public
/
stagex
Archived
5
0
Fork 0
Code Issues 1 Pull Requests 1 Packages Projects Releases Wiki Activity

inject SOURCE_DATE_EPOCH as build arg

This commit is contained in:
Lance Vick 2024-02-08 03:51:42 -08:00
parent 984ac07d63
commit 2bafad8aab
Signed by: lrvick
GPG Key ID: 8E47A1EC35A1551D
2 changed files with 37 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
src/core/musl/Containerfile
View File

@ -1,24 +1,26 @@
FROM stagex/stage3 as base FROM scratch as base
ENV SRC_SITE http://musl.libc.org ARG ARCH=x86_64
ENV SRC_VERSION 1.2.4 ENV VERSION 1.2.4
ENV SRC_FILE musl-${VERSION}.tar.gz
ENV SRC_SITE http://musl.libc.org/${SRC_FILE}
ENV SRC_HASH 7a35eae33d5372a7c0da1188de798726f68825513b7ae3ebe97aaaa52114f039 ENV SRC_HASH 7a35eae33d5372a7c0da1188de798726f68825513b7ae3ebe97aaaa52114f039
ENV CFLAGS="-Os -fstack-clash-protection -Wformat -Werror=format-security" ENV CFLAGS="-Os -fstack-clash-protection -Wformat -Werror=format-security"
ENV CXXFLAGS="-Os -fstack-clash-protection -Wformat -Werror=format-security -D_GLIBCXX_ASSERTIONS=1 -D_LIBCPP_ENABLE_THREAD_SAFETY_ANNOTATIONS=1 -D_LIBCPP_ENABLE_HARDENED_MODE=1" ENV CXXFLAGS="-Os -fstack-clash-protection -Wformat -Werror=format-security -D_GLIBCXX_ASSERTIONS=1 -D_LIBCPP_ENABLE_THREAD_SAFETY_ANNOTATIONS=1 -D_LIBCPP_ENABLE_HARDENED_MODE=1"
ENV LDFLAGS="-Wl,--as-needed,-O1,--sort-common -Wl,-soname,libc.musl-${ARCH}.so.1" ENV LDFLAGS="-Wl,--as-needed,-O1,--sort-common -Wl,-soname,libc.musl-${ARCH}.so.1"
FROM base as fetch FROM base as fetch
WORKDIR ${HOME} ADD --checksum=sha256:${SRC_HASH} ${SRC_SITE} .
RUN wget ${SRC_SITE}/releases/musl-$SRC_VERSION.tar.gz
RUN echo "${SRC_HASH} musl-${SRC_VERSION}.tar.gz" | sha256sum -c
FROM fetch as build FROM fetch as build
RUN tar -xzf musl-${SRC_VERSION}.tar.gz COPY --from=stagex/stage3 . /
WORKDIR musl-${SRC_VERSION} RUN tar -xzf ${SRC_FILE}
WORKDIR musl-${VERSION}
ADD *.patch . ADD *.patch .
RUN set -eux; \ RUN --network=none <<-EOF
patch -p1 < lfs64.patch; \ set -eux; \
patch -p1 < lfs64-2.patch; \ patch -p1 < lfs64.patch
patch -p1 < relr-typedefs.patch; \ patch -p1 < lfs64-2.patch
patch -p1 < relr-typedefs.patch
./configure \ ./configure \
--build=${ARCH}-linux-musl \ --build=${ARCH}-linux-musl \
--host=${ARCH}-linux-musl \ --host=${ARCH}-linux-musl \
@ -27,21 +29,22 @@ RUN set -eux; \
--mandir=/usr/share/man \ --mandir=/usr/share/man \
--infodir=/usr/share/info \ --infodir=/usr/share/info \
--localstatedir=/var \ --localstatedir=/var \
--enable-debug; \ --enable-debug
make make
EOF
FROM build as install FROM build as install
USER 0:0 RUN --network=none <<-EOF
RUN set -eux; \ set -eux
make DESTDIR=/rootfs install; \ make DESTDIR=/rootfs install
mkdir -p /rootfs/usr/bin; \ mkdir -p /rootfs/usr/bin
printf "%s\n%s\n" '#!/bin/sh' 'exec /lib/ld-musl-${ARCH}.so.1 --list "$@"' \ printf "%s\n%s\n" '#!/bin/sh' 'exec /lib/ld-musl-${ARCH}.so.1 --list "$@"' \
> /rootfs/usr/bin/ldd; \ > /rootfs/usr/bin/ldd; \
chmod 755 /rootfs/usr/bin/ldd; \ chmod 755 /rootfs/usr/bin/ldd
mv -f /rootfs/usr/lib/libc.so /rootfs/lib/ld-musl-${ARCH}.so.1; \ mv -f /rootfs/usr/lib/libc.so /rootfs/lib/ld-musl-${ARCH}.so.1
ln -sf ld-musl-${ARCH}.so.1 /rootfs/lib/libc.musl-${ARCH}.so.1; \ ln -sf ld-musl-${ARCH}.so.1 /rootfs/lib/libc.musl-${ARCH}.so.1
ln -sf ../../lib/ld-musl-${ARCH}.so.1 /rootfs/usr/lib/libc.so; \ ln -sf ../../lib/ld-musl-${ARCH}.so.1 /rootfs/usr/lib/libc.so
find /rootfs -exec touch -hcd "@0" "{}" + EOF
FROM scratch as package FROM scratch as package
COPY --from=install /rootfs / COPY --from=install /rootfs /

1
src/macros.mk
View File

@ -36,6 +36,7 @@ define build
build \ build \
--ulimit nofile=2048:16384 \ --ulimit nofile=2048:16384 \
--tag $(REGISTRY)/$(NAME):$(VERSION) \ --tag $(REGISTRY)/$(NAME):$(VERSION) \
--build-arg SOURCE_DATE_EPOCH=1 \
--build-arg REGISTRY=$(REGISTRY) \ --build-arg REGISTRY=$(REGISTRY) \
--build-arg CORES=$(shell nproc --all) \ --build-arg CORES=$(shell nproc --all) \
--platform $(PLATFORM) \ --platform $(PLATFORM) \