This is an automated email from the ASF dual-hosted git repository.
ccondit pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/yunikorn-k8shim.git
The following commit(s) were added to refs/heads/master by this push:
new c7709259 [YUNIKORN-2485] Shim: Use Docker to build reproducible
binaries (#803)
c7709259 is described below
commit c770925920dc0d37d85ec886a65cf5c26c6899fe
Author: Craig Condit <[email protected]>
AuthorDate: Fri Mar 15 09:34:10 2024 -0500
[YUNIKORN-2485] Shim: Use Docker to build reproducible binaries (#803)
Introduces a build var (REPRODUCIBLE_BUILDS=1) to force building
binaries using Docker. This results in builds with a consistent
environment every time.
Closes: #803
---
.gitignore | 1 +
.go_repro_version | 1 +
Makefile | 44 ++++++++++++++++++++++++++++++++++++++++++++
3 files changed, 46 insertions(+)
diff --git a/.gitignore b/.gitignore
index 6e05738d..efb52922 100644
--- a/.gitignore
+++ b/.gitignore
@@ -11,4 +11,5 @@
*.crt
*.key
*.test
+*.swp
/build.date
diff --git a/.go_repro_version b/.go_repro_version
new file mode 100644
index 00000000..428abfd2
--- /dev/null
+++ b/.go_repro_version
@@ -0,0 +1 @@
+1.21.8
diff --git a/Makefile b/Makefile
index 45fb4f4e..e803390b 100644
--- a/Makefile
+++ b/Makefile
@@ -74,6 +74,14 @@ else
PLUGIN_OPTS :=
endif
+# Reproducible builds mode
+GO_REPRO_VERSION := $(shell cat .go_repro_version)
+ifeq ($(REPRODUCIBLE_BUILDS),1)
+ REPRO := 1
+else
+ REPRO :=
+endif
+
# Build date - Use git commit, then cached build.date, finally current date
# This allows for reproducible builds as long as release tarball contains the
build.date file.
DATE := $(shell if [ -d "$(BASE_DIR)/.git" ]; then TZ=UTC0 git --no-pager log
-1 --date=iso8601-strict-local --format=%cd 2>/dev/null ; fi || true)
@@ -392,6 +400,17 @@ scheduler: $(RELEASE_BIN_DIR)/$(SCHEDULER_BINARY)
$(RELEASE_BIN_DIR)/$(SCHEDULER_BINARY): go.mod go.sum $(shell find pkg)
@echo "building binary for scheduler docker image"
@mkdir -p "$(RELEASE_BIN_DIR)"
+ifeq ($(REPRO),1)
+ docker run -t --rm=true --volume "$(BASE_DIR):/buildroot"
"golang:$(GO_REPRO_VERSION)" sh -c "cd /buildroot && \
+ CGO_ENABLED=0 GOOS=linux GOARCH=\"${EXEC_ARCH}\" go build \
+ -a \
+ -o=${RELEASE_BIN_DIR}/${SCHEDULER_BINARY} \
+ -trimpath \
+ -ldflags '-buildid= -extldflags \"-static\" -X
${FLAG_PREFIX}.buildVersion=${VERSION} -X ${FLAG_PREFIX}.buildDate=${DATE} -X
${FLAG_PREFIX}.isPluginVersion=false -X
${FLAG_PREFIX}.goVersion=${GO_REPRO_VERSION} -X
${FLAG_PREFIX}.arch=${EXEC_ARCH} -X ${FLAG_PREFIX}.coreSHA=${CORE_SHA} -X
${FLAG_PREFIX}.siSHA=${SI_SHA} -X ${FLAG_PREFIX}.shimSHA=${SHIM_SHA}' \
+ -tags netgo \
+ -installsuffix netgo \
+ ./pkg/cmd/shim/"
+else
CGO_ENABLED=0 GOOS=linux GOARCH="${EXEC_ARCH}" "$(GO)" build \
-a \
-o=${RELEASE_BIN_DIR}/${SCHEDULER_BINARY} \
@@ -400,6 +419,7 @@ $(RELEASE_BIN_DIR)/$(SCHEDULER_BINARY): go.mod go.sum
$(shell find pkg)
-tags netgo \
-installsuffix netgo \
./pkg/cmd/shim/
+endif
# Build plugin binary in a production ready version
.PHONY: plugin
@@ -408,6 +428,17 @@ plugin: $(RELEASE_BIN_DIR)/$(PLUGIN_BINARY)
$(RELEASE_BIN_DIR)/$(PLUGIN_BINARY): go.mod go.sum $(shell find pkg)
@echo "building binary for plugin docker image"
@mkdir -p "$(RELEASE_BIN_DIR)"
+ifeq ($(REPRO),1)
+ docker run -t --rm=true --volume "$(BASE_DIR):/buildroot"
"golang:$(GO_REPRO_VERSION)" sh -c "cd /buildroot && \
+ CGO_ENABLED=0 GOOS=linux GOARCH=\"${EXEC_ARCH}\" go build \
+ -a \
+ -o=${RELEASE_BIN_DIR}/${PLUGIN_BINARY} \
+ -trimpath \
+ -ldflags '-buildid= -extldflags \"-static\" -X
${FLAG_PREFIX}.buildVersion=${VERSION} -X ${FLAG_PREFIX}.buildDate=${DATE} -X
${FLAG_PREFIX}.isPluginVersion=true -X
${FLAG_PREFIX}.goVersion=${GO_REPRO_VERSION} -X
${FLAG_PREFIX}.arch=${EXEC_ARCH} -X ${FLAG_PREFIX}.coreSHA=${CORE_SHA} -X
${FLAG_PREFIX}.siSHA=${SI_SHA} -X ${FLAG_PREFIX}.shimSHA=${SHIM_SHA}' \
+ -tags netgo \
+ -installsuffix netgo \
+ ./pkg/cmd/schedulerplugin/"
+else
CGO_ENABLED=0 GOOS=linux GOARCH="${EXEC_ARCH}" "$(GO)" build \
-a \
-o=${RELEASE_BIN_DIR}/${PLUGIN_BINARY} \
@@ -416,6 +447,7 @@ $(RELEASE_BIN_DIR)/$(PLUGIN_BINARY): go.mod go.sum $(shell
find pkg)
-tags netgo \
-installsuffix netgo \
./pkg/cmd/schedulerplugin/
+endif
# Build a scheduler image based on the production ready version
.PHONY: sched_image
@@ -465,6 +497,17 @@ admission:
$(RELEASE_BIN_DIR)/$(ADMISSION_CONTROLLER_BINARY)
$(RELEASE_BIN_DIR)/$(ADMISSION_CONTROLLER_BINARY): go.mod go.sum $(shell find
pkg)
@echo "building admission controller binary"
@mkdir -p "$(RELEASE_BIN_DIR)"
+ifeq ($(REPRO),1)
+ docker run -t --rm=true --volume "$(BASE_DIR):/buildroot"
"golang:$(GO_REPRO_VERSION)" sh -c "cd /buildroot && \
+ CGO_ENABLED=0 GOOS=linux GOARCH=\"${EXEC_ARCH}\" go build \
+ -a \
+ -o=$(RELEASE_BIN_DIR)/$(ADMISSION_CONTROLLER_BINARY) \
+ -trimpath \
+ -ldflags '-buildid= -extldflags \"-static\" -X
${FLAG_PREFIX}.buildVersion=${VERSION} -X ${FLAG_PREFIX}.buildDate=${DATE} -X
${FLAG_PREFIX}.goVersion=${GO_REPRO_VERSION} -X
${FLAG_PREFIX}.arch=${EXEC_ARCH}' \
+ -tags netgo \
+ -installsuffix netgo \
+ ./pkg/cmd/admissioncontroller"
+else
CGO_ENABLED=0 GOOS=linux GOARCH="${EXEC_ARCH}" "$(GO)" build \
-a \
-o=$(RELEASE_BIN_DIR)/$(ADMISSION_CONTROLLER_BINARY) \
@@ -473,6 +516,7 @@ $(RELEASE_BIN_DIR)/$(ADMISSION_CONTROLLER_BINARY): go.mod
go.sum $(shell find pk
-tags netgo \
-installsuffix netgo \
./pkg/cmd/admissioncontroller
+endif
# Build an admission controller image based on the production ready version
.PHONY: adm_image
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
