rpms / toolbox

Clone
Source Code
GIT

Files

  1.   deb9c1e8e6c3a8b6f386b3aebcad949dc5adb304
  2.   toolbox-Make-the-build-flags-match-Fedora-s-gobuild.patch
Blob Blame History Raw 
From 6d913f1fbd6e609957bb01273504b2f479e1b546 Mon Sep 17 00:00:00 2001
From: Debarshi Ray <rishi@fedoraproject.org>
Date: Mon, 29 Jun 2020 17:57:47 +0200
Subject: [PATCH] build: Make the build flags match Fedora's %{gobuild}

The Go toolchain doesn't play well with passing compiler and linker
flags via environment variables. The linker flags require a second
level of quoting, which leaves the build system without a quote level
to assign the flags to an environment variable like GOFLAGS.

This is one reason why Fedora doesn't have a RPM macro with only the
flags. The %{gobuild} RPM macro includes the entire 'go build ...'
invocation.

The Go toolchain also doesn't like the LDFLAGS environment variable as
exported by Fedora's %{meson} RPM macro.

Note that these flags are meant for every CPU architecture other than
PPC64, and should be kept updated to match Fedora's Go guidelines. Use
'rpm --eval "%{gobuild}"' to expand the %{gobuild} macro.
---
 src/go-build-wrapper | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/src/go-build-wrapper b/src/go-build-wrapper
index ef4aafc8b024..4354beceb215 100755
--- a/src/go-build-wrapper
+++ b/src/go-build-wrapper
@@ -32,9 +32,9 @@ if ! cd "$1"; then
     exit 1
 fi
 
-tags=""
+tags="-tags rpm_crashtraceback,${BUILDTAGS:-}"
 if $6; then
-    tags="-tags migration_path_for_coreos_toolbox"
+    tags="$tags,migration_path_for_coreos_toolbox"
 fi
 
 if ! libc_dir=$("$4" --print-file-name=libc.so); then
@@ -69,11 +69,17 @@ fi
 
 dynamic_linker="/run/host$dynamic_linker_canonical_dirname/$dynamic_linker_basename"
 
+unset LDFLAGS
+
 # shellcheck disable=SC2086
 go build \
+        -buildmode pie \
+        -compiler gc \
         $tags \
-        -trimpath \
-        -ldflags "-extldflags '-Wl,-dynamic-linker,$dynamic_linker -Wl,-rpath,/run/host$libc_dir_canonical_dirname' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$3" \
+        -ldflags "${LDFLAGS:-} -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \n') -compressdwarf=false -extldflags '-Wl,-z,relro -Wl,--as-needed -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -Wl,-dynamic-linker,$dynamic_linker -Wl,-rpath,/run/host$libc_dir_canonical_dirname' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$3" \
+        -a \
+        -v \
+        -x \
         -o "$2/toolbox"
 
 exit "$?"
-- 
2.31.1
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.