There are many third party libraries out there with complex shell scripts to build them (OpenSSL comes to mind which is explicitly recommended by Apple for users to build themselves in the Security session from WWDC). Xcode 7 beta 3 has now made it a hard requirement to build at all for WatchOS that every piece of code must enable Bitcode. That's fine except AFAICT absolutely nothing has been published about all the edge cases here like such libraries.
I have managed to sniff out "-fembed-bitcode-marker" as one of the compiler flags needed to do this from a shell script. That actually makes such libraries pass the Xcode WatchOS Bitcode requirement. However, Xcode then starts outputting a new warning implying there is some additional step I'm not aware of:
ld: warning: full bitcode bundle could not be generated because 'xx/libcrypto.a(bn_lib.o)' was built only with bitcode marker. The library must be generated from Xcode archive build with bitcode enabled (Xcode setting ENABLE_BITCODE)
I don't know what this means. I told the compiler to add Bitcode. It did. Clearly, I'm missing some additional magic parameter that only the Bitcode gods know. I've compared the build commands between the Xcode default WatchOS static library project and the shell script and I'm not coming up with the answer. It seems a bit premature to make these hard requirements when this information is not available. Beta 2 had an easy bypass.