Cleanup nix derivation for static builds
Signed-off-by: Wong Hoi Sing Edison <hswong3i@gmail.com>
This commit is contained in:
		
							parent
							
								
									10c5f24123
								
							
						
					
					
						commit
						f53812a11e
					
				
							
								
								
									
										24
									
								
								.cirrus.yml
								
								
								
								
							
							
						
						
									
										24
									
								
								.cirrus.yml
								
								
								
								
							|  | @ -756,17 +756,25 @@ success_task: | |||
| 
 | ||||
|     success_script: '/usr/local/bin/entrypoint.sh ./$SCRIPT_BASE/success.sh |& ${TIMESTAMP}' | ||||
| 
 | ||||
| # Build the static binary | ||||
| static_build_task: | ||||
|     container: | ||||
|         image: quay.io/podman/nix-podman:1.0.0 | ||||
|         cpu: 8 | ||||
|         memory: 12 | ||||
|     timeout_in: 20m | ||||
|     depends_on: | ||||
|         - "gating" | ||||
|     build_script: | ||||
|         - nix build -f nix | ||||
|     gce_instance: | ||||
|         image_name: "${FEDORA_CACHE_IMAGE_NAME}" | ||||
|         cpu: 8 | ||||
|         memory: 12 | ||||
|         disk: 200 | ||||
|     script: | | ||||
|         set -ex | ||||
|         setenforce 0 | ||||
|         growpart /dev/sda 1 || true | ||||
|         resize2fs /dev/sda1 || true | ||||
|         yum -y install podman | ||||
|         mkdir -p /nix | ||||
|         podman run --rm --privileged -ti -v /:/mnt nixos/nix cp -rfT /nix /mnt/nix | ||||
|         podman run --rm --privileged -ti -v /nix:/nix -v ${PWD}:${PWD} -w ${PWD} nixos/nix nix --print-build-logs --option cores 8 --option max-jobs 8 build --file nix/ | ||||
|     binaries_artifacts: | ||||
|         path: "result-bin/bin/podman" | ||||
|         path: "result/bin/podman" | ||||
|     on_failure: | ||||
|         failed_branch_script: '$CIRRUS_WORKING_DIR/$SCRIPT_BASE/notice_branch_failure.sh |& ${TIMESTAMP}' | ||||
|  |  | |||
|  | @ -31,4 +31,4 @@ release.txt | |||
| /test/copyimg/copyimg | ||||
| /test/goecho/goecho | ||||
| .vscode* | ||||
| result-bin | ||||
| result | ||||
|  |  | |||
|  | @ -1,10 +0,0 @@ | |||
| # vim: set syntax=dockerfile: | ||||
| FROM nixos/nix:latest | ||||
| 
 | ||||
| RUN apk add --no-cache bash git | ||||
| 
 | ||||
| COPY . /work | ||||
| WORKDIR work/nix | ||||
| RUN nix-build | ||||
| WORKDIR / | ||||
| RUN rm -rf work | ||||
							
								
								
									
										27
									
								
								Makefile
								
								
								
								
							
							
						
						
									
										27
									
								
								Makefile
								
								
								
								
							|  | @ -220,29 +220,18 @@ bin/podman.cross.%: .gopathok | |||
| 	GOARCH="$${TARGET##*.}" \
 | ||||
| 	$(GO_BUILD) -gcflags '$(GCFLAGS)' -asmflags '$(ASMFLAGS)' -ldflags '$(LDFLAGS_PODMAN)' -tags '$(BUILDTAGS_CROSS)' -o "$@" $(PROJECT)/cmd/podman | ||||
| 
 | ||||
| # Update nix/nixpkgs.json its latest master commit
 | ||||
| # Update nix/nixpkgs.json its latest stable commit
 | ||||
| .PHONY: nixpkgs | ||||
| nixpkgs: | ||||
| 	@nix run -f channel:nixpkgs-unstable nix-prefetch-git -c nix-prefetch-git \
 | ||||
| 	@nix run -f channel:nixos-20.03 nix-prefetch-git -c nix-prefetch-git \
 | ||||
| 		--no-deepClone https://github.com/nixos/nixpkgs > nix/nixpkgs.json | ||||
| 
 | ||||
| NIX_IMAGE ?= quay.io/podman/nix-podman:1.0.0 | ||||
| 
 | ||||
| # Build the nix image as base for static builds
 | ||||
| .PHONY: nix-image | ||||
| nix-image: | ||||
| 	$(CONTAINER_RUNTIME) build -t $(NIX_IMAGE) -f Containerfile-nix . | ||||
| 
 | ||||
| # Build podman statically linked based on the default nix container image
 | ||||
| .PHONY: build-static | ||||
| build-static: | ||||
| 	$(CONTAINER_RUNTIME) run \
 | ||||
| 		--rm -it \
 | ||||
| 		-v $(shell pwd):/work \
 | ||||
| 		-w /work $(NIX_IMAGE) \
 | ||||
| 		sh -c "nix build -f nix && \
 | ||||
| 			   mkdir -p bin && \
 | ||||
| 			   cp result-*bin/bin/podman bin/podman-static"
 | ||||
| # Build statically linked binary
 | ||||
| .PHONY: static | ||||
| static: | ||||
| 	@nix build -f nix/ | ||||
| 	mkdir -p ./bin | ||||
| 	cp -rfp ./result/bin/* ./bin/ | ||||
| 
 | ||||
| .PHONY: run-docker-py-tests | ||||
| run-docker-py-tests: | ||||
|  |  | |||
|  | @ -1,53 +1,48 @@ | |||
| { system ? builtins.currentSystem }: | ||||
| let | ||||
|   pkgs = import ./nixpkgs.nix { | ||||
|   pkgs = (import ./nixpkgs.nix { | ||||
|     config = { | ||||
|       packageOverrides = pkg: { | ||||
|         go_1_12 = pkg.go_1_14; | ||||
|         gpgme = (static pkg.gpgme); | ||||
|         libassuan = (static pkg.libassuan); | ||||
|         libgpgerror = (static pkg.libgpgerror); | ||||
|         libseccomp = (static pkg.libseccomp); | ||||
|       }; | ||||
|     }; | ||||
|   }; | ||||
|   }); | ||||
| 
 | ||||
|   static = pkg: pkg.overrideAttrs(old: { | ||||
|     configureFlags = (old.configureFlags or []) ++ | ||||
|       [ "--without-shared" "--disable-shared" ]; | ||||
|   static = pkg: pkg.overrideAttrs(x: { | ||||
|     doCheck = false; | ||||
|     configureFlags = (x.configureFlags or []) ++ [ | ||||
|       "--without-shared" | ||||
|       "--disable-shared" | ||||
|     ]; | ||||
|     dontDisableStatic = true; | ||||
|     enableSharedExecutables = false; | ||||
|     enableStatic = true; | ||||
|   }); | ||||
| 
 | ||||
|   patchLvm2 = pkg: pkg.overrideAttrs(old: { | ||||
|     configureFlags = [ | ||||
|       "--disable-cmdlib" "--disable-readline" "--disable-udev_rules" | ||||
|       "--disable-udev_sync" "--enable-pkgconfig" "--enable-static_link" | ||||
|     ]; | ||||
|     preConfigure = old.preConfigure + '' | ||||
|       substituteInPlace libdm/Makefile.in --replace \ | ||||
|         SUBDIRS=dm-tools SUBDIRS= | ||||
|       substituteInPlace tools/Makefile.in --replace \ | ||||
|         "TARGETS += lvm.static" "" | ||||
|       substituteInPlace tools/Makefile.in --replace \ | ||||
|         "INSTALL_LVM_TARGETS += install_tools_static" "" | ||||
|   self = with pkgs; buildGoModule rec { | ||||
|     name = "podman"; | ||||
|     src = ./..; | ||||
|     vendorSha256 = null; | ||||
|     doCheck = false; | ||||
|     enableParallelBuilding = true; | ||||
|     outputs = [ "out" ]; | ||||
|     nativeBuildInputs = [ bash git go-md2man installShellFiles makeWrapper pkg-config which ]; | ||||
|     buildInputs = [ glibc glibc.static gpgme libassuan libgpgerror libseccomp libapparmor libselinux ]; | ||||
|     prePatch = '' | ||||
|       export CFLAGS='-static' | ||||
|       export LDFLAGS='-s -w -static-libgcc -static' | ||||
|       export EXTRA_LDFLAGS='-s -w -linkmode external -extldflags "-static -lm"' | ||||
|       export BUILDTAGS='static netgo exclude_graphdriver_btrfs exclude_graphdriver_devicemapper seccomp apparmor selinux' | ||||
|     ''; | ||||
|     buildPhase = '' | ||||
|       patchShebangs . | ||||
|       make bin/podman | ||||
|     ''; | ||||
|     installPhase = '' | ||||
|       install -Dm755 bin/podman $out/bin/podman | ||||
|     ''; | ||||
|     postInstall = ""; | ||||
|   }); | ||||
| 
 | ||||
|   self = { | ||||
|     podman-static = (pkgs.podman.overrideAttrs(old: { | ||||
|       name = "podman-static"; | ||||
|       buildInputs = old.buildInputs ++ (with pkgs; [ | ||||
|         (static pkgs.libassuan) | ||||
|         (static pkgs.libgpgerror) | ||||
|         git | ||||
|         glibc | ||||
|         glibc.static | ||||
|       ]); | ||||
|       src = ./..; | ||||
|       EXTRA_LDFLAGS = ''-linkmode external -extldflags "-static -lm"''; | ||||
|       BUILDTAGS = ''static netgo apparmor selinux seccomp systemd varlink containers_image_ostree_stub''; | ||||
|     })).override { | ||||
|       gpgme = (static pkgs.gpgme); | ||||
|       libseccomp = (static pkgs.libseccomp); | ||||
|       lvm2 = (patchLvm2 (static pkgs.lvm2)); | ||||
|     }; | ||||
|   }; | ||||
| in self | ||||
|  |  | |||
|  | @ -1,9 +1,7 @@ | |||
| { | ||||
|   "url": "https://github.com/nixos/nixpkgs", | ||||
|   "rev": "a08d4f605bca62c282ce9955d5ddf7d824e89809", | ||||
|   "date": "2020-03-20T10:10:15+01:00", | ||||
|   "sha256": "1bniq08dlmrmrz4aga1cj0d7rqbaq9xapm5ar15wdv2c6431z2m8", | ||||
|   "fetchSubmodules": false, | ||||
|   "deepClone": false, | ||||
|   "leaveDotGit": false | ||||
|   "rev": "02591d02a910b3b92092153c5f3419a8d696aa1d", | ||||
|   "date": "2020-07-09T03:52:28+02:00", | ||||
|   "sha256": "1pp9v4rqmgx1b298gxix8b79m8pvxy1rcf8l25rxxxxnkr5ls1ng", | ||||
|   "fetchSubmodules": false | ||||
| } | ||||
|  |  | |||
		Loading…
	
		Reference in New Issue