Skip to content

Commit

Permalink
ci: build binary artifacts for pushes/PRs
Browse files Browse the repository at this point in the history
* Windows (x86_64 MSVC)
* Linux (x86_64 GNU glibc)
* Apple (MacOS 14 ARM64 and MacOS 13 x86_64)

Binary artifacts are built in release mode using stable rust, with the
default crypto provider (aws-lc-rs) and cert compression enabled.

For FIPS, no cert-compression, the ring crypto provider, or other
customization you will need to build from source.

Users of the `.pc` files will need to override the `prefix` to wherever
they extract the archive.
  • Loading branch information
cpu committed Dec 22, 2024
1 parent f0197a4 commit ac86835
Showing 1 changed file with 129 additions and 0 deletions.
129 changes: 129 additions & 0 deletions .github/workflows/artifacts.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,129 @@
name: binary artifacts

permissions:
contents: read

on:
push:
pull_request:

jobs:
windows-binaries:
runs-on: windows-2022 # x86_64
steps:
- uses: actions/checkout@v4
with:
persist-credentials: false

- name: Install stable Rust
uses: dtolnay/rust-toolchain@stable

- name: Install cargo-c
env:
LINK: https://github.com/lu-zero/cargo-c/releases/latest/download
CARGO_C_FILE: cargo-c-windows-msvc.zip
run: |
curl -L "$env:LINK/$env:CARGO_C_FILE" -o cargo-c-windows-msvc.zip
powershell -Command "Expand-Archive -Path cargo-c-windows-msvc.zip -DestinationPath $env:USERPROFILE\\.cargo\\bin -Force"
- name: Build rusts-ffi
run: |
cargo cinstall --features cert_compression --release --prefix dist --target x86_64-pc-windows-msvc
- name: Upload binaries
uses: actions/upload-artifact@v4
with:
name: rustls-ffi-x86_64-windows
path: dist

linux-binaries:
runs-on: ubuntu-20.04 # x86_64. Using older Ubuntu for greater GLIBC compat.
steps:
- uses: actions/checkout@v4
with:
persist-credentials: false

- name: Install stable Rust
uses: dtolnay/rust-toolchain@stable

- name: Install cargo-c (Ubuntu)
env:
LINK: https://github.com/lu-zero/cargo-c/releases/latest/download
CARGO_C_FILE: cargo-c-x86_64-unknown-linux-musl.tar.gz
run: |
curl -L $LINK/$CARGO_C_FILE | tar xz -C ~/.cargo/bin
- name: Build rusts-ffi
# The Ubuntu 20.04 GCC is too old to build aws-lc.
# https://gcc.gnu.org/bugzilla/show_bug.cgi?id=95189.
env:
CC=clang
CXX=clang
run: |
cargo cinstall --locked --target x86_64-unknown-linux-gnu --features cert_compression --release --prefix dist
- name: Upload binaries
uses: actions/upload-artifact@v4
with:
name: rustls-ffi-x86_64-linux-gnu
path: dist

macos-binaries-arm64:
runs-on: macos-14 # arm64.
steps:
- uses: actions/checkout@v4
with:
persist-credentials: false

- name: Install stable Rust
uses: dtolnay/rust-toolchain@stable

- name: Install cargo-c (macOS)
env:
LINK: https://github.com/lu-zero/cargo-c/releases/latest/download
CARGO_C_FILE: cargo-c-macos.zip
run: |
curl -L $LINK/$CARGO_C_FILE -o cargo-c-macos.zip
unzip cargo-c-macos.zip -d ~/.cargo/bin
- name: Build rusts-ffi
run: |
cargo cinstall --features cert_compression --release --prefix dist
- name: Fix rpath
run: |
install_name_tool -id @rpath/librustls.dylib dist/lib/librustls.dylib
- name: Upload binaries
uses: actions/upload-artifact@v4
with:
name: rustls-ffi-arm64-macos
path: dist

macos-binaries-x86_64:
runs-on: macos-13 # x86_64.
steps:
- uses: actions/checkout@v4
with:
persist-credentials: false

- name: Install stable Rust
uses: dtolnay/rust-toolchain@stable

- name: Install cargo-c (macOS)
# This is slow, but upstream doesn't publish cargo-c binaries for x86_64 macos
run: cargo install cargo-c

- name: Build rusts-ffi
run: |
cargo cinstall --features cert_compression --release --prefix dist
- name: Fix rpath
run: |
install_name_tool -id @rpath/librustls.dylib dist/lib/librustls.dylib
- name: Upload binaries
uses: actions/upload-artifact@v4
with:
name: rustls-ffi-x86_64-macos
path: dist

0 comments on commit ac86835

Please sign in to comment.