From 5b0735c120199b0a0bc290da38537f738b90c961 Mon Sep 17 00:00:00 2001 From: Bart van der Braak Date: Mon, 6 Nov 2023 22:39:41 +0100 Subject: [PATCH 01/11] feat: add target tests file for debugging --- .github/workflows/target-tests.yml | 90 ++++++++++++++++++++++++++++++ 1 file changed, 90 insertions(+) create mode 100644 .github/workflows/target-tests.yml diff --git a/.github/workflows/target-tests.yml b/.github/workflows/target-tests.yml new file mode 100644 index 0000000..2aeebe1 --- /dev/null +++ b/.github/workflows/target-tests.yml @@ -0,0 +1,90 @@ +name: Release + +on: + push: + branches: + - "feat/additional-build-targets" + pull_request: + branches: + - "main" + paths: + - ".github/workflows/target-tests.yml" + +jobs: + build: + strategy: + matrix: + name: + - linux-x86-64-gnu + # - linux-x86-64-musl + # - linux-armhf-gnu + # - linux-arm64-gnu + # - mac-x86-64 + # - mac-arm64 + include: + - name: linux-x86-64-gnu + os: ubuntu-20.04 + target: x86_64-unknown-linux-gnu + cross: false + experimental: false + + # - name: linux-x86-64-musl + # os: ubuntu-latest + # target: x86_64-unknown-linux-musl + # cross: true + # experimental: false + + # - name: linux-armhf-gnu + # os: ubuntu-20.04 + # target: armv7-unknown-linux-gnueabihf + # cross: true + # experimental: false + + # - name: linux-arm64-gnu + # os: ubuntu-20.04 + # target: aarch64-unknown-linux-gnu + # cross: true + # experimental: false + + # - name: mac-x86-64 + # os: macos-latest + # target: x86_64-apple-darwin + # cross: false + # experimental: false + + # - name: mac-arm64 + # os: macos-11.0 + # target: aarch64-apple-darwin + # cross: true + # experimental: true + + name: Binaries for ${{ matrix.name }} + runs-on: ${{ matrix.os }} + continue-on-error: ${{ matrix.experimental }} + + steps: + - uses: actions/checkout@v4 + - uses: actions/cache@v3 + with: + path: ~/.cargo/registry + key: ${{ runner.os }}-cargo-registry-${{ hashFiles('Cargo.lock') }} + + - uses: actions/cache@v3 + if: startsWith(matrix.name, 'linux-') + with: + path: ~/.cargo/bin + key: ${{ runner.os }}-cargo-bin-${{ hashFiles('.github/workflows/release.yml') }} + + - uses: dtolnay/rust-toolchain@stable + with: + targets: ${{ matrix.target }} + + - uses: taiki-e/setup-cross-toolchain-action@v1 + with: + # NB: sets CARGO_BUILD_TARGET evar - do not need --target flag in build + target: ${{ matrix.target }} + + - uses: taiki-e/install-action@cross + if: ${{ matrix.cross }} + + - run: cargo build --release --locked From c9a1f79786446c70c8f6af0f417982f2a711a0f2 Mon Sep 17 00:00:00 2001 From: Bart van der Braak Date: Mon, 6 Nov 2023 22:43:35 +0100 Subject: [PATCH 02/11] feat: add targets for mac and linux --- .github/workflows/deploy.yml | 158 ++++++++++++++--------------- .github/workflows/target-tests.yml | 60 +++++------ 2 files changed, 109 insertions(+), 109 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index f64420b..eb5b802 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -11,18 +11,18 @@ jobs: strategy: matrix: name: - # - linux-x86-64-gnu + - linux-x86-64-gnu # - linux-x86-64-musl # - linux-armhf-gnu # - linux-arm64-gnu - - mac-x86-64 - - mac-arm64 + # - mac-x86-64 + # - mac-arm64 include: - # - name: linux-x86-64-gnu - # os: ubuntu-20.04 - # target: x86_64-unknown-linux-gnu - # cross: false - # experimental: false + - name: linux-x86-64-gnu + os: ubuntu-20.04 + target: x86_64-unknown-linux-gnu + cross: false + experimental: false # - name: linux-x86-64-musl # os: ubuntu-latest @@ -42,17 +42,17 @@ jobs: # cross: true # experimental: false - - name: mac-x86-64 - os: macos-latest - target: x86_64-apple-darwin - cross: false - experimental: false + # - name: mac-x86-64 + # os: macos-latest + # target: x86_64-apple-darwin + # cross: false + # experimental: false - - name: mac-arm64 - os: macos-11.0 - target: aarch64-apple-darwin - cross: true - experimental: true + # - name: mac-arm64 + # os: macos-11.0 + # target: aarch64-apple-darwin + # cross: true + # experimental: true name: Binaries for ${{ matrix.name }} runs-on: ${{ matrix.os }} @@ -85,76 +85,76 @@ jobs: - run: cargo build --release --locked - - name: Extract version - shell: bash - run: | - set -euxo pipefail + # - name: Extract version + # shell: bash + # run: | + # set -euxo pipefail - version=$(grep -m1 -F 'version =' Cargo.toml | cut -d\" -f2) + # version=$(grep -m1 -F 'version =' Cargo.toml | cut -d\" -f2) - if [[ -z "$version" ]]; then - echo "Error: no version :(" - exit 1 - fi + # if [[ -z "$version" ]]; then + # echo "Error: no version :(" + # exit 1 + # fi - echo "$version" > VERSION + # echo "$version" > VERSION - - name: Package - shell: bash - run: | - set -euxo pipefail - ext="" - [[ "${{ matrix.name }}" == windows-* ]] && ext=".exe" - bin="target/${{ matrix.target }}/release/keyweave${ext}" - strip "$bin" || true - dst="keyweave-${{ matrix.target }}" - mkdir "$dst" - cp "$bin" "$dst/" + # - name: Package + # shell: bash + # run: | + # set -euxo pipefail + # ext="" + # [[ "${{ matrix.name }}" == windows-* ]] && ext=".exe" + # bin="target/${{ matrix.target }}/release/keyweave${ext}" + # strip "$bin" || true + # dst="keyweave-${{ matrix.target }}" + # mkdir "$dst" + # cp "$bin" "$dst/" - - name: Archive (tar) - if: '! startsWith(matrix.name, ''windows-'')' - shell: bash - run: | - set -euxo pipefail - dst="keyweave-${{ matrix.target }}" - tar cavf "$dst.tar.xz" "$dst" + # - name: Archive (tar) + # if: '! startsWith(matrix.name, ''windows-'')' + # shell: bash + # run: | + # set -euxo pipefail + # dst="keyweave-${{ matrix.target }}" + # tar cavf "$dst.tar.xz" "$dst" - - uses: actions/upload-artifact@v3 - with: - name: builds - retention-days: 1 - path: | - keyweave-*.tar.xz + # - uses: actions/upload-artifact@v3 + # with: + # name: builds + # retention-days: 1 + # path: | + # keyweave-*.tar.xz - sign: - needs: build + # sign: + # needs: build - name: Checksum and sign - runs-on: ubuntu-latest - permissions: - id-token: write - contents: write + # name: Checksum and sign + # runs-on: ubuntu-latest + # permissions: + # id-token: write + # contents: write - steps: - - uses: actions/checkout@v4 - - uses: actions/cache@v3 - with: - path: ~/.cargo/bin - key: sign-tools-${{ hashFiles('.github/workflows/release.yml') }} + # steps: + # - uses: actions/checkout@v4 + # - uses: actions/cache@v3 + # with: + # path: ~/.cargo/bin + # key: sign-tools-${{ hashFiles('.github/workflows/release.yml') }} - - uses: actions/download-artifact@v3 - with: - name: builds + # - uses: actions/download-artifact@v3 + # with: + # name: builds - - name: Checksums with SHA512 - run: sha512sum keyweave-* | tee SHA512SUMS + # - name: Checksums with SHA512 + # run: sha512sum keyweave-* | tee SHA512SUMS - - uses: softprops/action-gh-release@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - generate_release_notes: true - fail_on_unmatched_files: true - files: | - keyweave-*.tar.xz - *SUMS* \ No newline at end of file + # - uses: softprops/action-gh-release@v1 + # env: + # GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + # with: + # generate_release_notes: true + # fail_on_unmatched_files: true + # files: | + # keyweave-*.tar.xz + # *SUMS* \ No newline at end of file diff --git a/.github/workflows/target-tests.yml b/.github/workflows/target-tests.yml index 2aeebe1..1d61dae 100644 --- a/.github/workflows/target-tests.yml +++ b/.github/workflows/target-tests.yml @@ -16,11 +16,11 @@ jobs: matrix: name: - linux-x86-64-gnu - # - linux-x86-64-musl - # - linux-armhf-gnu - # - linux-arm64-gnu - # - mac-x86-64 - # - mac-arm64 + - linux-x86-64-musl + - linux-armhf-gnu + - linux-arm64-gnu + - mac-x86-64 + - mac-arm64 include: - name: linux-x86-64-gnu os: ubuntu-20.04 @@ -28,35 +28,35 @@ jobs: cross: false experimental: false - # - name: linux-x86-64-musl - # os: ubuntu-latest - # target: x86_64-unknown-linux-musl - # cross: true - # experimental: false + - name: linux-x86-64-musl + os: ubuntu-latest + target: x86_64-unknown-linux-musl + cross: true + experimental: false - # - name: linux-armhf-gnu - # os: ubuntu-20.04 - # target: armv7-unknown-linux-gnueabihf - # cross: true - # experimental: false + - name: linux-armhf-gnu + os: ubuntu-20.04 + target: armv7-unknown-linux-gnueabihf + cross: true + experimental: false - # - name: linux-arm64-gnu - # os: ubuntu-20.04 - # target: aarch64-unknown-linux-gnu - # cross: true - # experimental: false + - name: linux-arm64-gnu + os: ubuntu-20.04 + target: aarch64-unknown-linux-gnu + cross: true + experimental: false - # - name: mac-x86-64 - # os: macos-latest - # target: x86_64-apple-darwin - # cross: false - # experimental: false + - name: mac-x86-64 + os: macos-latest + target: x86_64-apple-darwin + cross: false + experimental: false - # - name: mac-arm64 - # os: macos-11.0 - # target: aarch64-apple-darwin - # cross: true - # experimental: true + - name: mac-arm64 + os: macos-11.0 + target: aarch64-apple-darwin + cross: true + experimental: true name: Binaries for ${{ matrix.name }} runs-on: ${{ matrix.os }} From 97f6ac6da94de2c4453eabd1b07c99fd8d85873d Mon Sep 17 00:00:00 2001 From: Bart van der Braak Date: Mon, 6 Nov 2023 22:47:18 +0100 Subject: [PATCH 03/11] feat: add windows, disable musl --- .github/workflows/target-tests.yml | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) diff --git a/.github/workflows/target-tests.yml b/.github/workflows/target-tests.yml index 1d61dae..b65308e 100644 --- a/.github/workflows/target-tests.yml +++ b/.github/workflows/target-tests.yml @@ -16,11 +16,12 @@ jobs: matrix: name: - linux-x86-64-gnu - - linux-x86-64-musl + # - linux-x86-64-musl - linux-armhf-gnu - linux-arm64-gnu - mac-x86-64 - mac-arm64 + - windows-gnu include: - name: linux-x86-64-gnu os: ubuntu-20.04 @@ -28,11 +29,11 @@ jobs: cross: false experimental: false - - name: linux-x86-64-musl - os: ubuntu-latest - target: x86_64-unknown-linux-musl - cross: true - experimental: false + # - name: linux-x86-64-musl + # os: ubuntu-latest + # target: x86_64-unknown-linux-musl + # cross: true + # experimental: false - name: linux-armhf-gnu os: ubuntu-20.04 @@ -57,6 +58,12 @@ jobs: target: aarch64-apple-darwin cross: true experimental: true + + - name: windows-gnu + os: windows-latest + target: x86_64-pc-windows-gnu + cross: true + experimental: false name: Binaries for ${{ matrix.name }} runs-on: ${{ matrix.os }} From 01e89be603a50713c523e71dc012977eb3386a8b Mon Sep 17 00:00:00 2001 From: Bart van der Braak Date: Mon, 6 Nov 2023 23:08:08 +0100 Subject: [PATCH 04/11] feat: only run on supported oses --- .github/workflows/target-tests.yml | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/.github/workflows/target-tests.yml b/.github/workflows/target-tests.yml index b65308e..a1838ef 100644 --- a/.github/workflows/target-tests.yml +++ b/.github/workflows/target-tests.yml @@ -17,8 +17,8 @@ jobs: name: - linux-x86-64-gnu # - linux-x86-64-musl - - linux-armhf-gnu - - linux-arm64-gnu + # - linux-armhf-gnu + # - linux-arm64-gnu - mac-x86-64 - mac-arm64 - windows-gnu @@ -35,17 +35,17 @@ jobs: # cross: true # experimental: false - - name: linux-armhf-gnu - os: ubuntu-20.04 - target: armv7-unknown-linux-gnueabihf - cross: true - experimental: false + # - name: linux-armhf-gnu + # os: ubuntu-20.04 + # target: armv7-unknown-linux-gnueabihf + # cross: true + # experimental: false - - name: linux-arm64-gnu - os: ubuntu-20.04 - target: aarch64-unknown-linux-gnu - cross: true - experimental: false + # - name: linux-arm64-gnu + # os: ubuntu-20.04 + # target: aarch64-unknown-linux-gnu + # cross: true + # experimental: false - name: mac-x86-64 os: macos-latest From e4582b5bfb74068b9f68531f797ec0926d5d6eae Mon Sep 17 00:00:00 2001 From: Bart van der Braak Date: Tue, 7 Nov 2023 10:09:20 +0100 Subject: [PATCH 05/11] fix: use only pr trigger --- .github/workflows/target-tests.yml | 3 --- 1 file changed, 3 deletions(-) diff --git a/.github/workflows/target-tests.yml b/.github/workflows/target-tests.yml index a1838ef..85d8815 100644 --- a/.github/workflows/target-tests.yml +++ b/.github/workflows/target-tests.yml @@ -1,9 +1,6 @@ name: Release on: - push: - branches: - - "feat/additional-build-targets" pull_request: branches: - "main" From dd0ff4399713bc76105772ed9d59c0bfef56a300 Mon Sep 17 00:00:00 2001 From: Bart van der Braak Date: Tue, 7 Nov 2023 12:00:11 +0100 Subject: [PATCH 06/11] fix: use azure_core with enable_reqwest_rustls --- .github/workflows/target-tests.yml | 36 ++++----- Cargo.lock | 115 +++++++++++++++++++++++++++-- Cargo.toml | 1 + 3 files changed, 128 insertions(+), 24 deletions(-) diff --git a/.github/workflows/target-tests.yml b/.github/workflows/target-tests.yml index 85d8815..c578a2d 100644 --- a/.github/workflows/target-tests.yml +++ b/.github/workflows/target-tests.yml @@ -13,9 +13,9 @@ jobs: matrix: name: - linux-x86-64-gnu - # - linux-x86-64-musl - # - linux-armhf-gnu - # - linux-arm64-gnu + - linux-x86-64-musl + - linux-armhf-gnu + - linux-arm64-gnu - mac-x86-64 - mac-arm64 - windows-gnu @@ -26,23 +26,23 @@ jobs: cross: false experimental: false - # - name: linux-x86-64-musl - # os: ubuntu-latest - # target: x86_64-unknown-linux-musl - # cross: true - # experimental: false + - name: linux-x86-64-musl + os: ubuntu-latest + target: x86_64-unknown-linux-musl + cross: true + experimental: false - # - name: linux-armhf-gnu - # os: ubuntu-20.04 - # target: armv7-unknown-linux-gnueabihf - # cross: true - # experimental: false + - name: linux-armhf-gnu + os: ubuntu-20.04 + target: armv7-unknown-linux-gnueabihf + cross: true + experimental: false - # - name: linux-arm64-gnu - # os: ubuntu-20.04 - # target: aarch64-unknown-linux-gnu - # cross: true - # experimental: false + - name: linux-arm64-gnu + os: ubuntu-20.04 + target: aarch64-unknown-linux-gnu + cross: true + experimental: false - name: mac-x86-64 os: macos-latest diff --git a/Cargo.lock b/Cargo.lock index 3227348..474a6d4 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -758,6 +758,20 @@ dependencies = [ "want", ] +[[package]] +name = "hyper-rustls" +version = "0.24.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ec3efd23720e2049821a693cbc7e65ea87c72f1c58ff2f9522ff332b1491e590" +dependencies = [ + "futures-util", + "http", + "hyper", + "rustls", + "tokio", + "tokio-rustls", +] + [[package]] name = "hyper-tls" version = "0.5.0" @@ -854,6 +868,7 @@ dependencies = [ name = "keyweave" version = "0.1.0" dependencies = [ + "azure_core", "azure_identity", "azure_security_keyvault", "clap", @@ -1255,6 +1270,7 @@ dependencies = [ "http", "http-body", "hyper", + "hyper-rustls", "hyper-tls", "ipnet", "js-sys", @@ -1264,12 +1280,15 @@ dependencies = [ "once_cell", "percent-encoding", "pin-project-lite", + "rustls", + "rustls-pemfile", "serde", "serde_json", "serde_urlencoded", "system-configuration", "tokio", "tokio-native-tls", + "tokio-rustls", "tokio-util", "tower-service", "url", @@ -1277,9 +1296,24 @@ dependencies = [ "wasm-bindgen-futures", "wasm-streams", "web-sys", + "webpki-roots", "winreg", ] +[[package]] +name = "ring" +version = "0.17.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fb0205304757e5d899b9c2e448b867ffd03ae7f988002e47cd24954391394d0b" +dependencies = [ + "cc", + "getrandom 0.2.10", + "libc", + "spin", + "untrusted", + "windows-sys", +] + [[package]] name = "rustc-demangle" version = "0.1.23" @@ -1308,6 +1342,37 @@ dependencies = [ "windows-sys", ] +[[package]] +name = "rustls" +version = "0.21.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "446e14c5cda4f3f30fe71863c34ec70f5ac79d6087097ad0bb433e1be5edf04c" +dependencies = [ + "log", + "ring", + "rustls-webpki", + "sct", +] + +[[package]] +name = "rustls-pemfile" +version = "1.0.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2d3987094b1d07b653b7dfdc3f70ce9a1da9c51ac18c1b06b662e4f9a0e9f4b2" +dependencies = [ + "base64 0.21.5", +] + +[[package]] +name = "rustls-webpki" +version = "0.101.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8b6275d1ee7a1cd780b64aca7726599a1dbc893b1e64144529e55c3c2f745765" +dependencies = [ + "ring", + "untrusted", +] + [[package]] name = "ryu" version = "1.0.15" @@ -1329,6 +1394,16 @@ version = "1.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "94143f37725109f92c262ed2cf5e59bce7498c01bcc1502d7b9afe439a4e9f49" +[[package]] +name = "sct" +version = "0.7.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "da046153aa2352493d6cb7da4b6e5c0c057d8a1d0a9aa8560baffdd945acd414" +dependencies = [ + "ring", + "untrusted", +] + [[package]] name = "security-framework" version = "2.9.2" @@ -1360,18 +1435,18 @@ checksum = "836fa6a3e1e547f9a2c4040802ec865b5d85f4014efe00555d7090a3dcaa1090" [[package]] name = "serde" -version = "1.0.190" +version = "1.0.192" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "91d3c334ca1ee894a2c6f6ad698fe8c435b76d504b13d436f0685d648d6d96f7" +checksum = "bca2a08484b285dcb282d0f67b26cadc0df8b19f8c12502c13d966bf9482f001" dependencies = [ "serde_derive", ] [[package]] name = "serde_derive" -version = "1.0.190" +version = "1.0.192" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "67c5609f394e5c2bd7fc51efda478004ea80ef42fee983d5c67a65e34f32c0e3" +checksum = "d6c7207fbec9faa48073f3e3074cbe553af6ea512d7c21ba46e434e70ea9fbc1" dependencies = [ "proc-macro2", "quote", @@ -1477,6 +1552,12 @@ dependencies = [ "windows-sys", ] +[[package]] +name = "spin" +version = "0.9.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6980e8d7511241f8acf4aebddbb1ff938df5eebe98691418c4468d0b72a96a67" + [[package]] name = "strsim" version = "0.10.0" @@ -1485,9 +1566,9 @@ checksum = "73473c0e59e6d5812c5dfe2a064a6444949f089e20eec9a2e5506596494e4623" [[package]] name = "syn" -version = "2.0.38" +version = "2.0.39" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e96b79aaa137db8f61e26363a0c9b47d8b4ec75da28b7d1d614c2303e232408b" +checksum = "23e78b90f2fcf45d3e842032ce32e3f2d1545ba6636271dcbf24fa306d87be7a" dependencies = [ "proc-macro2", "quote", @@ -1635,6 +1716,16 @@ dependencies = [ "tokio", ] +[[package]] +name = "tokio-rustls" +version = "0.24.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c28327cf380ac148141087fbfb9de9d7bd4e84ab5d2c28fbc911d753de8a7081" +dependencies = [ + "rustls", + "tokio", +] + [[package]] name = "tokio-util" version = "0.7.10" @@ -1716,6 +1807,12 @@ dependencies = [ "tinyvec", ] +[[package]] +name = "untrusted" +version = "0.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8ecb6da28b8a351d773b68d5825ac39017e680750f980f3a1a85cd8dd28a47c1" + [[package]] name = "url" version = "2.4.1" @@ -1871,6 +1968,12 @@ dependencies = [ "wasm-bindgen", ] +[[package]] +name = "webpki-roots" +version = "0.25.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "14247bb57be4f377dfb94c72830b8ce8fc6beac03cf4bf7b9732eadd414123fc" + [[package]] name = "winapi" version = "0.3.9" diff --git a/Cargo.toml b/Cargo.toml index 3dcb703..29031c0 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -6,6 +6,7 @@ edition = "2021" [dependencies] azure_identity = "0.17.0" azure_security_keyvault = "0.17.0" +azure_core = { version = "0.17.0", features = ["enable_reqwest_rustls"] } clap = { version = "4.4.7", features = ["derive"] } futures = "0.3.29" tokio = {version = "1.33.0", features = ["full"]} From bb7fe255af9f473b942b0ad4f4256f21397f2f65 Mon Sep 17 00:00:00 2001 From: Bart van der Braak Date: Tue, 7 Nov 2023 12:01:51 +0100 Subject: [PATCH 07/11] fix: add push trigger --- .github/workflows/target-tests.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/target-tests.yml b/.github/workflows/target-tests.yml index c578a2d..16b251d 100644 --- a/.github/workflows/target-tests.yml +++ b/.github/workflows/target-tests.yml @@ -1,6 +1,9 @@ name: Release on: + push: + branches: + - "feat/additional-build-targets" pull_request: branches: - "main" From 29b61a2e72b654b52b4ed7ca4fee37012796564d Mon Sep 17 00:00:00 2001 From: Bart van der Braak Date: Tue, 7 Nov 2023 12:49:57 +0100 Subject: [PATCH 08/11] fix: use vendored openssl --- .github/workflows/target-tests.yml | 3 + Cargo.lock | 114 +++-------------------------- Cargo.toml | 4 +- 3 files changed, 16 insertions(+), 105 deletions(-) diff --git a/.github/workflows/target-tests.yml b/.github/workflows/target-tests.yml index 16b251d..14bd3ac 100644 --- a/.github/workflows/target-tests.yml +++ b/.github/workflows/target-tests.yml @@ -94,4 +94,7 @@ jobs: - uses: taiki-e/install-action@cross if: ${{ matrix.cross }} + - run: sudo apt-get install pkg-config libssl-dev + if: startsWith(matrix.name, 'linux-') + - run: cargo build --release --locked diff --git a/Cargo.lock b/Cargo.lock index 474a6d4..827919c 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -758,20 +758,6 @@ dependencies = [ "want", ] -[[package]] -name = "hyper-rustls" -version = "0.24.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ec3efd23720e2049821a693cbc7e65ea87c72f1c58ff2f9522ff332b1491e590" -dependencies = [ - "futures-util", - "http", - "hyper", - "rustls", - "tokio", - "tokio-rustls", -] - [[package]] name = "hyper-tls" version = "0.5.0" @@ -868,11 +854,11 @@ dependencies = [ name = "keyweave" version = "0.1.0" dependencies = [ - "azure_core", "azure_identity", "azure_security_keyvault", "clap", "futures", + "openssl", "tokio", ] @@ -1054,6 +1040,15 @@ version = "0.1.5" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ff011a302c396a5197692431fc1948019154afc178baf7d8e37367442a4601cf" +[[package]] +name = "openssl-src" +version = "300.1.6+3.1.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "439fac53e092cd7442a3660c85dde4643ab3b5bd39040912388dcdabf6b88085" +dependencies = [ + "cc", +] + [[package]] name = "openssl-sys" version = "0.9.95" @@ -1062,6 +1057,7 @@ checksum = "40a4130519a360279579c2053038317e40eff64d13fd3f004f9e1b72b8a6aaf9" dependencies = [ "cc", "libc", + "openssl-src", "pkg-config", "vcpkg", ] @@ -1270,7 +1266,6 @@ dependencies = [ "http", "http-body", "hyper", - "hyper-rustls", "hyper-tls", "ipnet", "js-sys", @@ -1280,15 +1275,12 @@ dependencies = [ "once_cell", "percent-encoding", "pin-project-lite", - "rustls", - "rustls-pemfile", "serde", "serde_json", "serde_urlencoded", "system-configuration", "tokio", "tokio-native-tls", - "tokio-rustls", "tokio-util", "tower-service", "url", @@ -1296,24 +1288,9 @@ dependencies = [ "wasm-bindgen-futures", "wasm-streams", "web-sys", - "webpki-roots", "winreg", ] -[[package]] -name = "ring" -version = "0.17.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fb0205304757e5d899b9c2e448b867ffd03ae7f988002e47cd24954391394d0b" -dependencies = [ - "cc", - "getrandom 0.2.10", - "libc", - "spin", - "untrusted", - "windows-sys", -] - [[package]] name = "rustc-demangle" version = "0.1.23" @@ -1342,37 +1319,6 @@ dependencies = [ "windows-sys", ] -[[package]] -name = "rustls" -version = "0.21.8" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "446e14c5cda4f3f30fe71863c34ec70f5ac79d6087097ad0bb433e1be5edf04c" -dependencies = [ - "log", - "ring", - "rustls-webpki", - "sct", -] - -[[package]] -name = "rustls-pemfile" -version = "1.0.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2d3987094b1d07b653b7dfdc3f70ce9a1da9c51ac18c1b06b662e4f9a0e9f4b2" -dependencies = [ - "base64 0.21.5", -] - -[[package]] -name = "rustls-webpki" -version = "0.101.7" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8b6275d1ee7a1cd780b64aca7726599a1dbc893b1e64144529e55c3c2f745765" -dependencies = [ - "ring", - "untrusted", -] - [[package]] name = "ryu" version = "1.0.15" @@ -1394,16 +1340,6 @@ version = "1.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "94143f37725109f92c262ed2cf5e59bce7498c01bcc1502d7b9afe439a4e9f49" -[[package]] -name = "sct" -version = "0.7.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "da046153aa2352493d6cb7da4b6e5c0c057d8a1d0a9aa8560baffdd945acd414" -dependencies = [ - "ring", - "untrusted", -] - [[package]] name = "security-framework" version = "2.9.2" @@ -1552,12 +1488,6 @@ dependencies = [ "windows-sys", ] -[[package]] -name = "spin" -version = "0.9.8" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6980e8d7511241f8acf4aebddbb1ff938df5eebe98691418c4468d0b72a96a67" - [[package]] name = "strsim" version = "0.10.0" @@ -1716,16 +1646,6 @@ dependencies = [ "tokio", ] -[[package]] -name = "tokio-rustls" -version = "0.24.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c28327cf380ac148141087fbfb9de9d7bd4e84ab5d2c28fbc911d753de8a7081" -dependencies = [ - "rustls", - "tokio", -] - [[package]] name = "tokio-util" version = "0.7.10" @@ -1807,12 +1727,6 @@ dependencies = [ "tinyvec", ] -[[package]] -name = "untrusted" -version = "0.9.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8ecb6da28b8a351d773b68d5825ac39017e680750f980f3a1a85cd8dd28a47c1" - [[package]] name = "url" version = "2.4.1" @@ -1968,12 +1882,6 @@ dependencies = [ "wasm-bindgen", ] -[[package]] -name = "webpki-roots" -version = "0.25.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "14247bb57be4f377dfb94c72830b8ce8fc6beac03cf4bf7b9732eadd414123fc" - [[package]] name = "winapi" version = "0.3.9" diff --git a/Cargo.toml b/Cargo.toml index 29031c0..3983ea5 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -6,7 +6,7 @@ edition = "2021" [dependencies] azure_identity = "0.17.0" azure_security_keyvault = "0.17.0" -azure_core = { version = "0.17.0", features = ["enable_reqwest_rustls"] } +openssl = { version = "0.10", features = ["vendored"] } clap = { version = "4.4.7", features = ["derive"] } futures = "0.3.29" -tokio = {version = "1.33.0", features = ["full"]} +tokio = {version = "1.33.0", features = ["full"]} \ No newline at end of file From 5c4f255c0a5dcf1ed3106d794b99b19e526ea7e8 Mon Sep 17 00:00:00 2001 From: Bart van der Braak Date: Tue, 7 Nov 2023 13:24:46 +0100 Subject: [PATCH 09/11] fix: use vendored openssl for unix only --- Cargo.toml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/Cargo.toml b/Cargo.toml index 3983ea5..63cb659 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -6,7 +6,9 @@ edition = "2021" [dependencies] azure_identity = "0.17.0" azure_security_keyvault = "0.17.0" -openssl = { version = "0.10", features = ["vendored"] } clap = { version = "4.4.7", features = ["derive"] } futures = "0.3.29" -tokio = {version = "1.33.0", features = ["full"]} \ No newline at end of file +tokio = {version = "1.33.0", features = ["full"]} + +[target.'cfg(unix)'.dependencies] +openssl = { version = "0.10", features = ["vendored"] } \ No newline at end of file From 838a01abedd027827ebd1083469a0237bfccdebc Mon Sep 17 00:00:00 2001 From: Bart van der Braak Date: Tue, 7 Nov 2023 13:40:40 +0100 Subject: [PATCH 10/11] fix: vendored openssl linux musl, arm or aarch64 --- Cargo.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Cargo.toml b/Cargo.toml index 63cb659..fe44a93 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -10,5 +10,5 @@ clap = { version = "4.4.7", features = ["derive"] } futures = "0.3.29" tokio = {version = "1.33.0", features = ["full"]} -[target.'cfg(unix)'.dependencies] +[target.'cfg(all(target_os = "linux", any(target_env = "musl", target_arch = "arm", target_arch = "aarch64")))'.dependencies] openssl = { version = "0.10", features = ["vendored"] } \ No newline at end of file From f0b3199baa805b17ee00e61ee8025e8b286a2e61 Mon Sep 17 00:00:00 2001 From: Bart van der Braak Date: Tue, 7 Nov 2023 14:05:31 +0100 Subject: [PATCH 11/11] feat: add targets for linux arm/aarch64 aand musl --- .github/workflows/deploy.yml | 160 ------------------ .../{target-tests.yml => release.yml} | 89 ++++++++-- 2 files changed, 79 insertions(+), 170 deletions(-) delete mode 100644 .github/workflows/deploy.yml rename .github/workflows/{target-tests.yml => release.yml} (54%) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml deleted file mode 100644 index eb5b802..0000000 --- a/.github/workflows/deploy.yml +++ /dev/null @@ -1,160 +0,0 @@ -name: Release - -on: - workflow_dispatch: - push: - tags: - - 'v[0-9]+.[0-9]+.[0-9]+' - -jobs: - build: - strategy: - matrix: - name: - - linux-x86-64-gnu - # - linux-x86-64-musl - # - linux-armhf-gnu - # - linux-arm64-gnu - # - mac-x86-64 - # - mac-arm64 - include: - - name: linux-x86-64-gnu - os: ubuntu-20.04 - target: x86_64-unknown-linux-gnu - cross: false - experimental: false - - # - name: linux-x86-64-musl - # os: ubuntu-latest - # target: x86_64-unknown-linux-musl - # cross: true - # experimental: false - - # - name: linux-armhf-gnu - # os: ubuntu-20.04 - # target: armv7-unknown-linux-gnueabihf - # cross: true - # experimental: false - - # - name: linux-arm64-gnu - # os: ubuntu-20.04 - # target: aarch64-unknown-linux-gnu - # cross: true - # experimental: false - - # - name: mac-x86-64 - # os: macos-latest - # target: x86_64-apple-darwin - # cross: false - # experimental: false - - # - name: mac-arm64 - # os: macos-11.0 - # target: aarch64-apple-darwin - # cross: true - # experimental: true - - name: Binaries for ${{ matrix.name }} - runs-on: ${{ matrix.os }} - continue-on-error: ${{ matrix.experimental }} - - steps: - - uses: actions/checkout@v4 - - uses: actions/cache@v3 - with: - path: ~/.cargo/registry - key: ${{ runner.os }}-cargo-registry-${{ hashFiles('Cargo.lock') }} - - - uses: actions/cache@v3 - if: startsWith(matrix.name, 'linux-') - with: - path: ~/.cargo/bin - key: ${{ runner.os }}-cargo-bin-${{ hashFiles('.github/workflows/release.yml') }} - - - uses: dtolnay/rust-toolchain@stable - with: - targets: ${{ matrix.target }} - - - uses: taiki-e/setup-cross-toolchain-action@v1 - with: - # NB: sets CARGO_BUILD_TARGET evar - do not need --target flag in build - target: ${{ matrix.target }} - - - uses: taiki-e/install-action@cross - if: ${{ matrix.cross }} - - - run: cargo build --release --locked - - # - name: Extract version - # shell: bash - # run: | - # set -euxo pipefail - - # version=$(grep -m1 -F 'version =' Cargo.toml | cut -d\" -f2) - - # if [[ -z "$version" ]]; then - # echo "Error: no version :(" - # exit 1 - # fi - - # echo "$version" > VERSION - - # - name: Package - # shell: bash - # run: | - # set -euxo pipefail - # ext="" - # [[ "${{ matrix.name }}" == windows-* ]] && ext=".exe" - # bin="target/${{ matrix.target }}/release/keyweave${ext}" - # strip "$bin" || true - # dst="keyweave-${{ matrix.target }}" - # mkdir "$dst" - # cp "$bin" "$dst/" - - # - name: Archive (tar) - # if: '! startsWith(matrix.name, ''windows-'')' - # shell: bash - # run: | - # set -euxo pipefail - # dst="keyweave-${{ matrix.target }}" - # tar cavf "$dst.tar.xz" "$dst" - - # - uses: actions/upload-artifact@v3 - # with: - # name: builds - # retention-days: 1 - # path: | - # keyweave-*.tar.xz - - # sign: - # needs: build - - # name: Checksum and sign - # runs-on: ubuntu-latest - # permissions: - # id-token: write - # contents: write - - # steps: - # - uses: actions/checkout@v4 - # - uses: actions/cache@v3 - # with: - # path: ~/.cargo/bin - # key: sign-tools-${{ hashFiles('.github/workflows/release.yml') }} - - # - uses: actions/download-artifact@v3 - # with: - # name: builds - - # - name: Checksums with SHA512 - # run: sha512sum keyweave-* | tee SHA512SUMS - - # - uses: softprops/action-gh-release@v1 - # env: - # GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - # with: - # generate_release_notes: true - # fail_on_unmatched_files: true - # files: | - # keyweave-*.tar.xz - # *SUMS* \ No newline at end of file diff --git a/.github/workflows/target-tests.yml b/.github/workflows/release.yml similarity index 54% rename from .github/workflows/target-tests.yml rename to .github/workflows/release.yml index 14bd3ac..f72540d 100644 --- a/.github/workflows/target-tests.yml +++ b/.github/workflows/release.yml @@ -1,14 +1,10 @@ name: Release on: + workflow_dispatch: push: - branches: - - "feat/additional-build-targets" - pull_request: - branches: - - "main" - paths: - - ".github/workflows/target-tests.yml" + tags: + - 'v[0-9]+.[0-9]+.[0-9]+' jobs: build: @@ -94,7 +90,80 @@ jobs: - uses: taiki-e/install-action@cross if: ${{ matrix.cross }} - - run: sudo apt-get install pkg-config libssl-dev - if: startsWith(matrix.name, 'linux-') - - run: cargo build --release --locked + + - name: Extract version + shell: bash + run: | + set -euxo pipefail + + version=$(grep -m1 -F 'version =' Cargo.toml | cut -d\" -f2) + + if [[ -z "$version" ]]; then + echo "Error: no version :(" + exit 1 + fi + + echo "$version" > VERSION + + - name: Package + shell: bash + run: | + set -euxo pipefail + ext="" + [[ "${{ matrix.name }}" == windows-* ]] && ext=".exe" + bin="target/${{ matrix.target }}/release/keyweave${ext}" + strip "$bin" || true + dst="keyweave-${{ matrix.target }}" + mkdir "$dst" + cp "$bin" "$dst/" + + - name: Archive (tar) + if: '! startsWith(matrix.name, ''windows-'')' + shell: bash + run: | + set -euxo pipefail + dst="keyweave-${{ matrix.target }}" + tar cavf "$dst.tar.xz" "$dst" + + - uses: actions/upload-artifact@v3 + with: + name: builds + retention-days: 1 + path: | + keyweave-*.tar.xz + keyweave-x86_64-pc-windows-gnu/keyweave.exe + + sign: + needs: build + + name: Checksum and sign + runs-on: ubuntu-latest + permissions: + id-token: write + contents: write + + steps: + - uses: actions/checkout@v4 + - uses: actions/cache@v3 + with: + path: ~/.cargo/bin + key: sign-tools-${{ hashFiles('.github/workflows/release.yml') }} + + - uses: actions/download-artifact@v3 + with: + name: builds + + - name: Checksums with SHA512 + run: sha512sum keyweave-* | tee SHA512SUMS + + - uses: softprops/action-gh-release@v1 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + generate_release_notes: true + fail_on_unmatched_files: true + files: | + keyweave-*.tar.xz + keyweave-*/keyweave.exe + *SUMS* \ No newline at end of file