Skip to content

Commit

Permalink
Update tbot builds to disable cgo by default (#43309)
Browse files Browse the repository at this point in the history
  • Loading branch information
@rosstimothy
rosstimothy committed Jun 28, 2024
1 parent 5111e2c commit 9473f1c
Show file tree
Hide file tree
Showing 3 changed files with 12 additions and 6 deletions.
11 changes: 10 additions & 1 deletion Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,8 +47,10 @@ GO_LDFLAGS ?= -w -s $(KUBECTL_SETVERSION)
# debugger-friendly builds.
ifeq ("$(TELEPORT_DEBUG)","true")
BUILDFLAGS ?= $(ADDFLAGS) -gcflags=all="-N -l"
BUILDFLAGS_TBOT ?= $(ADDFLAGS) -gcflags=all="-N -l"
else
BUILDFLAGS ?= $(ADDFLAGS) -ldflags '$(GO_LDFLAGS)' -trimpath
BUILDFLAGS_TBOT ?= $(ADDFLAGS) -ldflags '$(GO_LDFLAGS)' -trimpath
endif

GO_ENV_OS := $(shell go env GOOS)
Expand Down Expand Up @@ -270,6 +272,7 @@ $(error "Building for windows requires ARCH=amd64")
endif
CGOFLAG = CGO_ENABLED=1 CC=x86_64-w64-mingw32-gcc CXX=x86_64-w64-mingw32-g++
BUILDFLAGS = $(ADDFLAGS) -ldflags '-w -s $(KUBECTL_SETVERSION)' -trimpath -buildmode=exe
BUILDFLAGS_TBOT = $(ADDFLAGS) -ldflags '-w -s $(KUBECTL_SETVERSION)' -trimpath
endif

CGOFLAG_TSH ?= $(CGOFLAG)
Expand Down Expand Up @@ -320,8 +323,14 @@ $(BUILDDIR)/tsh:
GOOS=$(OS) GOARCH=$(ARCH) $(CGOFLAG_TSH) go build -tags "$(FIPS_TAG) $(LIBFIDO2_BUILD_TAG) $(TOUCHID_TAG) $(PIV_BUILD_TAG)" -o $(BUILDDIR)/tsh $(BUILDFLAGS) ./tool/tsh

.PHONY: $(BUILDDIR)/tbot
$(BUILDDIR)/tbot: CGO_ENABLED ?= 0
$(BUILDDIR)/tbot:
GOOS=$(OS) GOARCH=$(ARCH) $(CGOFLAG) go build -tags "$(FIPS_TAG)" -o $(BUILDDIR)/tbot $(BUILDFLAGS) ./tool/tbot
# The -buildmode=pie flag requires external cgo linking.
ifeq ("$(CGO_ENABLED)", "1")
GOOS=$(OS) GOARCH=$(ARCH) CGO_ENABLED=1 go build -tags "$(FIPS_TAG)" -o $(BUILDDIR)/tbot $(BUILDFLAGS_TBOT) -buildmode=pie ./tool/tbot
else
GOOS=$(OS) GOARCH=$(ARCH) CGO_ENABLED=0 go build -tags "$(FIPS_TAG)" -o $(BUILDDIR)/tbot $(BUILDFLAGS_TBOT) ./tool/tbot
endif

#
# BPF support (IF ENABLED)
Expand Down
2 changes: 1 addition & 1 deletion e
Submodule e updated from 0dada8 to 47a615
5 changes: 1 addition & 4 deletions integrations/teleport-spacelift-runner/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,12 +30,9 @@ RUN make build/tbot
FROM $BASE_IMAGE
# https://github.com/spacelift-io/runner-terraform/blob/main/Dockerfile

# Switch to root so we can invoke gcompat
# Switch to root so we can invoke chmod
USER root

# Install gcompat to allow glibc compiled tbot to run on Spacelift.
RUN apk add --no-cache gcompat=1.1.0-r1

# Copy in `tbot`
COPY --from=builder /workspace/build/tbot /usr/local/bin
RUN chmod 755 /usr/local/bin/tbot
Expand Down

0 comments on commit 9473f1c

Please sign in to comment.