Add x86_64-unknown-linux-musl release to BWS CLI

Are there any plans to release a binary built for x86_64-unknown-linux-musl? I would like to run the bws cli on alpine, but can’t get the x86_64-unknown-linux-gnu release to run with compatibility layers. I was also unsuccessful building the source code with musl as the target.

3 Likes

I’m also trying to install the bitwarden cli into an alpine-based container, with no success so far. I don’t know too much about the root technical issue but I can provide some more context from myself and other posts.

My use case is to install bitwarden cli into the ansible-semaphore container, as I intend to use the bitwarden lookup in ansible to reference passwords in the ansible files.

When I try to run the extracted linux x64 cli, it initially responds with not found:

/usr/local/bin $ ls
bw                 semaphore          semaphore-wrapper
/usr/local/bin $ bw
/bin/ash: bw: not found

I found a suggested fix for this in a github issue from the archived bitwarden repository, but after adding the packages, it fails with a segmentation fault:

/usr/local/bin # bw
Segmentation fault

So I ran gbd to try to get more information and found the segementation fault is being caused by ld-musl-x86_64:

/usr/local/bin # gdb bw
GNU gdb (GDB) 13.1
Copyright (C) 2023 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64-alpine-linux-musl".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<https://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
    <http://www.gnu.org/software/gdb/documentation/>.

For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from bw...
(No debugging symbols found in bw)
(gdb) run
Starting program: /usr/local/bin/bw 
warning: Error disabling address space randomization: Operation not permitted
warning: Unable to find dynamic linker breakpoint function.
GDB will be unable to debug shared library initializers
and track explicitly loaded dynamic code.
process 106 is executing new program: /lib/ld-musl-x86_64.so.1
[New LWP 109]
[New LWP 110]
[New LWP 111]
[New LWP 112]
[New LWP 113]

Thread 1 "ld-musl-x86_64." received signal SIGSEGV, Segmentation fault.
0x00007fd842206128 in ?? ()

and I’m not sure where to go from here.

I was able to compile the SDK under alpine using an alpine docker image and doing :

apk add curl cargo openssl-dev pkgconfig
curl -LO https://github.com/bitwarden/sdk/archive/refs/tags/bws-v0.3.1.tar.gz
tar -xzf bws-v0.3.1.tar.gz
cd sdk-bws-v0.3.1/
export OPENSSL_NO_VENDOR=Y
cargo build -r --bin bws
Then, the file bws is found into the target/release directory.

2 Likes

Months later and nothing from the devs, but the community comes to the rescue. Thank you my hero!

1 Like

A potentially easier solution:
cargo install cross
cross build -p bws --release --target=x86_64-unknown-linux-musl

It would really be great if this was added to the CI, however. It should require only a few additions to the CI as they already use cross for arm builds. If they were open to community contributions I would love to contribute this!

1 Like

Thanks, everyone, for your interest in making bws work with MUSL-based distros!

@tiptenbrink, I tried this on my local machine for both x86_64-unknown-linux-musl and aarch64-unknown-linux-musl and they both produce working builds. As you correctly pointed out, we already use cross in our build workflow, so adding x86_64 and aarch64 MUSL targets should be pretty straightforward.

Would you be interested in forking our sdk repo and submitting a PR for this?

Here is how I got bws installed in my semaphore image:

FROM docker.io/semaphoreui/semaphore:v2.10.11
USER root
RUN apk add build-base openssl
USER semaphore
RUN curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y \
    && . "$HOME/.cargo/env" \
    && rustup target add x86_64-unknown-linux-musl \
    && cargo install bws --version=0.4.0 --target=x86_64-unknown-linux-musl
ENV PATH=$PATH:/home/semaphore/.cargo/bin