Skip to content

Re-enable aarch64-linux release artifact #179

Description

@donbeave

Hi! Thanks for shellfirm — we use it in jackin's construct image as a security guardrail for AI coding agents.

Request

Ship shellfirm-vX.Y.Z-aarch64-linux.tar.xz alongside the existing x86_64-linux artifact in releases.

Context

  • Recent releases (v0.3.5 through v0.3.9) only publish x86_64-linux for Linux. No aarch64-linux tarball.
  • Your release.yml already has the matrix entry for aarch64-linux (via rustembedded/cross), but it's commented out — the infrastructure is in place, just disabled.
  • Issue Native support for Apple silicon #124 was about Apple silicon (aarch64-darwin) — that's already shipping. Linux arm64 hasn't been requested before as far as we can tell.

Why we care

  • jackin builds a multi-arch Docker image (linux/amd64 + linux/arm64) consumed by Apple silicon (Docker Desktop / OrbStack) developers and arm64 CI runners.
  • Currently we run cargo install shellfirm --version <X> --locked inside the image. On arm64 CI this re-compiles shellfirm plus its transitive crate graph from source on every layer-cache miss, dominating construct build time.
  • We're considering moving to pre-built binary download to drop a whole multi-stage Rust toolchain stage. We already do this for tirith, which publishes tirith-aarch64-unknown-linux-gnu.tar.gz.
  • The shellfirm Linux arm64 gap is the one thing blocking us from removing cargo entirely.

Suggested change

Uncomment the aarch64-linux entries in release.yml:

  • Line 74 — add aarch64-linux back to the build list
  • Lines 82-87 — uncomment the matrix include

If the historical reason for disabling was cross breakage, two modern options that may avoid it:

  • Switch to runs-on: ubuntu-24.04-arm (free for public repos since Jan 2025) — native arm64 build, no cross-compile needed.
  • Or keep cross against ubuntu-latest — still works for most rust crates.

Happy to open a PR if helpful. Let me know which direction you'd prefer.

Thanks!

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions