MacOS FIPS crossbuild CI runner is broken #285

evanrittenhouse · 2024-10-17T02:22:19Z

Looks like:

warning: [email protected]: Compiler family detection failed due to error: ToolNotFound: Failed to find tool. Is `x86_64-unknown-linux-gnu-gcc` installed?
[221](https://github.com/cloudflare/boring/actions/runs/11025392135/job/30620183456#step:11:222)warning: [email protected]: Compiler family detection failed due to error: ToolNotFound: Failed to find tool. Is `x86_64-unknown-linux-gnu-g++` installed?
[222](https://github.com/cloudflare/boring/actions/runs/11025392135/job/30620183456#step:11:223)warning: [email protected]: Compiler family detection failed due to error: ToolNotFound: Failed to find tool. Is `x86_64-unknown-linux-gnu-gcc` installed?

First started failing in https://github.com/cloudflare/boring/actions/runs/11025392135/job/30620183456

The text was updated successfully, but these errors were encountered:

It seems we need to manually symlink the x86_64-unknown-linux-gnu toolchain for the macos13 runner. Also, we don't need to overwrite the python version anymore Fixes #285

* Release 4.10.3 (#280) * Create semgrep.yml Creating Semgrep.yml file - Semgrep is a tool that will be used to scan Cloudflare's public repos for Supply chain, code and secrets. This work is part of Application & Product Security team's initiative to onboard Semgrep onto all of Cloudflare's public repos. In case of any questions, please reach out to "Hrushikesh Deshpande" on cf internal chat. * Add "fips-compat" feature (#286) This adds a feature to build against a BoringSSL version compatible with the current boringssl-fips, but _without_ actually enabling the `fips` feature. This can be useful to use with `fips-link-precompiled` while using a custom BoringSSL version based on the older FIPS branch. * boring-sys: include HPKE header file for bindgen BoringSSL doesn't expose these APIs for FIPs builds, so we gate them here as well * Release 4.11.0 * Add `set_cert_verify_callback` (`SSL_CTX_set_cert_verify`) Add a wrapper for `SSL_CTX_set_cert_verify`, which allows consumers to override the default certificate verification behavior. The binding resembles `SSL_CTX_set_verify`'s. See https://docs.openssl.org/master/man3/SSL_CTX_set_cert_verify_callback/ for more details. * Skip bindgen 0.70's layout tests before Rust 1.77 * (ci): brew link x86 toolchain for macos13 runner It seems we need to manually symlink the x86_64-unknown-linux-gnu toolchain for the macos13 runner. Also, we don't need to overwrite the python version anymore Fixes cloudflare/boring#285 * feat(boring): Add SSL_CURVE_X25519_MLKEM768 curve binding --------- Co-authored-by: Rushil Mehra <[email protected]> Co-authored-by: Hrushikesh Deshpande <[email protected]> Co-authored-by: Alessandro Ghedini <[email protected]> Co-authored-by: Evan Rittenhouse <[email protected]> Co-authored-by: James Larisch <[email protected]> Co-authored-by: Jordan Rose <[email protected]> Co-authored-by: Rushil Mehra <[email protected]>

rushilmehra mentioned this issue Oct 17, 2024

Add "fips-compat" feature #286

Merged

semaj-cf mentioned this issue Oct 21, 2024

Add set_cert_verify_callback (SSL_CTX_set_cert_verify) #287

Merged

rushilmehra mentioned this issue Oct 22, 2024

Skip bindgen 0.70's layout tests before Rust 1.77 #289

Merged

rushilmehra mentioned this issue Oct 24, 2024

(ci): brew link x86 toolchain for macos13 runner #290

Merged

rushilmehra closed this as completed in #290 Oct 24, 2024

rushilmehra closed this as completed in 7bb3647 Oct 24, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

MacOS FIPS crossbuild CI runner is broken #285

MacOS FIPS crossbuild CI runner is broken #285

evanrittenhouse commented Oct 17, 2024

MacOS FIPS crossbuild CI runner is broken #285

MacOS FIPS crossbuild CI runner is broken #285

Comments

evanrittenhouse commented Oct 17, 2024