update windows resources generation

New solution is not hardcoded to amd64 but integrates
with the cross toolchain and support creating arm binaries.

Go has been updated so that ASLR works

Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
(cherry picked from commit 8b822c9219)
Signed-off-by: Tibor Vass <tibor@docker.com>
This commit is contained in:
Tonis Tiigi 2021-03-05 00:56:55 -08:00 committed by Tibor Vass
parent 58061d25f6
commit fcc05e5ea1
6 changed files with 24 additions and 77 deletions

3
.gitignore vendored
View File

@ -8,8 +8,7 @@
Thumbs.db Thumbs.db
.editorconfig .editorconfig
/build/ /build/
cli/winresources/rsrc_386.syso cli/winresources/rsrc_*.syso
cli/winresources/rsrc_amd64.syso
/man/man1/ /man/man1/
/man/man5/ /man/man5/
/man/man8/ /man/man8/

View File

@ -7,14 +7,14 @@ FROM --platform=$BUILDPLATFORM golang:${GO_VERSION}-${BASE_VARIANT} AS gostable
FROM --platform=$BUILDPLATFORM golang:1.16-${BASE_VARIANT} AS golatest FROM --platform=$BUILDPLATFORM golang:1.16-${BASE_VARIANT} AS golatest
FROM gostable AS go-linux FROM gostable AS go-linux
FROM gostable AS go-windows FROM golatest AS go-windows
FROM golatest AS go-darwin FROM golatest AS go-darwin
FROM --platform=$BUILDPLATFORM tonistiigi/xx@sha256:810dc54d5144f133a218e88e319184bf8b9ce01d37d46ddb37573e90decd9eef AS xx FROM --platform=$BUILDPLATFORM tonistiigi/xx@sha256:620d36a9d7f1e3b102a5c7e8eff12081ac363828b3a44390f24fa8da2d49383d AS xx
FROM go-${TARGETOS} AS build-base-alpine FROM go-${TARGETOS} AS build-base-alpine
COPY --from=xx / / COPY --from=xx / /
RUN apk add --no-cache clang lld file RUN apk add --no-cache clang lld llvm file git
WORKDIR /go/src/github.com/docker/cli WORKDIR /go/src/github.com/docker/cli
FROM build-base-alpine AS build-alpine FROM build-base-alpine AS build-alpine
@ -44,12 +44,14 @@ ARG CGO_ENABLED
ARG VERSION ARG VERSION
RUN --mount=ro --mount=type=cache,target=/root/.cache \ RUN --mount=ro --mount=type=cache,target=/root/.cache \
--mount=from=dockercore/golang-cross:xx-sdk-extras,target=/xx-sdk,src=/xx-sdk \ --mount=from=dockercore/golang-cross:xx-sdk-extras,target=/xx-sdk,src=/xx-sdk \
--mount=type=tmpfs,target=cli/winresources \
xx-go --wrap && \ xx-go --wrap && \
# export GOCACHE=$(go env GOCACHE)/$(xx-info)$([ -f /etc/alpine-release ] && echo "alpine") && \ # export GOCACHE=$(go env GOCACHE)/$(xx-info)$([ -f /etc/alpine-release ] && echo "alpine") && \
TARGET=/out ./scripts/build/binary && \ TARGET=/out ./scripts/build/binary && \
xx-verify $([ "$GO_LINKMODE" = "static" ] && echo "--static") /out/docker xx-verify $([ "$GO_LINKMODE" = "static" ] && echo "--static") /out/docker
FROM build-base-${BASE_VARIANT} AS dev FROM build-base-${BASE_VARIANT} AS dev
COPY . .
FROM scratch AS binary FROM scratch AS binary
COPY --from=build /out . COPY --from=build /out .

View File

@ -5,7 +5,7 @@ These resources are used to provide
* An icon * An icon
* A Windows manifest declaring Windows version support * A Windows manifest declaring Windows version support
The resource object files are generated with go generate. The resource object files are generated when building with scripts/build/binary .
The resource source files are located in scripts/winresources. The resource source files are located in scripts/winresources.
This occurs automatically when you run scripts/build/windows. This occurs automatically when you run scripts/build/windows.
@ -14,5 +14,3 @@ is included.
*/ */
package winresources package winresources
//go:generate ../../scripts/gen/windows-resources

View File

@ -11,7 +11,6 @@ set -eu
: "${GO_BUILDTAGS=}" : "${GO_BUILDTAGS=}"
: "${GO_STRIP=}" : "${GO_STRIP=}"
set -x
. ./scripts/build/.variables . ./scripts/build/.variables
if [ -z "$CGO_ENABLED" ]; then if [ -z "$CGO_ENABLED" ]; then
@ -55,6 +54,23 @@ if [ -n "$GO_STRIP" ]; then
LDFLAGS="$LDFLAGS -s -w" LDFLAGS="$LDFLAGS -s -w"
fi fi
if [ "$(go env GOOS)" = "windows" ]; then
# Generate a Windows file version of the form major,minor,patch,build
VERSION_QUAD=$(printf "%s" "$VERSION" | sed -re 's/^([0-9.]*).*$/\1/' | tr . , | sed -re 's/^[0-9]+$/\0,0/' | sed -re 's/^[0-9]+,[0-9]+$/\0,0/' | sed -re 's/^[0-9]+,[0-9]+,[0-9]+$/\0,0/')
set --
[ -n "$VERSION" ] && set -- "$@" -D "DOCKER_VERSION=\"$VERSION\""
[ -n "$VERSION_QUAD" ] && set -- "$@" -D "DOCKER_VERSION_QUAD=$VERSION_QUAD"
[ -n "$GITCOMMIT" ] && set -- "$@" -D "DOCKER_COMMIT=\"$GITCOMMIT\""
windres=$($(go env CC) --print-prog-name=windres)
target="$(dirname "$0")/../../cli/winresources/rsrc_$(go env GOARCH).syso"
mkdir -p "$(dirname "${target}")"
"$windres" -i "$(dirname "$0")/../winresources/docker.rc" -o "$target" "$@"
echo "package winresources" > "$(dirname "${target}")/stub_windows.go"
fi
echo "Building $GO_LINKMODE $(basename "${TARGET}")" echo "Building $GO_LINKMODE $(basename "${TARGET}")"
export GO111MODULE=auto export GO111MODULE=auto

View File

@ -1,23 +0,0 @@
#!/usr/bin/env bash
#
# Build a windows binary from linux
#
set -eu -o pipefail
source ./scripts/build/.variables
export CC=x86_64-w64-mingw32-gcc
export CGO_ENABLED=1
export GOOS=windows
export GOARCH=amd64
# Override TARGET
TARGET="build/docker-$GOOS-$GOARCH.exe"
echo "Generating windows resources"
go generate ./cli/winresources
echo "Building $TARGET"
# TODO: -tags pkcs11
go build -o "${TARGET}" --ldflags "${LDFLAGS}" "${SOURCE}"

View File

@ -1,45 +0,0 @@
#!/usr/bin/env bash
#
# Compile the Windows resources into the sources
#
set -eu -o pipefail
SCRIPTDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
# shellcheck source=/go/src/github.com/docker/cli/scripts/build/.variables
source "$SCRIPTDIR"/../build/.variables
RESOURCES=$SCRIPTDIR/../winresources
TEMPDIR=$(mktemp -d)
trap 'rm -rf $TEMPDIR' EXIT
if [ "$(go env GOHOSTOS)" = "windows" ]; then
WINDRES=windres
else
# Cross compiling
WINDRES=x86_64-w64-mingw32-windres
fi
# Generate a Windows file version of the form major,minor,patch,build (with any part optional)
VERSION_QUAD=$(printf "%s" "$VERSION" | sed -re 's/^([0-9.]*).*$/\1/' | tr . ,)
# Pass version and commit information into the resource compiler
defs=
[ -n "$VERSION" ] && defs+=( "-D DOCKER_VERSION=\"$VERSION\"")
[ -n "$VERSION_QUAD" ] && defs+=( "-D DOCKER_VERSION_QUAD=$VERSION_QUAD")
[ -n "$GITCOMMIT" ] && defs+=( "-D DOCKER_COMMIT=\"$GITCOMMIT\"")
makeres() {
# shellcheck disable=SC2086
"$WINDRES" \
-i "$RESOURCES/$1" \
-o "$3" \
-F "$2" \
--use-temp-file \
-I "$TEMPDIR" \
${defs[*]}
}
makeres docker.rc pe-x86-64 rsrc_amd64.syso
makeres docker.rc pe-i386 rsrc_386.syso