diff --git a/Makefile b/Makefile index 7771f9452c759..a6713c29538ea 100644 --- a/Makefile +++ b/Makefile @@ -47,8 +47,10 @@ GO_LDFLAGS ?= -w -s $(KUBECTL_SETVERSION) # debugger-friendly builds. ifeq ("$(TELEPORT_DEBUG)","true") BUILDFLAGS ?= $(ADDFLAGS) -gcflags=all="-N -l" +BUILDFLAGS_TBOT ?= $(ADDFLAGS) -gcflags=all="-N -l" else BUILDFLAGS ?= $(ADDFLAGS) -ldflags '$(GO_LDFLAGS)' -trimpath +BUILDFLAGS_TBOT ?= $(ADDFLAGS) -ldflags '$(GO_LDFLAGS)' -trimpath endif GO_ENV_OS := $(shell go env GOOS) @@ -270,6 +272,7 @@ $(error "Building for windows requires ARCH=amd64") endif CGOFLAG = CGO_ENABLED=1 CC=x86_64-w64-mingw32-gcc CXX=x86_64-w64-mingw32-g++ BUILDFLAGS = $(ADDFLAGS) -ldflags '-w -s $(KUBECTL_SETVERSION)' -trimpath -buildmode=exe +BUILDFLAGS_TBOT = $(ADDFLAGS) -ldflags '-w -s $(KUBECTL_SETVERSION)' -trimpath endif CGOFLAG_TSH ?= $(CGOFLAG) @@ -320,8 +323,14 @@ $(BUILDDIR)/tsh: GOOS=$(OS) GOARCH=$(ARCH) $(CGOFLAG_TSH) go build -tags "$(FIPS_TAG) $(LIBFIDO2_BUILD_TAG) $(TOUCHID_TAG) $(PIV_BUILD_TAG)" -o $(BUILDDIR)/tsh $(BUILDFLAGS) ./tool/tsh .PHONY: $(BUILDDIR)/tbot +$(BUILDDIR)/tbot: CGO_ENABLED ?= 0 $(BUILDDIR)/tbot: - GOOS=$(OS) GOARCH=$(ARCH) $(CGOFLAG) go build -tags "$(FIPS_TAG)" -o $(BUILDDIR)/tbot $(BUILDFLAGS) ./tool/tbot +# The -buildmode=pie flag requires external cgo linking. +ifeq ("$(CGO_ENABLED)", "1") + GOOS=$(OS) GOARCH=$(ARCH) CGO_ENABLED=1 go build -tags "$(FIPS_TAG)" -o $(BUILDDIR)/tbot $(BUILDFLAGS_TBOT) -buildmode=pie ./tool/tbot +else + GOOS=$(OS) GOARCH=$(ARCH) CGO_ENABLED=0 go build -tags "$(FIPS_TAG)" -o $(BUILDDIR)/tbot $(BUILDFLAGS_TBOT) ./tool/tbot +endif # # BPF support (IF ENABLED) diff --git a/e b/e index 0dada8eb04d4e..47a615c1bf5c5 160000 --- a/e +++ b/e @@ -1 +1 @@ -Subproject commit 0dada8eb04d4ec507c8b7f81cebd476887f028f3 +Subproject commit 47a615c1bf5c51f99f9c22a81eaff48c98626d52 diff --git a/integrations/teleport-spacelift-runner/Dockerfile b/integrations/teleport-spacelift-runner/Dockerfile index 0429ea67e5792..5c98b4d947156 100644 --- a/integrations/teleport-spacelift-runner/Dockerfile +++ b/integrations/teleport-spacelift-runner/Dockerfile @@ -30,12 +30,9 @@ RUN make build/tbot FROM $BASE_IMAGE # https://github.com/spacelift-io/runner-terraform/blob/main/Dockerfile -# Switch to root so we can invoke gcompat +# Switch to root so we can invoke chmod USER root -# Install gcompat to allow glibc compiled tbot to run on Spacelift. -RUN apk add --no-cache gcompat=1.1.0-r1 - # Copy in `tbot` COPY --from=builder /workspace/build/tbot /usr/local/bin RUN chmod 755 /usr/local/bin/tbot