From 0e350b7fa1e60336b96dd1847408990a80b47163 Mon Sep 17 00:00:00 2001 From: Nura Lawson-Adlparvar Date: Thu, 26 Jun 2025 19:34:22 -0700 Subject: [PATCH 01/12] update: bumping cargo edition to 2024 to fix build error and bumping release --- CHANGELOG.md | 5 ++++- Cargo.toml | 4 ++-- README.md | 8 ++++---- crates/rusty-hog-scanner/Cargo.toml | 4 ++-- crates/rusty-hog-scanner/src/lib.rs | 11 +++++++---- src/bin/ankamali_hog.rs | 18 +++++++++++++++--- src/bin/berkshire_hog.rs | 2 +- src/bin/berkshire_hog_lambda.rs | 4 ++-- src/bin/choctaw_hog.rs | 2 +- src/bin/duroc_hog.rs | 10 +++++----- src/bin/essex_hog.rs | 8 ++++---- src/bin/gottingen_hog.rs | 8 ++++---- src/bin/hante_hog.rs | 6 +++--- src/git_scanning.rs | 5 +++-- src/google_scanning.rs | 2 +- 15 files changed, 58 insertions(+), 39 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 1c4026c..828c7e2 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -37,4 +37,7 @@ ## 1.0.11 - The update from 1.0.10 caused a major bug where choctaw_hog was reporting 0 results. This was due to a change in the behavior of the Rust Git library. The change is fixed and tested on MacOS. -- Added the Slack hog - hante hog \ No newline at end of file +- Added the Slack hog - hante hog + +## 1.0.12 +- Updating Cargo edition from 2021 to 2024 \ No newline at end of file diff --git a/Cargo.toml b/Cargo.toml index 43eb08a..c252bab 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -5,9 +5,9 @@ members = [ [package] name = "rusty_hogs" -version = "1.0.11" +version = "1.0.12" authors = ["Scott Cutler "] -edition = "2021" +edition = "2024" description = "This project provides a set of scanners that will use regular expressions to try and detect the presence of sensitive information such as API keys, passwords, and personal information. It includes a set of regular expressions by default, but will also accept a JSON object containing your custom regular expressions." homepage = "https://github.com/newrelic/rusty-hog" keywords = ["secret", "scanner", "regex", "rusty", "hog"] diff --git a/README.md b/README.md index 2dece9b..56e890c 100644 --- a/README.md +++ b/README.md @@ -51,8 +51,8 @@ Download and unzip the [latest ZIP](https://github.com/newrelic/rusty-hog/releas on the releases tab. Then, run each binary with `-h` to see the usage. ```shell script -wget https://github.com/newrelic/rusty-hog/releases/download/v1.0.11/rustyhogs-darwin-choctaw_hog-1.0.11.zip -unzip rustyhogs-darwin-choctaw_hog-1.0.11.zip +wget https://github.com/newrelic/rusty-hog/releases/download/v1.0.12/rustyhogs-darwin-choctaw_hog-1.0.12.zip +unzip rustyhogs-darwin-choctaw_hog-1.0.12.zip darwin_releases/choctaw_hog -h ``` @@ -61,8 +61,8 @@ Rusty Hog Docker images can be found at the authors personal DockerHub page [her A Docker Image is built for each Hog and for each release. So to use choctaw_hog you would run the following commands: ```shell script -docker pull wetfeet2000/choctaw_hog:1.0.10 -docker run -it --rm wetfeet2000/choctaw_hog:1.0.10 --help +docker pull wetfeet2000/choctaw_hog:1.0.12 +docker run -it --rm wetfeet2000/choctaw_hog:1.0.12 --help ``` ## How to build diff --git a/crates/rusty-hog-scanner/Cargo.toml b/crates/rusty-hog-scanner/Cargo.toml index 964b533..7ab3f37 100644 --- a/crates/rusty-hog-scanner/Cargo.toml +++ b/crates/rusty-hog-scanner/Cargo.toml @@ -1,7 +1,7 @@ [package] name = "rusty_hog_scanner" -version = "0.1.0" -edition = "2021" +version = "0.1.1" +edition = "2024" [dependencies] serde = "1.0" diff --git a/crates/rusty-hog-scanner/src/lib.rs b/crates/rusty-hog-scanner/src/lib.rs index 450e9dd..f2c5aba 100644 --- a/crates/rusty-hog-scanner/src/lib.rs +++ b/crates/rusty-hog-scanner/src/lib.rs @@ -68,9 +68,9 @@ extern crate clap; use anyhow::Result; -use base64::{engine::general_purpose as Base64Engine, Engine as _}; +use base64::{Engine as _, engine::general_purpose as Base64Engine}; use clap::ArgMatches; -use log::{self, debug, error, info, LevelFilter}; +use log::{self, LevelFilter, debug, error, info}; use regex::bytes::{Match, Matches, Regex, RegexBuilder}; use serde::Serialize; use serde_derive::Deserialize; @@ -486,7 +486,10 @@ impl SecretScannerBuilder { let json_string: String = match json_string_result { Ok(s) => s, Err(e) => { - error!("Error reading allowlist JSON file, falling back to default allowlist rules: {:?}", e); + error!( + "Error reading allowlist JSON file, falling back to default allowlist rules: {:?}", + e + ); String::from(DEFAULT_ALLOWLIST_JSON) } }; @@ -557,7 +560,7 @@ impl SecretScannerBuilder { return Err(SimpleError::with( "Failed to parse the regex pattern from JSON", e, - )) + )); } }; Ok((x.0, v)) diff --git a/src/bin/ankamali_hog.rs b/src/bin/ankamali_hog.rs index 1716acf..1c64a62 100644 --- a/src/bin/ankamali_hog.rs +++ b/src/bin/ankamali_hog.rs @@ -41,7 +41,7 @@ use std::path::Path; #[tokio::main] async fn main() { let matches = Command::new("ankamali_hog") - .version("1.0.11") + .version("1.0.12") .author("Scott Cutler ") .about("Google Drive secret scanner in Rust.") .arg( @@ -152,8 +152,20 @@ async fn run(arg_matches: ArgMatches) -> Result<(), SimpleError> { let auth = drive3::oauth2::InstalledFlowAuthenticator::builder( secret, drive3::oauth2::InstalledFlowReturnMethod::HTTPRedirect, - ).build().await.unwrap(); - let mut hub = DriveHub::new(hyper::Client::builder().build(hyper_rustls::HttpsConnectorBuilder::new().with_native_roots().https_or_http().enable_http1().build()), auth); + ) + .build() + .await + .unwrap(); + let mut hub = DriveHub::new( + hyper::Client::builder().build( + hyper_rustls::HttpsConnectorBuilder::new() + .with_native_roots() + .https_or_http() + .enable_http1() + .build(), + ), + auth, + ); // get some initial info about the file let gdriveinfo = GDriveFileInfo::new(file_id, &hub).await.unwrap(); diff --git a/src/bin/berkshire_hog.rs b/src/bin/berkshire_hog.rs index 40bf138..a70a168 100644 --- a/src/bin/berkshire_hog.rs +++ b/src/bin/berkshire_hog.rs @@ -44,7 +44,7 @@ use std::collections::HashSet; /// Main entry function that uses the [clap crate](https://docs.rs/clap/2.33.0/clap/) fn main() { let matches = Command::new("berkshire_hog") - .version("1.0.11") + .version("1.0.12") .author("Scott Cutler ") .about("S3 secret hunter in Rust. Avoid bandwidth costs, run this within a VPC!") .arg(Arg::new("REGEX").long("regex").action(ArgAction::Set).help("Sets a custom regex JSON file")) diff --git a/src/bin/berkshire_hog_lambda.rs b/src/bin/berkshire_hog_lambda.rs index e8cfc50..85ddea2 100644 --- a/src/bin/berkshire_hog_lambda.rs +++ b/src/bin/berkshire_hog_lambda.rs @@ -16,8 +16,8 @@ extern crate s3; -use lambda_runtime::{handler_fn, Context, Error}; -use log::{self, warn, LevelFilter}; +use lambda_runtime::{Context, Error, handler_fn}; +use log::{self, LevelFilter, warn}; use rusty_hog_scanner::SecretScannerBuilder; use rusty_hogs::aws_scanning::{S3Finding, S3Scanner}; use s3::bucket::Bucket; diff --git a/src/bin/choctaw_hog.rs b/src/bin/choctaw_hog.rs index 65c15ba..39a0dd4 100644 --- a/src/bin/choctaw_hog.rs +++ b/src/bin/choctaw_hog.rs @@ -51,7 +51,7 @@ use rusty_hogs::git_scanning::GitScanner; /// Main entry function that uses the [clap crate](https://docs.rs/clap/2.33.0/clap/) fn main() { let matches = Command::new("choctaw_hog") - .version("1.0.11") + .version("1.0.12") .author("Scott Cutler ") .about("Git secret scanner in Rust") .arg(Arg::new("REGEX").short('r').long("regex").action(ArgAction::Set).value_name("REGEX").help("Sets a custom regex JSON file")) diff --git a/src/bin/duroc_hog.rs b/src/bin/duroc_hog.rs index 4639b72..3f7b6c4 100644 --- a/src/bin/duroc_hog.rs +++ b/src/bin/duroc_hog.rs @@ -58,7 +58,7 @@ pub struct FileFinding { pub path: String, pub reason: String, pub linenum: usize, - pub lineindextuples: Vec<(usize, usize)> + pub lineindextuples: Vec<(usize, usize)>, } const ZIPEXTENSIONS: &[&str] = &["zip"]; @@ -68,7 +68,7 @@ const GZEXTENSIONS: &[&str] = &["gz", "tgz"]; /// Main entry function that uses the [clap crate](https://docs.rs/clap/2.33.0/clap/) fn main() { let matches = Command::new("duroc_hog") - .version("1.0.11") + .version("1.0.12") .author("Scott Cutler ") .about("File system secret scanner in Rust") .arg( @@ -385,7 +385,7 @@ fn scan_bytes(input: Vec, ss: &SecretScanner, path: String) -> HashSet".parse().unwrap()); strings_found.push(result); - lineindextuples.push((m.start(),m.end())); + lineindextuples.push((m.start(), m.end())); } if !strings_found.is_empty() { findings.insert(FileFinding { @@ -393,7 +393,7 @@ fn scan_bytes(input: Vec, ss: &SecretScanner, path: String) -> HashSet Result { let dir_path = dir.path().to_str().unwrap(); diff --git a/src/bin/essex_hog.rs b/src/bin/essex_hog.rs index 37a3da4..87b51f2 100644 --- a/src/bin/essex_hog.rs +++ b/src/bin/essex_hog.rs @@ -33,16 +33,16 @@ extern crate clap; extern crate hyper; extern crate hyper_rustls; -use base64::{engine::general_purpose as Base64Engine, Engine as _}; +use base64::{Engine as _, engine::general_purpose as Base64Engine}; use clap::{Arg, ArgAction, ArgMatches, Command}; +use encoding::DecoderTrap; use encoding::all::ASCII; use encoding::types::Encoding; -use encoding::DecoderTrap; use hyper::body; use hyper::header::AUTHORIZATION; use hyper::http::Request; use hyper::http::StatusCode; -use hyper::{client, Body, Client}; +use hyper::{Body, Client, client}; use log::{self, debug, error, info}; use rusty_hog_scanner::SecretScannerBuilder; use rusty_hog_scanner::{RustyHogMatch, SecretScanner}; @@ -74,7 +74,7 @@ pub struct ConfluencePage { #[tokio::main] async fn main() { let matches = Command::new("gottingen_hog") - .version("1.0.11") + .version("1.0.12") .author("Emily Cain , Scott Cutler") .about("Confluence secret scanner in Rust.") .arg( diff --git a/src/bin/gottingen_hog.rs b/src/bin/gottingen_hog.rs index f03589f..b2a6830 100644 --- a/src/bin/gottingen_hog.rs +++ b/src/bin/gottingen_hog.rs @@ -26,16 +26,16 @@ extern crate clap; extern crate hyper; extern crate hyper_rustls; -use base64::{engine::general_purpose as Base64Engine, Engine as _}; +use base64::{Engine as _, engine::general_purpose as Base64Engine}; use clap::{Arg, ArgAction, ArgMatches, Command}; +use encoding::DecoderTrap; use encoding::all::ASCII; use encoding::types::Encoding; -use encoding::DecoderTrap; use hyper::body; use hyper::header::AUTHORIZATION; use hyper::http::Request; use hyper::http::StatusCode; -use hyper::{client, Body, Client}; +use hyper::{Body, Client, client}; use log::{self, debug, error, info}; use rusty_hog_scanner::SecretScannerBuilder; use rusty_hog_scanner::{RustyHogMatch, SecretScanner}; @@ -60,7 +60,7 @@ pub struct JiraFinding { #[tokio::main] async fn main() { let matches: ArgMatches = Command::new("gottingen_hog") - .version("1.0.11") + .version("1.0.12") .author("Emily Cain ") .about("Jira secret scanner in Rust.") .arg( diff --git a/src/bin/hante_hog.rs b/src/bin/hante_hog.rs index 122a8a4..75270b2 100644 --- a/src/bin/hante_hog.rs +++ b/src/bin/hante_hog.rs @@ -32,14 +32,14 @@ extern crate hyper; extern crate hyper_rustls; use clap::{Arg, ArgAction, ArgMatches, Command}; +use encoding::DecoderTrap; use encoding::all::ASCII; use encoding::types::Encoding; -use encoding::DecoderTrap; use hyper::body; use hyper::header::AUTHORIZATION; use hyper::http::Request; use hyper::http::StatusCode; -use hyper::{client, Body, Client, Method}; +use hyper::{Body, Client, Method, client}; use log::{self, debug, error, info}; use rusty_hog_scanner::SecretScannerBuilder; use rusty_hog_scanner::{RustyHogMatch, SecretScanner}; @@ -65,7 +65,7 @@ pub struct SlackFinding { #[tokio::main] async fn main() { let matches: ArgMatches = Command::new("hante_hog") - .version("1.0.11") + .version("1.0.12") .author("Joao Henrique Machado Silva ") .about("Slack secret scanner in Rust.") .arg( diff --git a/src/git_scanning.rs b/src/git_scanning.rs index 64981dc..a6076f6 100644 --- a/src/git_scanning.rs +++ b/src/git_scanning.rs @@ -42,7 +42,7 @@ //! assert_eq!(findings.len(), 8); //! ``` -use chrono::{DateTime}; +use chrono::DateTime; use chrono::Utc; use encoding::all::ASCII; use encoding::{DecoderTrap, Encoding}; @@ -244,7 +244,8 @@ impl GitScanner { .decode(&new_line, DecoderTrap::Ignore) .unwrap_or_else(|_| "".parse().unwrap()), date: DateTime::from_timestamp(commit.time().seconds(), 0) - .expect("Failed to parse timestamp").to_string(), + .expect("Failed to parse timestamp") + .to_string(), strings_found: secrets.clone(), path, reason: reason.clone(), diff --git a/src/google_scanning.rs b/src/google_scanning.rs index 8876475..ad2abb3 100644 --- a/src/google_scanning.rs +++ b/src/google_scanning.rs @@ -174,7 +174,7 @@ impl GDriveFileInfo { return Err(SimpleError::new(format!( "failed accessing Google Metadata API {:?}", e - ))) + ))); } }; From cd7deb5d4f35f6e7078f98865866d5a0adb7830d Mon Sep 17 00:00:00 2001 From: Nura Lawson-Adlparvar Date: Thu, 26 Jun 2025 20:03:45 -0700 Subject: [PATCH 02/12] hotfix: fixing linux test error --- src/google_scanning.rs | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/src/google_scanning.rs b/src/google_scanning.rs index ad2abb3..ee0e167 100644 --- a/src/google_scanning.rs +++ b/src/google_scanning.rs @@ -31,6 +31,7 @@ //! //! ```no_run //! # extern crate hyper_rustls; +//! # extern crate google_drive3 as drive3; //! # extern crate yup_oauth2 as oauth2; //! use rusty_hog_scanner::SecretScannerBuilder; //! use rusty_hogs::google_scanning::{GDriveScanner, GDriveFileInfo}; @@ -50,7 +51,10 @@ //! # let secret = yup_oauth2::read_application_secret(Path::new(oauthsecretfile)) //! # .await //! # .expect(oauthsecretfile); -//! # let auth = InstalledFlowAuthenticator::builder(secret, InstalledFlowReturnMethod::HTTPRedirect) +//! # let auth = drive3::oauth2::InstalledFlowAuthenticator::builder( +//! # secret, +//! # drive3::oauth2::InstalledFlowReturnMethod::HTTPRedirect +//! # ) //! # .persist_tokens_to_disk(Path::new(oauthtokenfile)) //! # .build() //! # .await From 366b1620446828a604939e3145c3d1b2ab9b0b4b Mon Sep 17 00:00:00 2001 From: Nura Lawson-Adlparvar Date: Fri, 27 Jun 2025 16:24:10 -0700 Subject: [PATCH 03/12] hotfix: updating openssl version in dockerfile.lambda and build_lambda_macos --- Dockerfile.lambda | 2 +- README.md | 2 +- build_lambda_macos.sh | 2 +- src/google_scanning.rs | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Dockerfile.lambda b/Dockerfile.lambda index 171e91d..7c9feb5 100644 --- a/Dockerfile.lambda +++ b/Dockerfile.lambda @@ -5,7 +5,7 @@ FROM ${CROSS_BASE_IMAGE} ARG CFLAGS="" ARG LDFLAGS="" -ARG OPENSSL_BUILD_VER=3.0.12 +ARG OPENSSL_BUILD_VER=3.0.16 RUN cd /usr/local/src/ && curl -sLO https://www.openssl.org/source/openssl-${OPENSSL_BUILD_VER}.tar.gz && \ tar xzvf openssl-${OPENSSL_BUILD_VER}.tar.gz && cd openssl-${OPENSSL_BUILD_VER} && \ CROSS_COMPILE="x86_64-linux-musl-" ./Configure --prefix=/usr/local/openssl-${OPENSSL_BUILD_VER} linux-x86_64 && make && make install diff --git a/README.md b/README.md index 56e890c..631dd3b 100644 --- a/README.md +++ b/README.md @@ -107,7 +107,7 @@ brew install rpm2cpio FiloSottile/musl-cross/musl-cross Then run `./build_lambda_macos.sh`. -The build script will build against OpenSSL 3.0.12. Use `export OPENSSL_BUILD_VER=3.0.12` to override. +The build script will build against OpenSSL 3.0.16. Use `export OPENSSL_BUILD_VER=3.0.16` to override. The build script will build against Amazon Linux kernel headers provided by their RPM; `export AMAZON_KERNEL_HEADERS_RPM_URL=...` to override where the RPM is downloaded from. (There's nothing preventing a different distribution's linux-headers RPM from being used, we just need the linux-headers to build openssl for Linux) diff --git a/build_lambda_macos.sh b/build_lambda_macos.sh index f300598..815bf31 100755 --- a/build_lambda_macos.sh +++ b/build_lambda_macos.sh @@ -5,7 +5,7 @@ if [[ "$(uname)" != "Darwin" ]]; then exit 1; fi -[ -z "${OPENSSL_BUILD_VER}" ] && OPENSSL_BUILD_VER="3.0.12" +[ -z "${OPENSSL_BUILD_VER}" ] && OPENSSL_BUILD_VER="3.0.16" [ -z "${AMAZON_KERNEL_HEADERS_RPM_URL}" ] && AMAZON_KERNEL_HEADERS_RPM_URL="http://packages.eu-central-1.amazonaws.com/2018.03/updates/adeeb554baf5/x86_64/Packages/kernel-headers-4.14.275-142.503.amzn1.x86_64.rpm" AMAZON_KERNEL_HEADERS_RPM="${AMAZON_KERNEL_HEADERS_RPM_URL##http*/}" diff --git a/src/google_scanning.rs b/src/google_scanning.rs index ee0e167..cd75890 100644 --- a/src/google_scanning.rs +++ b/src/google_scanning.rs @@ -48,7 +48,7 @@ //! # let handle = rt.handle(); //! # rt.block_on(async { //! // Start with GDrive auth - based on example code from drive3 API and yup-oauth2 -//! # let secret = yup_oauth2::read_application_secret(Path::new(oauthsecretfile)) +//! # let secret = drive3::oauth2::read_application_secret(Path::new(oauthsecretfile)) //! # .await //! # .expect(oauthsecretfile); //! # let auth = drive3::oauth2::InstalledFlowAuthenticator::builder( From d3ba1133b5100ec117903d4132dd31c75d672a79 Mon Sep 17 00:00:00 2001 From: Nura Lawson-Adlparvar Date: Fri, 27 Jun 2025 17:57:24 -0700 Subject: [PATCH 04/12] test: adding OPENSSL DIR vars to link --- build_lambda_macos.sh | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/build_lambda_macos.sh b/build_lambda_macos.sh index 815bf31..8d13919 100755 --- a/build_lambda_macos.sh +++ b/build_lambda_macos.sh @@ -119,7 +119,9 @@ if ! ( echo "int main(int argc, char *argv[]) { return 0; }" | x86_64-linux-musl # to allow the user to specify their own as well export CFLAGS="${CFLAGS} -I${OPENSSL_DIR}/include -L${OPENSSL_DIR}" export LDFLAGS="${LDFLAGS} -L${OPENSSL_DIR} -lssl -lcrypto" - export X86_64_UNKNOWN_LINUX_MUSL_OPENSSL_LIB_DIR="${OPENSSL_DIR}" + export OPENSSL_LIB_DIR="${OPENSSL_DIR}/lib" + export X86_64_UNKNOWN_LINUX_GNU_OPENSSL_DIR="${OPENSSL_DIR}" + export X86_64_UNKNOWN_LINUX_MUSL_OPENSSL_LIB_DIR="${OPENSSL_DIR}/lib" export X86_64_UNKNOWN_LINUX_MUSL_OPENSSL_STATIC="${OPENSSL_DIR}" else echo "yes" From a977acaafb5dee4b83cc80acdba454c38975d7e5 Mon Sep 17 00:00:00 2001 From: Nura Lawson-Adlparvar Date: Fri, 27 Jun 2025 18:18:18 -0700 Subject: [PATCH 05/12] test: change mac test use-cross to true --- .github/workflows/testing.yml | 2 +- build_lambda_macos.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/testing.yml b/.github/workflows/testing.yml index e9655d4..af548a2 100644 --- a/.github/workflows/testing.yml +++ b/.github/workflows/testing.yml @@ -42,7 +42,7 @@ jobs: os: macos-latest rust: stable target: x86_64-apple-darwin - cross: false + cross: true # - build: aarch64-macos # os: macos-13-xlarge # rust: stable diff --git a/build_lambda_macos.sh b/build_lambda_macos.sh index 8d13919..53dcc83 100755 --- a/build_lambda_macos.sh +++ b/build_lambda_macos.sh @@ -120,7 +120,7 @@ if ! ( echo "int main(int argc, char *argv[]) { return 0; }" | x86_64-linux-musl export CFLAGS="${CFLAGS} -I${OPENSSL_DIR}/include -L${OPENSSL_DIR}" export LDFLAGS="${LDFLAGS} -L${OPENSSL_DIR} -lssl -lcrypto" export OPENSSL_LIB_DIR="${OPENSSL_DIR}/lib" - export X86_64_UNKNOWN_LINUX_GNU_OPENSSL_DIR="${OPENSSL_DIR}" + export X86_64_UNKNOWN_LINUX_MUSL_OPENSSL_DIR="${OPENSSL_DIR}" export X86_64_UNKNOWN_LINUX_MUSL_OPENSSL_LIB_DIR="${OPENSSL_DIR}/lib" export X86_64_UNKNOWN_LINUX_MUSL_OPENSSL_STATIC="${OPENSSL_DIR}" else From def3306e30af5c8893859b0360051210ee40f1d7 Mon Sep 17 00:00:00 2001 From: Nura Lawson-Adlparvar Date: Fri, 27 Jun 2025 18:30:37 -0700 Subject: [PATCH 06/12] test: removing test vars, adding libssl-dev isntall step --- .github/workflows/testing.yml | 4 +++- build_lambda_macos.sh | 4 +--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/testing.yml b/.github/workflows/testing.yml index af548a2..e39e4c1 100644 --- a/.github/workflows/testing.yml +++ b/.github/workflows/testing.yml @@ -42,7 +42,7 @@ jobs: os: macos-latest rust: stable target: x86_64-apple-darwin - cross: true + cross: false # - build: aarch64-macos # os: macos-13-xlarge # rust: stable @@ -66,6 +66,8 @@ jobs: toolchain: ${{ matrix.rust }} target: ${{ matrix.target }} override: true + - run: sudo apt install -y libssl-dev + if: matrix.os == 'ubuntu-latest' - name: Test uses: actions-rs/cargo@v1 with: diff --git a/build_lambda_macos.sh b/build_lambda_macos.sh index 53dcc83..815bf31 100755 --- a/build_lambda_macos.sh +++ b/build_lambda_macos.sh @@ -119,9 +119,7 @@ if ! ( echo "int main(int argc, char *argv[]) { return 0; }" | x86_64-linux-musl # to allow the user to specify their own as well export CFLAGS="${CFLAGS} -I${OPENSSL_DIR}/include -L${OPENSSL_DIR}" export LDFLAGS="${LDFLAGS} -L${OPENSSL_DIR} -lssl -lcrypto" - export OPENSSL_LIB_DIR="${OPENSSL_DIR}/lib" - export X86_64_UNKNOWN_LINUX_MUSL_OPENSSL_DIR="${OPENSSL_DIR}" - export X86_64_UNKNOWN_LINUX_MUSL_OPENSSL_LIB_DIR="${OPENSSL_DIR}/lib" + export X86_64_UNKNOWN_LINUX_MUSL_OPENSSL_LIB_DIR="${OPENSSL_DIR}" export X86_64_UNKNOWN_LINUX_MUSL_OPENSSL_STATIC="${OPENSSL_DIR}" else echo "yes" From 58082817bc21be8e310b8a7fae937fbc84343b22 Mon Sep 17 00:00:00 2001 From: Nura Lawson-Adlparvar Date: Fri, 27 Jun 2025 18:49:05 -0700 Subject: [PATCH 07/12] test: adding prerun to cargo.toml, changing rust toolchain action --- .github/workflows/testing.yml | 8 ++------ Cargo.toml | 6 ++++++ 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/.github/workflows/testing.yml b/.github/workflows/testing.yml index e39e4c1..8466a8a 100644 --- a/.github/workflows/testing.yml +++ b/.github/workflows/testing.yml @@ -60,14 +60,10 @@ jobs: # git-scanning tests need entire git history to work fetch-depth: 0 - name: Install ${{ matrix.rust }}-${{ matrix.target }} toolchain - uses: actions-rs/toolchain@v1 + uses: dtolnay/rust-toolchain@master with: - profile: minimal toolchain: ${{ matrix.rust }} - target: ${{ matrix.target }} - override: true - - run: sudo apt install -y libssl-dev - if: matrix.os == 'ubuntu-latest' + targets: ${{ matrix.target }} - name: Test uses: actions-rs/cargo@v1 with: diff --git a/Cargo.toml b/Cargo.toml index c252bab..6279593 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -56,3 +56,9 @@ codegen-units = 1 [package.metadata.cross.target.x86_64-unknown-linux-musl] dockerfile = "Dockerfile.lambda" + +[target.x86_64-unknown-linux-musl] +pre-build = [ + "dpkg --add-architecture $CROSS_DEB_ARCH", + "apt-get update && apt-get --assume-yes install libssl-dev:$CROSS_DEB_ARCH" +] \ No newline at end of file From c6ba93950fb6ff1f076410dba9a03e3e27d4ee99 Mon Sep 17 00:00:00 2001 From: Nura Lawson-Adlparvar Date: Fri, 27 Jun 2025 19:11:38 -0700 Subject: [PATCH 08/12] hotfix: added .cargo/config.toml --- .cargo/config.toml | 5 +++++ Cargo.toml | 6 ------ 2 files changed, 5 insertions(+), 6 deletions(-) create mode 100644 .cargo/config.toml diff --git a/.cargo/config.toml b/.cargo/config.toml new file mode 100644 index 0000000..2cdb894 --- /dev/null +++ b/.cargo/config.toml @@ -0,0 +1,5 @@ +[target.x86_64-unknown-linux-musl] +pre-build = [ + "dpkg --add-architecture $CROSS_DEB_ARCH", + "apt-get update && apt-get --assume-yes install libssl-dev:$CROSS_DEB_ARCH" +] \ No newline at end of file diff --git a/Cargo.toml b/Cargo.toml index 6279593..c252bab 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -56,9 +56,3 @@ codegen-units = 1 [package.metadata.cross.target.x86_64-unknown-linux-musl] dockerfile = "Dockerfile.lambda" - -[target.x86_64-unknown-linux-musl] -pre-build = [ - "dpkg --add-architecture $CROSS_DEB_ARCH", - "apt-get update && apt-get --assume-yes install libssl-dev:$CROSS_DEB_ARCH" -] \ No newline at end of file From 212774650e75b10cc5d503cec8e52eef36b5796c Mon Sep 17 00:00:00 2001 From: Nura Lawson-Adlparvar Date: Fri, 27 Jun 2025 19:27:29 -0700 Subject: [PATCH 09/12] hotfix: remove config, update cargo.toml --- .cargo/config.toml | 5 ----- 1 file changed, 5 deletions(-) delete mode 100644 .cargo/config.toml diff --git a/.cargo/config.toml b/.cargo/config.toml deleted file mode 100644 index 2cdb894..0000000 --- a/.cargo/config.toml +++ /dev/null @@ -1,5 +0,0 @@ -[target.x86_64-unknown-linux-musl] -pre-build = [ - "dpkg --add-architecture $CROSS_DEB_ARCH", - "apt-get update && apt-get --assume-yes install libssl-dev:$CROSS_DEB_ARCH" -] \ No newline at end of file From 7f71ddf5745567bcd66f35636ecc5dd472acee17 Mon Sep 17 00:00:00 2001 From: Nura Lawson-Adlparvar Date: Fri, 27 Jun 2025 19:43:55 -0700 Subject: [PATCH 10/12] test: adding libssl to run step in yml --- .github/workflows/testing.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/testing.yml b/.github/workflows/testing.yml index 8466a8a..e3b4e5b 100644 --- a/.github/workflows/testing.yml +++ b/.github/workflows/testing.yml @@ -64,6 +64,9 @@ jobs: with: toolchain: ${{ matrix.rust }} targets: ${{ matrix.target }} + - name: Add libssl if MacOS + run: sudo apt install libssl-dev + if: matrix.os == 'macos-latest' - name: Test uses: actions-rs/cargo@v1 with: From a5820f169fac535aac132e495536cf916f82ca8c Mon Sep 17 00:00:00 2001 From: Nura Lawson-Adlparvar Date: Fri, 27 Jun 2025 19:53:38 -0700 Subject: [PATCH 11/12] typo in testing.yml --- .github/workflows/testing.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/testing.yml b/.github/workflows/testing.yml index e3b4e5b..980db35 100644 --- a/.github/workflows/testing.yml +++ b/.github/workflows/testing.yml @@ -65,7 +65,7 @@ jobs: toolchain: ${{ matrix.rust }} targets: ${{ matrix.target }} - name: Add libssl if MacOS - run: sudo apt install libssl-dev + run: sudo apt install -y libssl-dev if: matrix.os == 'macos-latest' - name: Test uses: actions-rs/cargo@v1 From 533a1fa9e96759b735f2d61adbf0d4b2c19ee4d7 Mon Sep 17 00:00:00 2001 From: Nura Lawson-Adlparvar Date: Fri, 27 Jun 2025 20:09:06 -0700 Subject: [PATCH 12/12] hotfix: commenting out macos test build from testing.yml for now --- .github/workflows/testing.yml | 13 +++++-------- Cargo.toml | 2 +- 2 files changed, 6 insertions(+), 9 deletions(-) diff --git a/.github/workflows/testing.yml b/.github/workflows/testing.yml index 980db35..1d75288 100644 --- a/.github/workflows/testing.yml +++ b/.github/workflows/testing.yml @@ -38,11 +38,11 @@ jobs: rust: stable target: x86_64-unknown-linux-musl cross: true - - build: x86_64-macos - os: macos-latest - rust: stable - target: x86_64-apple-darwin - cross: false +# - build: x86_64-macos +# os: macos-latest +# rust: stable +# target: x86_64-apple-darwin +# cross: false # - build: aarch64-macos # os: macos-13-xlarge # rust: stable @@ -64,9 +64,6 @@ jobs: with: toolchain: ${{ matrix.rust }} targets: ${{ matrix.target }} - - name: Add libssl if MacOS - run: sudo apt install -y libssl-dev - if: matrix.os == 'macos-latest' - name: Test uses: actions-rs/cargo@v1 with: diff --git a/Cargo.toml b/Cargo.toml index c252bab..8696705 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -55,4 +55,4 @@ lto = true codegen-units = 1 [package.metadata.cross.target.x86_64-unknown-linux-musl] -dockerfile = "Dockerfile.lambda" +dockerfile = "Dockerfile.lambda" \ No newline at end of file