is contained in:
Alex Clarke
2025-09-13 14:06:40 -06:00
parent ce42f51606
commit fcab216926
4 changed files with 17 additions and 49 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.github/workflows/release.yml
+13 -15
View File
@@ -242,42 +242,40 @@ jobs:
run: | run: |
set -euxo pipefail set -euxo pipefail
sudo apt-get -y update sudo apt-get -y update
# toolchain needed by bindgen & vendored C builds
sudo apt-get -y install clang llvm-dev libclang-dev pkg-config cmake make build-essential musl-tools sudo apt-get -y install clang llvm-dev libclang-dev pkg-config cmake make build-essential musl-tools
# install the external bindgen that aws-lc-sys can call # force install to avoid stale cache issues
cargo install --locked bindgen-cli cargo install --force --locked bindgen-cli
# make libclang discoverable to bindgen
echo "LIBCLANG_PATH=$(llvm-config --libdir)" >> "$GITHUB_ENV"
echo "$HOME/.cargo/bin" >> "$GITHUB_PATH" echo "$HOME/.cargo/bin" >> "$GITHUB_PATH"
# sanity check (fail early if not visible) # help bindgen find libclang
echo "LIBCLANG_PATH=$(llvm-config --libdir)" >> "$GITHUB_ENV"
# quick visibility checks (fail early if missing)
which bindgen
bindgen --version bindgen --version
clang --version clang --version
- name: Configure bindgen target flags (musl) - name: Configure bindgen target flags for musl cross-compile
if: matrix.job.os == 'ubuntu-latest' && contains(matrix.job.target, 'musl') if: matrix.job.os == 'ubuntu-latest' && contains(matrix.job.target, 'musl')
shell: bash shell: bash
run: | run: |
set -euxo pipefail set -euo pipefail
case "${{ matrix.job.target }}" in triple='${{ matrix.job.target }}'
# Bindgen needs explicit target to avoid host header confusion
echo "BINDGEN_EXTRA_CLANG_ARGS_${triple//-/_}=--target=$triple" >> "$GITHUB_ENV"
# CC hints help any C sub-builds in the tree
case "$triple" in
x86_64-unknown-linux-musl) x86_64-unknown-linux-musl)
echo "BINDGEN_EXTRA_CLANG_ARGS_x86_64_unknown_linux_musl=--target=x86_64-unknown-linux-musl" >> "$GITHUB_ENV"
echo "CC_x86_64_unknown_linux_musl=musl-gcc" >> "$GITHUB_ENV" echo "CC_x86_64_unknown_linux_musl=musl-gcc" >> "$GITHUB_ENV"
;; ;;
aarch64-unknown-linux-musl) aarch64-unknown-linux-musl)
# provided by your cross toolchain action
echo "BINDGEN_EXTRA_CLANG_ARGS_aarch64_unknown_linux_musl=--target=aarch64-unknown-linux-musl" >> "$GITHUB_ENV"
echo "CC_aarch64_unknown_linux_musl=aarch64-linux-musl-gcc" >> "$GITHUB_ENV" echo "CC_aarch64_unknown_linux_musl=aarch64-linux-musl-gcc" >> "$GITHUB_ENV"
;; ;;
arm-unknown-linux-musleabihf) arm-unknown-linux-musleabihf)
echo "BINDGEN_EXTRA_CLANG_ARGS_arm_unknown_linux_musleabihf=--target=arm-unknown-linux-musleabihf" >> "$GITHUB_ENV"
echo "CC_arm_unknown_linux_musleabihf=arm-linux-musleabihf-gcc" >> "$GITHUB_ENV" echo "CC_arm_unknown_linux_musleabihf=arm-linux-musleabihf-gcc" >> "$GITHUB_ENV"
;; ;;
armv7-unknown-linux-musleabihf) armv7-unknown-linux-musleabihf)
echo "BINDGEN_EXTRA_CLANG_ARGS_armv7_unknown_linux_musleabihf=--target=armv7-unknown-linux-musleabihf" >> "$GITHUB_ENV"
echo "CC_armv7_unknown_linux_musleabihf=armv7-linux-musleabihf-gcc" >> "$GITHUB_ENV" echo "CC_armv7_unknown_linux_musleabihf=armv7-linux-musleabihf-gcc" >> "$GITHUB_ENV"
;; ;;
esac esac
# helpful when linking C sub-builds
echo "PKG_CONFIG_ALLOW_CROSS=1" >> "$GITHUB_ENV" echo "PKG_CONFIG_ALLOW_CROSS=1" >> "$GITHUB_ENV"
- name: OpenSSL (vendored) toolchain for musl - name: OpenSSL (vendored) toolchain for musl
CHANGELOG.md
-32
View File
@@ -9,35 +9,3 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
### Other ### Other
- Initial test release of the `gman` project. - Initial test release of the `gman` project.
## v0.0.2 (2025-09-13)
### Fix
- Revert back hacky stuff so I can test with act now
- Attempting to use pre-generated bindgens for the aws-lc-sys library
- Install openSSL differently to make this work
- Address edge case for unknown_musl targets
- Install LLVM prereqs for release flow
- Updated the release flow to install the external bindgen-cli
## v0.0.1 (2025-09-12)
### Feat
- Azure Key Vault support
- GCP Secret Manager support
- Full AWS SecretsManager support
- AWS Secrets Manager support
- Added two new flags to output where gman writes logs to and where it expects the config file to live
### Fix
- Made the vault file location more fault tolerant
- Attempting to maybe be a bit more explicit about config file handling to fix MacOS tests
### Refactor
- Refactor configuration structs directly into the provider definition to simplify validation, structs, and future extensions
- Made the creation of the log directories a bit more fault tolerant
- Renamed the provider field in a config file to type to make things a little easier to understand; also removed husky
Cargo.lock
Generated
+2 -1
View File
@@ -1576,13 +1576,14 @@ checksum = "0cc23270f6e1808e30a928bdc84dea0b9b4136a8bc82338574f23baf47bbd280"
[[package]] [[package]]
name = "gman" name = "gman"
version = "0.0.2" version = "0.0.1"
dependencies = [ dependencies = [
"anyhow", "anyhow",
"argon2", "argon2",
"assert_cmd", "assert_cmd",
"async-trait", "async-trait",
"aws-config", "aws-config",
"aws-lc-sys",
"aws-sdk-secretsmanager", "aws-sdk-secretsmanager",
"azure_identity", "azure_identity",
"azure_security_keyvault_secrets", "azure_security_keyvault_secrets",
Cargo.toml
+2 -1
View File
@@ -1,6 +1,6 @@
[package] [package]
name = "gman" name = "gman"
version = "0.0.2" version = "0.0.1"
edition = "2024" edition = "2024"
authors = ["Alex Clarke <alex.j.tusa@gmail.com>"] authors = ["Alex Clarke <alex.j.tusa@gmail.com>"]
description = "Universal secret management and injection tool" description = "Universal secret management and injection tool"
@@ -60,6 +60,7 @@ azure_identity = "0.27.0"
azure_security_keyvault_secrets = "0.6.0" azure_security_keyvault_secrets = "0.6.0"
openssl = { version = "0.10", features = ["vendored"] } openssl = { version = "0.10", features = ["vendored"] }
openssl-sys = { version = "0.9", features = ["vendored"] } openssl-sys = { version = "0.9", features = ["vendored"] }
aws-lc-sys = { version = "0.31.0", features = ["bindgen"] }
[dev-dependencies] [dev-dependencies]
pretty_assertions = "1.4.1" pretty_assertions = "1.4.1"