gitea/tea
gitea/tea
56
129
Fork 64
Code Issues 97 Pull Requests 19 Actions Releases 16 Activity

Makefile: add STATIC=true for static PIE builds #349

Merged
6543 merged 13 commits from noerw/tea:make-static into master 2021-09-23 16:01:07 +00:00
Conversation 5 Commits 13 Files Changed 4 +27 -31
4 changed files with 27 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.dockerignore Normal file
View File

@ -0,0 +1,2 @@
Dockerfile
tea

4
Dockerfile
View File

@ -2,16 +2,16 @@ ARG GOVERSION="1.16.2"
FROM golang:${GOVERSION}-alpine AS buildenv
ARG CGO_ENABLED="0"
ARG GOOS="linux"
COPY . $GOPATH/src/
WORKDIR $GOPATH/src
RUN apk add --quiet --no-cache \
build-base \
make \
git && \
make build
make clean build STATIC=true
FROM scratch
ARG VERSION="0.7.0"

50
Makefile
View File

@ -1,31 +1,15 @@
DIST := dist
IMPORT := code.gitea.io/tea
export GO111MODULE=on
export CGO_ENABLED=0
GO ?= go
SED_INPLACE := sed -i
SHASUM ?= shasum -a 256
export PATH := $($(GO) env GOPATH)/bin:$(PATH)
ifeq ($(OS), Windows_NT)
EXECUTABLE := tea.exe
else
EXECUTABLE := tea
UNAME_S := $(shell uname -s)
ifeq ($(UNAME_S),Darwin)
SED_INPLACE := sed -i ''
endif
endif
GOFILES := $(shell find . -name "*.go" -type f ! -path "./vendor/*" ! -path "*/bindata.go")
GOFMT ?= gofmt -s
GOFLAGS := -i -v
EXTRA_GOFLAGS ?=
MAKE_VERSION := $(shell make -v | head -n 1)
ifneq ($(DRONE_TAG),)
VERSION ?= $(subst v,,$(DRONE_TAG))
TEA_VERSION ?= $(VERSION)
@ -37,25 +21,31 @@ else
endif
TEA_VERSION ?= $(shell git describe --tags --always | sed 's/-/+/' | sed 's/^v//')
endif
TEA_VERSION_TAG ?= $(shell sed 's/+/_/' <<< $(TEA_VERSION))
LDFLAGS := -X "main.Version=$(TEA_VERSION)" -X "main.Tags=$(TAGS)"
TAGS ?=
LDFLAGS := -X "main.Version=$(TEA_VERSION)" -X "main.Tags=$(TAGS)" -s -w
noerw marked this conversation as resolved Outdated
zeripath commented 2021-05-10 13:42:54 +00:00
Outdated
Review
Copy Link

does anything actually use "static_build" as a build tag? There's nothing in go's source that uses that tag and nothing in gitea's vendor tree. Does tea have a dependency that uses that tag - or is this a futureproof thing?

does anything actually use "static_build" as a build tag? There's nothing in go's source that uses that tag and nothing in gitea's vendor tree. Does tea have a dependency that uses that tag - or is this a futureproof thing?
noerw commented 2021-05-10 14:38:39 +00:00
Outdated
Review
Copy Link

I added this as a safety, my only reference is this though. We can drop it or replace it with static as suggested in that thread

I added this as a safety, my only reference is [this](https://github.com/golang/go/issues/26492#issuecomment-407336850) though. We can drop it or replace it with `static` as suggested in that thread
zeripath commented 2021-05-10 20:20:55 +00:00
Outdated
Review
Copy Link

no it's fine but perhaps just add a comment in the makefile referencing why you've added it - so that we know where it has come from in case it causes trouble.

no it's fine but perhaps just add a comment in the makefile referencing why you've added it - so that we know where it has come from in case it causes trouble.
ifeq ($(STATIC),true)
# NOTE: clean up this mess, when https://github.com/golang/go/issues/26492 is resolved
zeripath commented 2021-05-10 13:48:04 +00:00
Outdated
Review
Copy Link

It's usually nicer to have something like:

LDFLAGS := $(LDFLAGS) -X "main.Version=$(TEA_VERSION)" -X "main.Tags=$(TAGS)" -s -w

as that allows people to adjust and add to the LDFLAGS at make time.

It's usually nicer to have something like: ``` LDFLAGS := $(LDFLAGS) -X "main.Version=$(TEA_VERSION)" -X "main.Tags=$(TAGS)" -s -w ``` as that allows people to adjust and add to the LDFLAGS at make time.
noerw commented 2021-05-10 15:44:41 +00:00
Outdated
Review
Copy Link

good point, will add that

good point, will add that
noerw commented 2021-05-10 20:39:57 +00:00
Outdated
Review
Copy Link

I managed to add this for GOFLAGS, but for LDFLAGS I didn't find a syntax that didn't either

  • reset the variable completely, when values are specified on the CLI
  • ignore overrides from the STATIC == true if clause

If you know how, I'm happy to add that

I managed to add this for `GOFLAGS`, but for `LDFLAGS` I didn't find a syntax that didn't either - reset the variable completely, when values are specified on the CLI - ignore overrides from the STATIC == true if clause If you know how, I'm happy to add that
# static_build is a defacto standard tag used in go packages
TAGS := osusergo,netgo,static_build,$(TAGS)
LDFLAGS := $(LDFLAGS) -linkmode=external -extldflags "-static-pie" -X "main.Tags=$(TAGS)"
export CGO_ENABLED=1 # needed for linkmode=external
endif
zeripath marked this conversation as resolved Outdated
zeripath commented 2021-05-10 13:45:52 +00:00
Outdated
Review
Copy Link

it's interesting that you've included the "-fno-PIC -static" extldflags but I see you have CGO_ENABLED=0 so I don't think these will ever actually get called.

it's interesting that you've included the "-fno-PIC -static" extldflags but I see you have CGO_ENABLED=0 so I don't think these will ever actually get called.
noerw commented 2021-05-10 15:45:12 +00:00
Outdated
Review
Copy Link

You're right, -extldflags isn't used due to missing -linkmode=external. Will check how to resolve that.
But your assumption is wrong; -linkmode=external works with CGO_ENABLED=0

edit: actually under some conditions go build implicilty sets linkmode=external, so these options are used after all.

You're right, `-extldflags` isn't used due to missing `-linkmode=external`. Will check how to resolve that. But your assumption is wrong; `-linkmode=external` works with `CGO_ENABLED=0` edit: actually under some conditions `go build` implicilty sets linkmode=external, so these options are used after all.
zeripath commented 2021-05-10 20:21:36 +00:00
Outdated
Review
Copy Link

Cool thanks for checking.

Cool thanks for checking.
# override to allow passing additional goflags via make CLI
override GOFLAGS := $(GOFLAGS) -mod=vendor -tags '$(TAGS)' -ldflags '$(LDFLAGS)'
PACKAGES ?= $(shell $(GO) list ./... | grep -v /vendor/)
SOURCES ?= $(shell find . -name "*.go" -type f)
TAGS ?=
ifeq ($(OS), Windows_NT)
EXECUTABLE := tea.exe
else
EXECUTABLE := tea
endif
# $(call strip-suffix,filename)
strip-suffix = $(firstword $(subst ., ,$(1)))
.PHONY: all
all: build
@ -132,14 +122,18 @@ test-vendor: vendor
check: test
.PHONY: install
install: $(wildcard *.go)
$(GO) install -mod=vendor -v -tags '$(TAGS)' -ldflags '-s -w $(LDFLAGS)'
install: $(SOURCES)
@echo "installing to $(GOPATH)/bin/$(EXECUTABLE)"
$(GO) install -v -buildmode=pie $(GOFLAGS)
.PHONY: build
build: $(EXECUTABLE)
$(EXECUTABLE): $(SOURCES)
$(GO) build -mod=vendor $(GOFLAGS) $(EXTRA_GOFLAGS) -tags '$(TAGS)' -ldflags '-s -w $(LDFLAGS)' -o $@
ifeq ($(STATIC),true)
@echo "enabling static build, make sure you have glibc-static (or equivalent) installed"
endif
$(GO) build -buildmode=pie $(GOFLAGS) -o $@
.PHONY: build-image
build-image:
@ -157,7 +151,7 @@ release-os:
@hash gox > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
cd /tmp && $(GO) get -u github.com/mitchellh/gox; \
fi
noerw marked this conversation as resolved Outdated
techknowlogick commented 2021-05-10 20:41:39 +00:00
Outdated
Review
Copy Link

Should/could darwin/arm64 be added in (either via this PR or another)?

Should/could darwin/arm64 be added in (either via this PR or another)?
noerw commented 2021-05-10 21:03:23 +00:00
Outdated
Review
Copy Link

I created another PR #360

I created another PR https://gitea.com/gitea/tea/pulls/360
CGO_ENABLED=0 gox -verbose -cgo=false -tags '$(TAGS)' -ldflags '-s -w $(LDFLAGS)' -osarch='!darwin/386 !darwin/arm' -os="windows linux darwin" -arch="386 amd64 arm arm64" -output="$(DIST)/release/tea-$(VERSION)-{{.OS}}-{{.Arch}}"
CGO_ENABLED=0 gox -verbose -cgo=false $(GOFLAGS) -osarch='!darwin/386 !darwin/arm' -os="windows linux darwin" -arch="386 amd64 arm arm64" -output="$(DIST)/release/tea-$(VERSION)-{{.OS}}-{{.Arch}}"
.PHONY: release-compress
release-compress:

2
README.md
View File

@ -100,7 +100,7 @@ To compile the sources yourself run the following:
```sh
git clone https://gitea.com/gitea/tea.git
cd tea
make
make STATIC=true
6543 commented 2021-08-12 15:20:21 +00:00
Review
Copy Link

not STATIC=true make ?

not `STATIC=true make` ?
```
## Contributing