The `.variables` sets `CGO_ENABLED=1` on arm; b0c41b78d8/scripts/build/.variables (L57-L68)
And if enabled, it sets `-buildmode=pie`; b0c41b78d8/scripts/build/.variables (L79-L88)
But that looks to be conflicting with the hardcoded `CGO_ENABLED=0` in
this script, which causes the build to fail on go1.22;
> [build-plugins 1/1] RUN --mount=ro --mount=type=cache,target=/root/.cache xx-go --wrap && TARGET=/out ./scripts/build/plugins e2e/cli-plugins/plugins/*:
0.127 Building static docker-helloworld
0.127 + CGO_ENABLED=0
0.127 + GO111MODULE=auto
0.127 + go build -o /out/plugins-linux-arm/docker-helloworld -tags ' osusergo' -ldflags ' -X "github.com/docker/cli/cli/version.GitCommit=5c123b1" -X "github.com/docker/cli/cli/version.BuildTime=2024-09-02T13:52:17Z" -X "github.com/docker/cli/cli/version.Version=pr-5387" -extldflags -static' -buildmode=pie github.com/docker/cli/cli-plugins/examples/helloworld
0.135 -buildmode=pie requires external (cgo) linking, but cgo is not enabled
This patch sets the CGO_ENABLED variable before sourcing `.variables`,
so that other variables which are conditionally set are handled correctly.
Before this PR:
#18 [build-plugins 1/1] RUN --mount=ro --mount=type=cache,target=/root/.cache xx-go --wrap && TARGET=/out ./scripts/build/plugins e2e/cli-plugins/plugins/*
#18 0.123 Building static docker-helloworld
#18 0.124 + CGO_ENABLED=0
#18 0.124 + GO111MODULE=auto
#18 0.124 + go build -o /out/plugins-linux-arm/docker-helloworld -tags ' osusergo' -ldflags ' -X "github.com/docker/cli/cli/version.GitCommit=c8c402e" -X "github.com/docker/cli/cli/version.BuildTime=2024-09-03T08:28:25Z" -X "github.com/docker/cli/cli/version.Version=pr-5381" -extldflags -static' -buildmode=pie github.com/docker/cli/cli-plugins/examples/helloworld
....
With this PR:
#18 [build-plugins 1/1] RUN --mount=ro --mount=type=cache,target=/root/.cache xx-go --wrap && TARGET=/out ./scripts/build/plugins e2e/cli-plugins/plugins/*
#18 0.110 Building static docker-helloworld
#18 0.110 + GO111MODULE=auto
#18 0.110 + go build -o /out/plugins-linux-arm/docker-helloworld -tags '' -ldflags ' -X "github.com/docker/cli/cli/version.GitCommit=050d9d6" -X "github.com/docker/cli/cli/version.BuildTime=2024-09-03T09:19:05Z" -X "github.com/docker/cli/cli/version.Version=pr-5387"' github.com/docker/cli/cli-plugins/examples/helloworld
....
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Transform `VERSION` variable if it contains a git ref.
This is the same as moby does (with "<<<" bashism removed).
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
This was introduced in 9d40c7464e, which added
support for `SOURCE_DATE_EPOCH` to override the build-time.
macOS uses the BSD flavor of `date`, which does not support the `--date` option
to set a custom time.
Before this:
DISABLE_WARN_OUTSIDE_CONTAINER=1 make binary
./scripts/build/binary
date: illegal option -- -
usage: date [-jnRu] [-d dst] [-r seconds] [-t west] [-v[+|-]val[ymwdHMS]] ...
[-f fmt date | [[[mm]dd]HH]MM[[cc]yy][.ss]] [+format]
After this:
DISABLE_WARN_OUTSIDE_CONTAINER=1 make binary
./scripts/build/binary
Building static docker-darwin-amd64
+ go build -o build/docker-darwin-amd64 -tags ' osusergo pkcs11' -ldflags ' -w -X "github.com/docker/cli/cli/version.GitCommit=a4b6fe16a" -X "github.com/docker/cli/cli/version.BuildTime=2022-04-06T10:57:25Z" -X "github.com/docker/cli/cli/version.Version=20.10.2-589-ga4b6fe16a.m"' -buildmode=pie github.com/docker/cli/cmd/docker
...
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
When building on Fedora 36, the build failed. I suspect this is because the
rpm tools also set LDFLAGS, but with options that cannot be used;
GO_LINKMODE=dynamic
+ ./scripts/build/binary
/go/src/github.com/docker/cli ~/rpmbuild/BUILD/src
Building dynamic docker-linux-arm64
+ go build -o build/docker-linux-arm64 -tags ' pkcs11' -ldflags '-Wl,-z,relro -Wl,--as-needed -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -Wl,--build-id=sha1 -Wl,-dT,/root/rpmbuild/BUILD/src/.package_note-docker-ce-cli-0.0.0.20220330082637.68cad50-0.fc36.aarch64.ld -w -X "github.com/docker/cli/cli/version.GitCommit=68cad50" -X "github.com/docker/cli/cli/version.BuildTime=2022-03-30T20:05:36Z" -X "github.com/docker/cli/cli/version.Version=0.0.0-20220330082637-68cad50" -X "github.com/docker/cli/cli/version.PlatformName=Docker Engine - Community"' -buildmode=pie github.com/docker/cli/cmd/docker
# github.com/docker/cli/cmd/docker
flag provided but not defined: -Wl,-z,relro
usage: link [options] main.o
This patch changes the variable we use to `GO_LDFLAGS`, taking a similar approach
as containerd, and various other projects using this name: https://grep.app/search?q=GO_LDFLAGS
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The COMPANY_NAME currently sets the "CompanyName" field in the metadata
of Windows binaries. Our intent of this field is this field to contain
information about the company/party that produced the binary.
Also from [FileVersionInfo.CompanyName][FileVersionInfo.CompanyName]:
> Gets the name of the company that produced the file
Based on the above, "PACKAGER_NAME" is a bit more generic, and clearer
on intent, and we may at some point re-use this same information to
propagate equivalent fields on other platforms (rpms, debs)
[FileVersionInfo.CompanyName]: https://docs.microsoft.com/en-us/dotnet/api/system.diagnostics.fileversioninfo.companyname
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Our previous CI probably did not cross-compile for s390x and ppc64le,
and therefore did not get these errors; the scripts/build/.variables
file sets CGO_ENABLED=1 for amd64|arm64|arm|s390x architectures if
it's not set;
87b8e57868/scripts/build/.variables (L34-L46)
When compiling statically with CGO enabled, we must have osusergo
enabled as well, so set it accordingly, to prevent;
#53 [linux/amd64 build 2/2] RUN --mount=type=bind,target=.,ro --mount=type=cache,target=/root/.cache --mount=from=dockercore/golang-cross:xx-sdk-extras,target=/xx-sdk,src=/xx-sdk --mount=type=tmpfs,target=cli/winresources xx-go --wrap && TARGET=/out ./scripts/build/binary && xx-verify $([ "static" = "static" ] && echo "--static") /out/docker
#53 953.6 # github.com/docker/cli/cmd/docker
#53 953.6 /usr/bin/s390x-linux-gnu-ld: /tmp/go-link-2402600021/000022.o: in function `New':
#53 953.6 /go/src/github.com/docker/cli/vendor/github.com/miekg/pkcs11/pkcs11.go:75: warning: Using 'dlopen' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
#53 953.6 /usr/bin/s390x-linux-gnu-ld: /tmp/go-link-2402600021/000018.o: in function `mygetgrouplist':
#53 953.6 /usr/local/go/src/os/user/getgrouplist_unix.go:18: warning: Using 'getgrouplist' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
#53 953.6 /usr/bin/s390x-linux-gnu-ld: /tmp/go-link-2402600021/000017.o: in function `mygetgrgid_r':
#53 953.6 /usr/local/go/src/os/user/cgo_lookup_unix.go:40: warning: Using 'getgrgid_r' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
#53 953.6 /usr/bin/s390x-linux-gnu-ld: /tmp/go-link-2402600021/000017.o: in function `mygetgrnam_r':
#53 953.6 /usr/local/go/src/os/user/cgo_lookup_unix.go:45: warning: Using 'getgrnam_r' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
#53 953.6 /usr/bin/s390x-linux-gnu-ld: /tmp/go-link-2402600021/000017.o: in function `mygetpwnam_r':
#53 953.6 /usr/local/go/src/os/user/cgo_lookup_unix.go:35: warning: Using 'getpwnam_r' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
#53 953.6 /usr/bin/s390x-linux-gnu-ld: /tmp/go-link-2402600021/000017.o: in function `mygetpwuid_r':
#53 953.6 /usr/local/go/src/os/user/cgo_lookup_unix.go:30: warning: Using 'getpwuid_r' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
#53 953.6 /usr/bin/s390x-linux-gnu-ld: /tmp/go-link-2402600021/000004.o: in function `_cgo_3c1cec0c9a4e_C2func_getaddrinfo':
#53 953.6 /tmp/go-build/cgo-gcc-prolog:58: warning: Using 'getaddrinfo' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Keeping the dockerfiles/Dockerfile.cross image at 1.13, as we don't
have more current versions of that image. However, I don't think it's
still used, so we should remove it.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This allows setting WINDRES to mingw's windres.
For the record, mingw's windres needs --use-temp-file for a weird reason:
in that case, it keeps preprocessor arguments intact (including quotes),
without it, mingw's windres calls popen, which happens to pass the entire
command to sh -c, stripping quotes after evaluation and causing a syntax
error in mingw's windres.
To use mingw's windres, set WINDRES to:
- `x86_64-w64-mingw32-windres` on 64 bit
- `i686-w64-mingw32-windres` on 32 bit
Signed-off-by: Tibor Vass <tibor@docker.com>
When the git checkout is dirty on top of a git tag (i.e., v20.10.6.m),
the VERSION_QUAD was keeping a trailing comma.
Now the trailing comma is stripped.
Signed-off-by: Tibor Vass <tibor@docker.com>
New solution is not hardcoded to amd64 but integrates
with the cross toolchain and support creating arm binaries.
Go has been updated so that ASLR works
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
Using cross compilation toolchains that work from any platform
Adds darwin/arm64 support and bake targets. Static and dynamic
binary targets are available, both with glibc and musl.
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
Repeated builds of docker is currently unreproducible as the embedded
time does not support SOURCE_DATE_EPOCH. This patch ensures we check for
the defined variable before utilizing current date.
This has been fixed previously with manpages as well
2d7091aaeb
Signed-off-by: Morten Linderud <morten@linderud.pw>
macOS doesn't ship with the GNU version of `date`, which
causes the command to fail if the `--rfc-3339 ns` format option
is used.
Given that we don't need the build-time with nanosecond precision,
this patch changes the format used, so that the CLI binary can be
built on the host (outside of a container);
Before this change, `make binary` would fail:
DISABLE_WARN_OUTSIDE_CONTAINER=1 make binary
WARNING: binary creates a Linux executable. Use cross for macOS or Windows.
./scripts/build/binary
make: *** [binary] Error 1
With this change, the binary can be built on the host:
DISABLE_WARN_OUTSIDE_CONTAINER=1 make binary
WARNING: binary creates a Linux executable. Use cross for macOS or Windows.
./scripts/build/binary
Building statically linked build/docker-darwin-amd64
While the previous version formatted (and parsed) the date with nanoseconds precision,
that level of precision is not actually used;
```go
func reformatDate(buildTime string) string {
t, errTime := time.Parse(time.RFC3339Nano, buildTime)
if errTime == nil {
return t.Format(time.ANSIC)
}
return buildTime
}
```
Both the old, and new input will yield the same output:
```go
fmt.Println(reformatDate("2019-12-31T13:41:44.846741804+00:00"))
// Tue Dec 31 13:41:44 2019
fmt.Println(reformatDate("2019-12-31T13:41:44Z"))
// Tue Dec 31 13:41:44 2019
```
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This just makes it easier to build a targeted binary for the
goos/goach/goarm version.
This of course will not work for all cases but is nice to get things
going.
Specifically cross-compiling pkcs for yubikey support requires some
extra work whichis not tackled here.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
To help with this add a bad plugin which produces invalid metadata and arrange
for it to be built in the e2e container.
Signed-off-by: Ian Campbell <ijc@docker.com>
That is, the helper to be used from the plugin's `main`.
Also add a `helloworld` plugin example and build integration.
Signed-off-by: Ian Campbell <ijc@docker.com>
This helps to avoid circular includes, by separating the pure data out from the
actual functionality in the cli subpackage, allowing other code which is
imported to access the data.
Signed-off-by: Ian Campbell <ijc@docker.com>
In case go build will see a need to call C++ (rather than C)
compiler, CXX env var need to be properly set (to osxcross wrapper).
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
Make all dynbinary builds be position-independent (this adds both
security benefits and can help with flaky builds on POWER
architectures).
Signed-off-by: Aleksa Sarai <asarai@suse.de>
The Server section of version output is now composed of an Engine
component and potentially more, based on what the /version endpoint
returns.
Signed-off-by: Tibor Vass <tibor@docker.com>
Remove referenced to developing on the host, we shouldn't support it.
Move script/validate to scripts/validate to be consistent.
Set the default target to be binary instead of clean.
Signed-off-by: Daniel Nephin <dnephin@docker.com>
- The cli version defaults to "unknown-version" unless set via the VERSION env var
- The commit version can be overridden via GITCOMMIT env var
- The build time can be overridden via BUILDTIME env var
Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>