Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[chore] build compatible distributions as PIE #726

Merged
merged 12 commits into from
Dec 10, 2024
Merged
2 changes: 1 addition & 1 deletion cmd/builder/.goreleaser.yml
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ version: 2
builds:
- flags:
- -trimpath
- -buildmode=pie
ldflags:
- -s -w -X go.opentelemetry.io/collector/cmd/builder/internal.version={{ .Version }}
env:
Expand Down Expand Up @@ -136,4 +137,3 @@ sboms:
artifacts: archive
- id: package
artifacts: package

81 changes: 63 additions & 18 deletions cmd/goreleaser/internal/configure.go
Original file line number Diff line number Diff line change
Expand Up @@ -48,8 +48,29 @@ var (
K8sDockerSkipArchs = map[string]bool{"arm": true, "386": true}
K8sGoos = []string{"linux"}
K8sArchs = []string{"amd64", "arm64", "ppc64le", "s390x"}
AlwaysIgnored = map[config.IgnoredBuild]bool{
{Goos: "darwin", Goarch: "386"}: true,
{Goos: "darwin", Goarch: "arm"}: true,
{Goos: "darwin", Goarch: "s390x"}: true,
{Goos: "windows", Goarch: "arm"}: true,
{Goos: "windows", Goarch: "arm64"}: true,
{Goos: "windows", Goarch: "s390x"}: true,
}
)

// Copied from go/src/internal/platform/supported.go, see:
// https://cs.opensource.google/go/go/+/d7fcb5cf80953f1d63246f1ae9defa60c5ce2d76:src/internal/platform/supported.go;l=222
func InternalLinkPIESupported(goos, goarch string) bool {
switch goos + "/" + goarch {
case "android/arm64",
"darwin/amd64", "darwin/arm64",
"linux/amd64", "linux/arm64", "linux/ppc64le",
"windows/386", "windows/amd64", "windows/arm", "windows/arm64":
return true
}
return false
}

func Generate(dist string) config.Project {
return config.Project{
ProjectName: "opentelemetry-collector-releases",
Expand All @@ -75,43 +96,59 @@ func Generate(dist string) config.Project {

func Builds(dist string) []config.Build {
return []config.Build{
Build(dist),
Build(dist, true),
Build(dist, false),
}
}

func generateIgnored(goos, archs []string, pie bool) []config.IgnoredBuild {
ignored := make([]config.IgnoredBuild, 0)
var build config.IgnoredBuild
for _, goos := range goos {
for _, arch := range archs {
build = config.IgnoredBuild{
Goos: goos,
Goarch: arch,
}
if _, ok := AlwaysIgnored[build]; ok || !pie && InternalLinkPIESupported(goos, arch) || pie && !InternalLinkPIESupported(goos, arch) {
ignored = append(ignored, build)
}
}
}
return ignored
}

// Build configures a goreleaser build.
// https://goreleaser.com/customization/build/
func Build(dist string) config.Build {
func Build(dist string, pie bool) config.Build {
var goos []string
var archs []string
var ignore []config.IgnoredBuild
var armVersions []string
id := dist
ldflags := []string{"-s", "-w"}
if pie {
ldflags = append(ldflags, "-buildmode=pie")
id = id + "-pie"
}
if dist == K8sDistro {
goos = K8sGoos
archs = K8sArchs
ignore = make([]config.IgnoredBuild, 0)
armVersions = make([]string, 0)
} else {
goos = []string{"darwin", "linux", "windows"}
archs = Architectures
ignore = []config.IgnoredBuild{
{Goos: "darwin", Goarch: "386"},
{Goos: "darwin", Goarch: "arm"},
{Goos: "darwin", Goarch: "s390x"},
{Goos: "windows", Goarch: "arm"},
{Goos: "windows", Goarch: "arm64"},
{Goos: "windows", Goarch: "s390x"},
}
armVersions = ArmVersions
}
ignore = generateIgnored(goos, archs, pie)
return config.Build{
ID: dist,
ID: id,
Dir: "_build",
Binary: dist,
BuildDetails: config.BuildDetails{
Env: []string{"CGO_ENABLED=0"},
Flags: []string{"-trimpath"},
Ldflags: []string{"-s", "-w"},
Ldflags: ldflags,
},
Goos: goos,
Goarch: archs,
Expand All @@ -122,17 +159,24 @@ func Build(dist string) config.Build {

func Archives(dist string) (r []config.Archive) {
return []config.Archive{
Archive(dist),
Archive(dist, true),
Archive(dist, false),
}
}

// Archive configures a goreleaser archive (tarball).
// https://goreleaser.com/customization/archive/
func Archive(dist string) config.Archive {
func Archive(dist string, pie bool) config.Archive {
id := dist
build := dist
if pie {
id = id + "-pie"
build = build + "-pie"
}
return config.Archive{
ID: dist,
ID: id,
NameTemplate: "{{ .Binary }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}{{ if .Arm }}v{{ .Arm }}{{ end }}{{ if .Mips }}_{{ .Mips }}{{ end }}",
Builds: []string{dist},
Builds: []string{build},
}
}

Expand Down Expand Up @@ -172,6 +216,7 @@ func Packages(dist string) (r []config.NFPM) {
// Package configures goreleaser to build a system package.
// https://goreleaser.com/customization/nfpm/
func Package(dist string) config.NFPM {
buildPie := dist + "-pie"
nfpmContents := config.NFPMContents{
{
Source: fmt.Sprintf("%s.service", dist),
Expand All @@ -192,7 +237,7 @@ func Package(dist string) config.NFPM {
}
return config.NFPM{
ID: dist,
Builds: []string{dist},
Builds: []string{dist, buildPie},
Formats: []string{"deb", "rpm"},

License: "Apache 2.0",
Expand Down
66 changes: 66 additions & 0 deletions distributions/otelcol-contrib/.goreleaser.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,53 @@ msi:
- opentelemetry.ico
- config.yaml
builds:
- id: otelcol-contrib-pie
goos:
- darwin
- linux
- windows
goarch:
- "386"
- amd64
- arm
- arm64
- ppc64le
- s390x
goarm:
- "7"
ignore:
- goos: darwin
goarch: "386"
- goos: darwin
goarch: arm
- goos: darwin
goarch: ppc64le
- goos: darwin
goarch: s390x
- goos: linux
goarch: "386"
- goos: linux
goarch: arm
- goos: linux
goarch: s390x
- goos: windows
goarch: arm
- goos: windows
goarch: arm64
- goos: windows
goarch: ppc64le
- goos: windows
goarch: s390x
dir: _build
binary: otelcol-contrib
ldflags:
- -s
- -w
- -buildmode=pie
flags:
- -trimpath
env:
- CGO_ENABLED=0
- id: otelcol-contrib
goos:
- darwin
Expand All @@ -29,10 +76,24 @@ builds:
ignore:
- goos: darwin
goarch: "386"
- goos: darwin
goarch: amd64
- goos: darwin
goarch: arm
- goos: darwin
goarch: arm64
- goos: darwin
goarch: s390x
- goos: linux
goarch: amd64
- goos: linux
goarch: arm64
- goos: linux
goarch: ppc64le
- goos: windows
goarch: "386"
- goos: windows
goarch: amd64
- goos: windows
goarch: arm
- goos: windows
Expand All @@ -49,6 +110,10 @@ builds:
env:
- CGO_ENABLED=0
archives:
- id: otelcol-contrib-pie
builds:
- otelcol-contrib-pie
name_template: '{{ .Binary }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}{{ if .Arm }}v{{ .Arm }}{{ end }}{{ if .Mips }}_{{ .Mips }}{{ end }}'
- id: otelcol-contrib
builds:
- otelcol-contrib
Expand All @@ -75,6 +140,7 @@ nfpms:
id: otelcol-contrib
builds:
- otelcol-contrib
- otelcol-contrib-pie
formats:
- deb
- rpm
Expand Down
32 changes: 32 additions & 0 deletions distributions/otelcol-k8s/.goreleaser.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,27 @@ project_name: opentelemetry-collector-releases
env:
- COSIGN_YES=true
builds:
- id: otelcol-k8s-pie
goos:
- linux
goarch:
- amd64
- arm64
- ppc64le
- s390x
ignore:
- goos: linux
goarch: s390x
dir: _build
binary: otelcol-k8s
ldflags:
- -s
- -w
- -buildmode=pie
flags:
- -trimpath
env:
- CGO_ENABLED=0
- id: otelcol-k8s
goos:
- linux
Expand All @@ -13,6 +34,13 @@ builds:
- arm64
- ppc64le
- s390x
ignore:
- goos: linux
goarch: amd64
- goos: linux
goarch: arm64
- goos: linux
goarch: ppc64le
dir: _build
binary: otelcol-k8s
ldflags:
Expand All @@ -23,6 +51,10 @@ builds:
env:
- CGO_ENABLED=0
archives:
- id: otelcol-k8s-pie
builds:
- otelcol-k8s-pie
name_template: '{{ .Binary }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}{{ if .Arm }}v{{ .Arm }}{{ end }}{{ if .Mips }}_{{ .Mips }}{{ end }}'
- id: otelcol-k8s
builds:
- otelcol-k8s
Expand Down
Loading