Skip to content

Commit

Permalink
[chore] build compatible distributions as PIE (open-telemetry#726)
Browse files Browse the repository at this point in the history
* add buildmode=pie for ocb

* add buildmode=pie to goreleaser configure.go and generate ignored builds for distros

* replace repos with jackgopack4 and johnpeterson785 for workflow testing

* fix build id

* Revert "replace repos with jackgopack4 and johnpeterson785 for workflow testing"

This reverts commit 3288ffe.

* update nfpms

* replace repos with jackgopack4 and johnpeterson785 for workflow testing

* try changing package function

* Revert "try changing package function"

This reverts commit 9eb8e7e.

* Revert "update nfpms"

This reverts commit ee6545d.

* consolidate nfpms block

* Revert "replace repos with jackgopack4 and johnpeterson785 for workflow testing"

This reverts commit 30f3152.
  • Loading branch information
jackgopack4 authored Dec 10, 2024
1 parent e9680b2 commit 2dbb61e
Show file tree
Hide file tree
Showing 6 changed files with 294 additions and 19 deletions.
2 changes: 1 addition & 1 deletion cmd/builder/.goreleaser.yml
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ version: 2
builds:
- flags:
- -trimpath
- -buildmode=pie
ldflags:
- -s -w -X go.opentelemetry.io/collector/cmd/builder/internal.version={{ .Version }}
env:
Expand Down Expand Up @@ -136,4 +137,3 @@ sboms:
artifacts: archive
- id: package
artifacts: package

81 changes: 63 additions & 18 deletions cmd/goreleaser/internal/configure.go
Original file line number Diff line number Diff line change
Expand Up @@ -48,8 +48,29 @@ var (
K8sDockerSkipArchs = map[string]bool{"arm": true, "386": true}
K8sGoos = []string{"linux"}
K8sArchs = []string{"amd64", "arm64", "ppc64le", "s390x"}
AlwaysIgnored = map[config.IgnoredBuild]bool{
{Goos: "darwin", Goarch: "386"}: true,
{Goos: "darwin", Goarch: "arm"}: true,
{Goos: "darwin", Goarch: "s390x"}: true,
{Goos: "windows", Goarch: "arm"}: true,
{Goos: "windows", Goarch: "arm64"}: true,
{Goos: "windows", Goarch: "s390x"}: true,
}
)

// Copied from go/src/internal/platform/supported.go, see:
// https://cs.opensource.google/go/go/+/d7fcb5cf80953f1d63246f1ae9defa60c5ce2d76:src/internal/platform/supported.go;l=222
func InternalLinkPIESupported(goos, goarch string) bool {
switch goos + "/" + goarch {
case "android/arm64",
"darwin/amd64", "darwin/arm64",
"linux/amd64", "linux/arm64", "linux/ppc64le",
"windows/386", "windows/amd64", "windows/arm", "windows/arm64":
return true
}
return false
}

func Generate(dist string) config.Project {
return config.Project{
ProjectName: "opentelemetry-collector-releases",
Expand All @@ -75,43 +96,59 @@ func Generate(dist string) config.Project {

func Builds(dist string) []config.Build {
return []config.Build{
Build(dist),
Build(dist, true),
Build(dist, false),
}
}

func generateIgnored(goos, archs []string, pie bool) []config.IgnoredBuild {
ignored := make([]config.IgnoredBuild, 0)
var build config.IgnoredBuild
for _, goos := range goos {
for _, arch := range archs {
build = config.IgnoredBuild{
Goos: goos,
Goarch: arch,
}
if _, ok := AlwaysIgnored[build]; ok || !pie && InternalLinkPIESupported(goos, arch) || pie && !InternalLinkPIESupported(goos, arch) {
ignored = append(ignored, build)
}
}
}
return ignored
}

// Build configures a goreleaser build.
// https://goreleaser.com/customization/build/
func Build(dist string) config.Build {
func Build(dist string, pie bool) config.Build {
var goos []string
var archs []string
var ignore []config.IgnoredBuild
var armVersions []string
id := dist
ldflags := []string{"-s", "-w"}
if pie {
ldflags = append(ldflags, "-buildmode=pie")
id = id + "-pie"
}
if dist == K8sDistro {
goos = K8sGoos
archs = K8sArchs
ignore = make([]config.IgnoredBuild, 0)
armVersions = make([]string, 0)
} else {
goos = []string{"darwin", "linux", "windows"}
archs = Architectures
ignore = []config.IgnoredBuild{
{Goos: "darwin", Goarch: "386"},
{Goos: "darwin", Goarch: "arm"},
{Goos: "darwin", Goarch: "s390x"},
{Goos: "windows", Goarch: "arm"},
{Goos: "windows", Goarch: "arm64"},
{Goos: "windows", Goarch: "s390x"},
}
armVersions = ArmVersions
}
ignore = generateIgnored(goos, archs, pie)
return config.Build{
ID: dist,
ID: id,
Dir: "_build",
Binary: dist,
BuildDetails: config.BuildDetails{
Env: []string{"CGO_ENABLED=0"},
Flags: []string{"-trimpath"},
Ldflags: []string{"-s", "-w"},
Ldflags: ldflags,
},
Goos: goos,
Goarch: archs,
Expand All @@ -122,17 +159,24 @@ func Build(dist string) config.Build {

func Archives(dist string) (r []config.Archive) {
return []config.Archive{
Archive(dist),
Archive(dist, true),
Archive(dist, false),
}
}

// Archive configures a goreleaser archive (tarball).
// https://goreleaser.com/customization/archive/
func Archive(dist string) config.Archive {
func Archive(dist string, pie bool) config.Archive {
id := dist
build := dist
if pie {
id = id + "-pie"
build = build + "-pie"
}
return config.Archive{
ID: dist,
ID: id,
NameTemplate: "{{ .Binary }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}{{ if .Arm }}v{{ .Arm }}{{ end }}{{ if .Mips }}_{{ .Mips }}{{ end }}",
Builds: []string{dist},
Builds: []string{build},
}
}

Expand Down Expand Up @@ -172,6 +216,7 @@ func Packages(dist string) (r []config.NFPM) {
// Package configures goreleaser to build a system package.
// https://goreleaser.com/customization/nfpm/
func Package(dist string) config.NFPM {
buildPie := dist + "-pie"
nfpmContents := config.NFPMContents{
{
Source: fmt.Sprintf("%s.service", dist),
Expand All @@ -192,7 +237,7 @@ func Package(dist string) config.NFPM {
}
return config.NFPM{
ID: dist,
Builds: []string{dist},
Builds: []string{dist, buildPie},
Formats: []string{"deb", "rpm"},

License: "Apache 2.0",
Expand Down
66 changes: 66 additions & 0 deletions distributions/otelcol-contrib/.goreleaser.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,53 @@ msi:
- opentelemetry.ico
- config.yaml
builds:
- id: otelcol-contrib-pie
goos:
- darwin
- linux
- windows
goarch:
- "386"
- amd64
- arm
- arm64
- ppc64le
- s390x
goarm:
- "7"
ignore:
- goos: darwin
goarch: "386"
- goos: darwin
goarch: arm
- goos: darwin
goarch: ppc64le
- goos: darwin
goarch: s390x
- goos: linux
goarch: "386"
- goos: linux
goarch: arm
- goos: linux
goarch: s390x
- goos: windows
goarch: arm
- goos: windows
goarch: arm64
- goos: windows
goarch: ppc64le
- goos: windows
goarch: s390x
dir: _build
binary: otelcol-contrib
ldflags:
- -s
- -w
- -buildmode=pie
flags:
- -trimpath
env:
- CGO_ENABLED=0
- id: otelcol-contrib
goos:
- darwin
Expand All @@ -29,10 +76,24 @@ builds:
ignore:
- goos: darwin
goarch: "386"
- goos: darwin
goarch: amd64
- goos: darwin
goarch: arm
- goos: darwin
goarch: arm64
- goos: darwin
goarch: s390x
- goos: linux
goarch: amd64
- goos: linux
goarch: arm64
- goos: linux
goarch: ppc64le
- goos: windows
goarch: "386"
- goos: windows
goarch: amd64
- goos: windows
goarch: arm
- goos: windows
Expand All @@ -49,6 +110,10 @@ builds:
env:
- CGO_ENABLED=0
archives:
- id: otelcol-contrib-pie
builds:
- otelcol-contrib-pie
name_template: '{{ .Binary }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}{{ if .Arm }}v{{ .Arm }}{{ end }}{{ if .Mips }}_{{ .Mips }}{{ end }}'
- id: otelcol-contrib
builds:
- otelcol-contrib
Expand All @@ -75,6 +140,7 @@ nfpms:
id: otelcol-contrib
builds:
- otelcol-contrib
- otelcol-contrib-pie
formats:
- deb
- rpm
Expand Down
32 changes: 32 additions & 0 deletions distributions/otelcol-k8s/.goreleaser.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,27 @@ project_name: opentelemetry-collector-releases
env:
- COSIGN_YES=true
builds:
- id: otelcol-k8s-pie
goos:
- linux
goarch:
- amd64
- arm64
- ppc64le
- s390x
ignore:
- goos: linux
goarch: s390x
dir: _build
binary: otelcol-k8s
ldflags:
- -s
- -w
- -buildmode=pie
flags:
- -trimpath
env:
- CGO_ENABLED=0
- id: otelcol-k8s
goos:
- linux
Expand All @@ -13,6 +34,13 @@ builds:
- arm64
- ppc64le
- s390x
ignore:
- goos: linux
goarch: amd64
- goos: linux
goarch: arm64
- goos: linux
goarch: ppc64le
dir: _build
binary: otelcol-k8s
ldflags:
Expand All @@ -23,6 +51,10 @@ builds:
env:
- CGO_ENABLED=0
archives:
- id: otelcol-k8s-pie
builds:
- otelcol-k8s-pie
name_template: '{{ .Binary }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}{{ if .Arm }}v{{ .Arm }}{{ end }}{{ if .Mips }}_{{ .Mips }}{{ end }}'
- id: otelcol-k8s
builds:
- otelcol-k8s
Expand Down
Loading

0 comments on commit 2dbb61e

Please sign in to comment.