-
Notifications
You must be signed in to change notification settings - Fork 142
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Drop "bindgen" from libthemis-sys dependencies (#626)
* Drop "bindgen" from libthemis-sys dependencies
Initially it was used to dynamically generate Rust bindings to C code.
I have thought that this is the most idiomatic way to it. It is also
more robust as Bindgen will be working with the actual Themis version
installed on the user system.
However, Bindgen has a lot of transitive dependencies, they take quite a
while to compile, and they need to be compiled by our users too. This is
a constant source of irritation for developers. Users are not really
happy with that as well.
While we try our best to maintain backwards compatibility when it comes
to symbols and dependencies, we generally do not bother with forward
compatibility. And we effectively pin wrappers to the core library.
That is, RustThemis 0.N is guaranteed to work with Themis Core 0.N,
it is also guaranteed to work with Themis Core 0.N+1, and will most
likely work with Themis Core 0.N+2 (unless there is deprecated API
removed). However, the converse is not the case. RustThemis 0.N+1 may
work with Themis 0.N if no new features were added, but otherwise it
might fail to compile.
Thus, RustThemis is effectivelly pinned to Themis Core version, meaning
that their versions must match. If that's the case, we do not need to
generate FFI bindings on the user machine because we know which version
we are shipping with and what symbols are available there. Thankfully,
we also write portable C code so Themis API does not depend on the
target architecture -- which allows us to ship the bindings verbatim.
Otherwise we'd have no choice other that generate them on the fly.
With that in mind, start generating "src/lib.rs" manually with the help
of "bindgen.sh" script. The developers are expected to run it on their
machine to regenerate bindings somewhere before release. The users now
do not need to generate these bindings on their machine, meaning that
we can drop "bindgen" crate dependency and all supporting code.
In the end, this gives *significant* improvements in transitive
dependency count (down to 3, from 43) as well as *ENORMOUS*
improvements in build times:
Before After
Linux 28.43 2.68 Debug
macOS 52.80 8.47
Linux 52.08 5.35 Release
macOS 127.21 8.71
CI builds were a source of pain since they build RustThemis in both
debug and release versions, possibly several times, and in the worst
case they are running with only one virtual CPU so the absolute time
to run the test suite might be several minutes.
* Check "./bindgen.sh" output on CI
Set up a GitHub Actions step to verify that the output of "./bindgen.sh"
script does not change and "src/lib.rs" does not need an update. This
will break the build once changes are necessary. Typically this means
that some new API is exported by Themis or there are some changes in
Bindgen's behavior. Either way we would like to be notified.- Loading branch information
Showing
8 changed files
with
742 additions
and
88 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
File renamed without changes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,76 @@ | ||
| #!/bin/bash | ||
| # | ||
| # Generate "src/lib.rs" file with bindings | ||
| # | ||
| # Run this script from "libthemis-sys" directory before release | ||
| # to update raw FFI bindings with newly added functions and types: | ||
| # | ||
| # ./bindgen.sh | ||
| # | ||
| # You need to have Bindgen, LLVM, rustfmt installed to run this script. | ||
| # Bindgen can be installed with | ||
| # | ||
| # cargo install bindgen | ||
| # | ||
| # rustfmt can be installed with | ||
| # | ||
| # rustup component add rustfmt | ||
| # | ||
| # Suitable LLVM can usually be installed from your system's repositories. | ||
|
|
||
| set -e -o pipefail | ||
|
|
||
| # This is a pattern for what we export from libthemis-sys. | ||
| # Bindgen sees Soter as well as some system libraries, we don't need that. | ||
| WHITELIST="(THEMIS|themis|secure_(comparator|session)|STATE)_.*" | ||
|
|
||
| # Currently, we don't pass --target since none of the symbols we're linking | ||
| # against are architecture-specific. If this ever becomes a problem, then the | ||
| # thing to do is to split the generated code into different files for different | ||
| # platforms (like themis_x86_64.rs, themis_arm64.rs, etc.) and conditionally | ||
| # compile them depending on target. | ||
| bindgen bindgen.h \ | ||
| --no-doc-comments \ | ||
| --rustified-enum "themis_key_kind" \ | ||
| --size_t-is-usize \ | ||
| --whitelist-function "$WHITELIST" \ | ||
| --whitelist-type "$WHITELIST" \ | ||
| --whitelist-var "$WHITELIST" \ | ||
| --output src/lib.rs \ | ||
| -- \ | ||
| -I ../../../.. # ${repository_root}/src | ||
|
|
||
| TMP="$(mktemp)" | ||
|
|
||
| # Prepend copyright comment, #[allow] for various warnings we don't care about. | ||
| (cat << EOF | ||
| // Copyright 2018 (c) rust-themis developers | ||
| // | ||
| // Licensed under the Apache License, Version 2.0 (the "License"); | ||
| // you may not use this file except in compliance with the License. | ||
| // You may obtain a copy of the License at | ||
| // | ||
| // http://www.apache.org/licenses/LICENSE-2.0 | ||
| // | ||
| // Unless required by applicable law or agreed to in writing, software | ||
| // distributed under the License is distributed on an "AS IS" BASIS, | ||
| // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| // See the License for the specific language governing permissions and | ||
| // limitations under the License. | ||
| //! Raw FFI bindings to libthemis. | ||
| #![allow(non_upper_case_globals)] | ||
| #![allow(non_camel_case_types)] | ||
| #![allow(non_snake_case)] | ||
| // For some weird reasons Clippy gets run on this crate as it's a path dependency of themis. | ||
| // This should not happen (see https://github.com/rust-lang-nursery/rust-clippy/issues/1066) | ||
| // but until that's fixed again, disable all lints which get triggered by the code generated | ||
| // by bindgen. | ||
| #![allow(clippy::all)] | ||
| EOF | ||
|
|
||
| cat src/lib.rs) \ | ||
| | rustfmt > "$TMP" | ||
| mv "$TMP" src/lib.rs |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.