Skip to content

aws-vault: 7.2.0 -> 7.7.5, switch to maintained fork#454705

Merged
numinit merged 3 commits intoNixOS:masterfrom
er0k:aws-vault-fork
Nov 6, 2025
Merged

aws-vault: 7.2.0 -> 7.7.5, switch to maintained fork#454705
numinit merged 3 commits intoNixOS:masterfrom
er0k:aws-vault-fork

Conversation

@er0k
Copy link
Member

@er0k er0k commented Oct 22, 2025
edited
Loading

Switches to a maintained fork of aws-vault and updates to latest version 7.7.5

fixes #454530

see also:

Things done

  • Built on platform:
    • x86_64-linux
    • aarch64-linux
    • x86_64-darwin
    • aarch64-darwin
  • Tested, as applicable:
  • Ran nixpkgs-review on this PR. See nixpkgs-review usage.
  • Tested basic functionality of all binary files, usually in ./result/bin/.
  • Nixpkgs Release Notes
    • Package update: when the change is major or breaking.
  • NixOS Release Notes
    • Module addition: when adding a new NixOS module.
    • Module update: when the change is significant.
  • Fits CONTRIBUTING.md, pkgs/README.md, maintainers/README.md and other READMEs.

Add a 👍 reaction to pull requests you find important.

@er0k er0k changed the title aws-vault: switch to maintained fork aws-vault: 7.2.0 -> 7.7.5, switch to maintained fork Oct 22, 2025
@nixpkgs-ci nixpkgs-ci bot added 12.first-time contribution This PR is the author's first one; please be gentle! 10.rebuild-linux: 1-10 This PR causes between 1 and 10 packages to rebuild on Linux. 10.rebuild-darwin: 1-10 This PR causes between 1 and 10 packages to rebuild on Darwin. 10.rebuild-darwin: 1 This PR causes 1 package to rebuild on Darwin. 10.rebuild-linux: 1 This PR causes 1 package to rebuild on Linux. 8.has: maintainer-list (update) This PR changes `maintainers/maintainer-list.nix` labels Oct 22, 2025
@nix-owners nix-owners bot requested a review from zimbatm October 22, 2025 23:17
@er0k er0k mentioned this pull request Oct 22, 2025
Closed
3 tasks
@mbevc1
Copy link

mbevc1 commented Oct 23, 2025

Thanks! One this is merged we should add it to list of packaging in the repo README as well

@Sigmanificient
Copy link
Member

Sigmanificient commented Oct 23, 2025

nixpkgs-review result

Generated using nixpkgs-review-gha

Command: nixpkgs-review pr 454705
Commit: c12b3eb6641be7014552e44afcee4b04a6f43e89 (subsequent changes)
Merge: de8ce9d1800e7b48686dbdf6e3dc103e3c952bc4

Logs: https://github.com/Sigmanificient/nixpkgs-review-gha/actions/runs/18752614931

x86_64-linux

✅ 1 package built:
  • aws-vault

aarch64-linux

✅ 1 package built:
  • aws-vault

x86_64-darwin (sandbox = true)

❌ 1 package failed to build:
  • aws-vault

aarch64-darwin (sandbox = true)

❌ 1 package failed to build:
  • aws-vault

@er0k
Copy link
Member Author

er0k commented Oct 23, 2025

not really sure why this is failing on the Darwin builds. I was able to build it locally on an aarch64-darwin machine running macos 15.6.1 🤔

@mbevc1
Copy link

mbevc1 commented Oct 23, 2025

There are some OS deps, so I wonder if darwin workers are used for builds?

@er0k
Copy link
Member Author

er0k commented Oct 23, 2025

it seems to works if I disable cgo to statically link the C libs

@mbevc1
Copy link

mbevc1 commented Oct 23, 2025

Yes, CGO needs to be disabled in order to statically link OS deps on different platforms

@er0k
Copy link
Member Author

er0k commented Oct 23, 2025

nixpkgs-review result

Generated using nixpkgs-review-gha

Command: nixpkgs-review pr 454705
Commit: b531698d03a340441f2229fab95ba850045256a8 (subsequent changes)
Merge: 4d71a552387f35909982f6913c76b5c10d7cfb10

Logs: https://github.com/er0k/nixpkgs-review-gha/actions/runs/18760779065

x86_64-linux

✅ 1 package built:
  • aws-vault

aarch64-linux

✅ 1 package built:
  • aws-vault

x86_64-darwin (sandbox = relaxed)

✅ 1 package built:
  • aws-vault

aarch64-darwin (sandbox = relaxed)

✅ 1 package built:
  • aws-vault

@Jasper-Ben Jasper-Ben mentioned this pull request Oct 27, 2025
Open
@nixpkgs-ci nixpkgs-ci bot added the 12.approvals: 1 This PR was reviewed and approved by one person. label Nov 4, 2025
@numinit
Copy link
Contributor

numinit commented Nov 4, 2025

nixpkgs-review result

Generated using nixpkgs-review.

Command: nixpkgs-review pr 454705
Commit: b531698d03a340441f2229fab95ba850045256a8

x86_64-linux

✅ 1 package built:
  • aws-vault

Builds, runs.

numinit
numinit reviewed Nov 4, 2025
View reviewed changes
Copy link
Contributor

@numinit numinit left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@zimbatm You good switching this to the above fork?

@numinit
Copy link
Contributor

numinit commented Nov 6, 2025

Just going to merge in the interest of ZHF. :-)

@numinit numinit added this pull request to the merge queue Nov 6, 2025
Merged via the queue into NixOS:master with commit c7d8f11 Nov 6, 2025
35 of 36 checks passed
@er0k er0k deleted the aws-vault-fork branch November 6, 2025 05:39
@retrry
Copy link
Contributor

retrry commented Nov 10, 2025

@numinit I think this update broke my aws-setup on macOS.

I am getting:

aws-vault: error: Specified keyring backend not available, try --help

I was using it with macOS Keychain.

But running:

$ aws-vault --help

I don't see macOS keychain in supported backends:

  --backend=pass             Secret backend to use [pass file op-connect op] ($AWS_VAULT_BACKEND)

@numinit
Copy link
Contributor

numinit commented Nov 10, 2025

@er0k is this something that can be fixed with a compile flag? If not I think this may have to be reverted since it's an accidentally breaking change for 25.11.

@numinit
Copy link
Contributor

numinit commented Nov 10, 2025

It looks like it's related to disabling CGO on Darwin.

@er0k
Copy link
Member Author

er0k commented Nov 10, 2025

Dang, sorry about that. I can confirm there was a breaking change introduced in v7.7.0, still trying to sort out how to get that building correctly with the keychain backend. In the meantime I have confirmed that v7.6.5 builds and runs successfully on Darwin with CGO enabled, and appears to work with the keychain backend.

I can put this branch up for PR to revert to v7.6.5. Or we can revert all the way back to v7.2.0. I would prefer the former to use the new fork, but I'm happy to do whatever you recommend.

@numinit
Copy link
Contributor

numinit commented Nov 10, 2025

Yeah I think 7.6.5 is fine since the previous version is unmaintained. This is the situation where it'd be good to report this upstream and then go to/backport 7.7 when they fix it.

@er0k
Copy link
Member Author

er0k commented Nov 10, 2025

I appreciate the guidance here @numinit 🙇 I have opened #460421 to revert to 7.6.5

@h3y6e h3y6e mentioned this pull request Dec 31, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@numinit numinit numinit left review comments

@zimbatm zimbatm Awaiting requested review from zimbatm

+1 more reviewer

@crertel crertel crertel approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

8.has: maintainer-list (update) This PR changes `maintainers/maintainer-list.nix` 10.rebuild-darwin: 1-10 This PR causes between 1 and 10 packages to rebuild on Darwin. 10.rebuild-darwin: 1 This PR causes 1 package to rebuild on Darwin. 10.rebuild-linux: 1-10 This PR causes between 1 and 10 packages to rebuild on Linux. 10.rebuild-linux: 1 This PR causes 1 package to rebuild on Linux. 12.approvals: 1 This PR was reviewed and approved by one person. 12.first-time contribution This PR is the author's first one; please be gentle!

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

aws-vault: abandoned project used for package

6 participants

@er0k @mbevc1 @Sigmanificient @numinit @retrry @crertel