From d3a6f6f49b641987f5af8fef420f49c07f11f01e Mon Sep 17 00:00:00 2001 From: Tony Redondo Date: Fri, 28 Mar 2025 13:01:32 +0100 Subject: [PATCH 01/28] Try to build with musl --- build/Dockerfile | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/build/Dockerfile b/build/Dockerfile index aa8e567..68dcade 100644 --- a/build/Dockerfile +++ b/build/Dockerfile @@ -2,7 +2,7 @@ FROM golang:1.24.1-bookworm AS builder # Install dependencies -RUN apt-get update && apt-get install -y gcc binutils +RUN apt-get update && apt-get install -y musl-tools binutils # Argument can be set during build time with --build-arg GOARCH=arm64 ARG GOARCH=amd64 @@ -11,9 +11,9 @@ ARG GOARCH=amd64 ENV CGO_ENABLED=1 \ GOOS=linux \ GOARCH=$GOARCH \ - CC=gcc \ + CC=musl-gcc \ CGO_CFLAGS="-O2 -Os -s -DNDEBUG -fdata-sections -ffunction-sections" \ - CGO_LDFLAGS="-s -Wl,--gc-sections" + CGO_LDFLAGS="-static,-s -Wl,--gc-sections" WORKDIR /app @@ -23,9 +23,9 @@ COPY . . WORKDIR /app/internal/civisibility/native # Build the library -RUN go build -tags civisibility_native -buildmode=c-archive -ldflags="-s -w" -gcflags="all=-l" -o ./output/static/libtestoptimization.a *.go +RUN go build -tags civisibility_native -buildmode=c-archive -ldflags='-s -w -extldflags "-static"' -gcflags="all=-l" -o ./output/static/libtestoptimization.a *.go RUN strip --strip-unneeded ./output/static/libtestoptimization.a -RUN go build -tags civisibility_native -buildmode=c-shared -ldflags="-s -w" -gcflags="all=-l" -o ./output/dynamic/libtestoptimization.so *.go +RUN go build -tags civisibility_native -buildmode=c-shared -ldflags='-s -w -extldflags "-static"' -gcflags="all=-l" -o ./output/dynamic/libtestoptimization.so *.go RUN strip --strip-unneeded ./output/dynamic/libtestoptimization.so # Stage 2: Extract the library From d31e7c1cab8d942b60f8043470c46a368b972022 Mon Sep 17 00:00:00 2001 From: Tony Redondo Date: Fri, 28 Mar 2025 13:27:06 +0100 Subject: [PATCH 02/28] change --- build/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build/Dockerfile b/build/Dockerfile index 68dcade..0fc13cf 100644 --- a/build/Dockerfile +++ b/build/Dockerfile @@ -13,7 +13,7 @@ ENV CGO_ENABLED=1 \ GOARCH=$GOARCH \ CC=musl-gcc \ CGO_CFLAGS="-O2 -Os -s -DNDEBUG -fdata-sections -ffunction-sections" \ - CGO_LDFLAGS="-static,-s -Wl,--gc-sections" + CGO_LDFLAGS="-s -Wl,--gc-sections,-static" WORKDIR /app From eafeff7e491f5af23ab4a243add7ee690b24fc6c Mon Sep 17 00:00:00 2001 From: Tony Redondo Date: Fri, 28 Mar 2025 13:59:52 +0100 Subject: [PATCH 03/28] remove flag in the dynamic lib --- build/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build/Dockerfile b/build/Dockerfile index 0fc13cf..756628a 100644 --- a/build/Dockerfile +++ b/build/Dockerfile @@ -25,7 +25,7 @@ WORKDIR /app/internal/civisibility/native # Build the library RUN go build -tags civisibility_native -buildmode=c-archive -ldflags='-s -w -extldflags "-static"' -gcflags="all=-l" -o ./output/static/libtestoptimization.a *.go RUN strip --strip-unneeded ./output/static/libtestoptimization.a -RUN go build -tags civisibility_native -buildmode=c-shared -ldflags='-s -w -extldflags "-static"' -gcflags="all=-l" -o ./output/dynamic/libtestoptimization.so *.go +RUN go build -tags civisibility_native -buildmode=c-shared -ldflags='-s -w' -gcflags="all=-l" -o ./output/dynamic/libtestoptimization.so *.go RUN strip --strip-unneeded ./output/dynamic/libtestoptimization.so # Stage 2: Extract the library From 75664945b5eca5ba20997075b6f32b2ca7fda05d Mon Sep 17 00:00:00 2001 From: Tony Redondo Date: Fri, 28 Mar 2025 15:00:59 +0100 Subject: [PATCH 04/28] changes --- build/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build/Dockerfile b/build/Dockerfile index 756628a..3abbf9f 100644 --- a/build/Dockerfile +++ b/build/Dockerfile @@ -25,7 +25,7 @@ WORKDIR /app/internal/civisibility/native # Build the library RUN go build -tags civisibility_native -buildmode=c-archive -ldflags='-s -w -extldflags "-static"' -gcflags="all=-l" -o ./output/static/libtestoptimization.a *.go RUN strip --strip-unneeded ./output/static/libtestoptimization.a -RUN go build -tags civisibility_native -buildmode=c-shared -ldflags='-s -w' -gcflags="all=-l" -o ./output/dynamic/libtestoptimization.so *.go +RUN CGO_LDFLAGS="" go build -tags civisibility_native -buildmode=c-shared -ldflags='-s -w' -gcflags="all=-l" -o ./output/dynamic/libtestoptimization.so *.go RUN strip --strip-unneeded ./output/dynamic/libtestoptimization.so # Stage 2: Extract the library From 155196133672b3bdb0476b1c1151c3b112d96c52 Mon Sep 17 00:00:00 2001 From: Tony Redondo Date: Fri, 28 Mar 2025 15:27:55 +0100 Subject: [PATCH 05/28] changes --- build/Dockerfile | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/build/Dockerfile b/build/Dockerfile index 3abbf9f..cf296f1 100644 --- a/build/Dockerfile +++ b/build/Dockerfile @@ -25,7 +25,24 @@ WORKDIR /app/internal/civisibility/native # Build the library RUN go build -tags civisibility_native -buildmode=c-archive -ldflags='-s -w -extldflags "-static"' -gcflags="all=-l" -o ./output/static/libtestoptimization.a *.go RUN strip --strip-unneeded ./output/static/libtestoptimization.a -RUN CGO_LDFLAGS="" go build -tags civisibility_native -buildmode=c-shared -ldflags='-s -w' -gcflags="all=-l" -o ./output/dynamic/libtestoptimization.so *.go + +# Build the dynamic library (c-shared) +# We need to set the correct dynamic linker based on GOARCH. +RUN \ + if [ "$GOARCH" = "amd64" ]; then \ + export DYNAMIC_LINKER="/lib/ld-musl-x86_64.so.1"; \ + elif [ "$GOARCH" = "arm64" ]; then \ + export DYNAMIC_LINKER="/lib/ld-musl-aarch64.so.1"; \ + else \ + echo "Unsupported architecture: $GOARCH" && exit 1; \ + fi && \ + echo "Using dynamic linker: $DYNAMIC_LINKER" && \ + CGO_LDFLAGS="" \ + go build -tags civisibility_native -buildmode=c-shared \ + -ldflags='-s -w -extldflags "-Wl,--dynamic-linker=${DYNAMIC_LINKER}"'' \ + -gcflags="all=-l" \ + -o ./output/dynamic/libtestoptimization.so *.go + RUN strip --strip-unneeded ./output/dynamic/libtestoptimization.so # Stage 2: Extract the library From 66d11ffc88ae402437f30f6a0b40919a683d18d1 Mon Sep 17 00:00:00 2001 From: Tony Redondo Date: Fri, 28 Mar 2025 15:33:19 +0100 Subject: [PATCH 06/28] changes --- build/Dockerfile | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/build/Dockerfile b/build/Dockerfile index cf296f1..abffb23 100644 --- a/build/Dockerfile +++ b/build/Dockerfile @@ -37,11 +37,7 @@ RUN \ echo "Unsupported architecture: $GOARCH" && exit 1; \ fi && \ echo "Using dynamic linker: $DYNAMIC_LINKER" && \ - CGO_LDFLAGS="" \ - go build -tags civisibility_native -buildmode=c-shared \ - -ldflags='-s -w -extldflags "-Wl,--dynamic-linker=${DYNAMIC_LINKER}"'' \ - -gcflags="all=-l" \ - -o ./output/dynamic/libtestoptimization.so *.go + CGO_LDFLAGS="" go build -tags civisibility_native -buildmode=c-shared -ldflags="-s -w -extldflags \"-Wl,--dynamic-linker=${DYNAMIC_LINKER}\"" -gcflags="all=-l" -o ./output/dynamic/libtestoptimization.so *.go RUN strip --strip-unneeded ./output/dynamic/libtestoptimization.so From 042307bf1d6f408a475c0037f892d32bdc49d23d Mon Sep 17 00:00:00 2001 From: Tony Redondo Date: Fri, 28 Mar 2025 15:53:52 +0100 Subject: [PATCH 07/28] switch to alpine --- build/Dockerfile | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/build/Dockerfile b/build/Dockerfile index abffb23..c8319bc 100644 --- a/build/Dockerfile +++ b/build/Dockerfile @@ -1,8 +1,8 @@ -# Stage 1: Build the static library -FROM golang:1.24.1-bookworm AS builder +# Use an Alpine-based Go image for the builder stage +FROM golang:1.24-alpine AS builder -# Install dependencies -RUN apt-get update && apt-get install -y musl-tools binutils +# Install dependencies for musl and binutils if needed +RUN apk add --no-cache musl-dev binutils # Argument can be set during build time with --build-arg GOARCH=arm64 ARG GOARCH=amd64 @@ -38,7 +38,6 @@ RUN \ fi && \ echo "Using dynamic linker: $DYNAMIC_LINKER" && \ CGO_LDFLAGS="" go build -tags civisibility_native -buildmode=c-shared -ldflags="-s -w -extldflags \"-Wl,--dynamic-linker=${DYNAMIC_LINKER}\"" -gcflags="all=-l" -o ./output/dynamic/libtestoptimization.so *.go - RUN strip --strip-unneeded ./output/dynamic/libtestoptimization.so # Stage 2: Extract the library From 4a7063a818ad58906ce7905aa43de34b3a3b3833 Mon Sep 17 00:00:00 2001 From: Tony Redondo Date: Fri, 28 Mar 2025 16:07:25 +0100 Subject: [PATCH 08/28] changes --- build/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build/Dockerfile b/build/Dockerfile index c8319bc..acf2db5 100644 --- a/build/Dockerfile +++ b/build/Dockerfile @@ -11,7 +11,7 @@ ARG GOARCH=amd64 ENV CGO_ENABLED=1 \ GOOS=linux \ GOARCH=$GOARCH \ - CC=musl-gcc \ + CC=gcc \ CGO_CFLAGS="-O2 -Os -s -DNDEBUG -fdata-sections -ffunction-sections" \ CGO_LDFLAGS="-s -Wl,--gc-sections,-static" From 00b7639240ca999deb4a6f6d3e1c6eb555fdcfbf Mon Sep 17 00:00:00 2001 From: Tony Redondo Date: Fri, 28 Mar 2025 16:09:44 +0100 Subject: [PATCH 09/28] changes --- build/Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/build/Dockerfile b/build/Dockerfile index acf2db5..701325d 100644 --- a/build/Dockerfile +++ b/build/Dockerfile @@ -2,7 +2,7 @@ FROM golang:1.24-alpine AS builder # Install dependencies for musl and binutils if needed -RUN apk add --no-cache musl-dev binutils +RUN apk update && apk add --no-cache build-base # Argument can be set during build time with --build-arg GOARCH=arm64 ARG GOARCH=amd64 @@ -11,7 +11,7 @@ ARG GOARCH=amd64 ENV CGO_ENABLED=1 \ GOOS=linux \ GOARCH=$GOARCH \ - CC=gcc \ + CC=musl-gcc \ CGO_CFLAGS="-O2 -Os -s -DNDEBUG -fdata-sections -ffunction-sections" \ CGO_LDFLAGS="-s -Wl,--gc-sections,-static" From 9ea5538890ad225e7e926c392c5ceb546f3c658e Mon Sep 17 00:00:00 2001 From: Tony Redondo Date: Fri, 28 Mar 2025 16:10:45 +0100 Subject: [PATCH 10/28] changes --- build/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build/Dockerfile b/build/Dockerfile index 701325d..59f2ead 100644 --- a/build/Dockerfile +++ b/build/Dockerfile @@ -11,7 +11,7 @@ ARG GOARCH=amd64 ENV CGO_ENABLED=1 \ GOOS=linux \ GOARCH=$GOARCH \ - CC=musl-gcc \ + CC=gcc \ CGO_CFLAGS="-O2 -Os -s -DNDEBUG -fdata-sections -ffunction-sections" \ CGO_LDFLAGS="-s -Wl,--gc-sections,-static" From 857e26b2159bad0039b11f709d1e8767d25afb7d Mon Sep 17 00:00:00 2001 From: Tony Redondo Date: Fri, 28 Mar 2025 16:37:01 +0100 Subject: [PATCH 11/28] back to debian based --- build/Dockerfile | 20 +++++--------------- 1 file changed, 5 insertions(+), 15 deletions(-) diff --git a/build/Dockerfile b/build/Dockerfile index 59f2ead..0eabf30 100644 --- a/build/Dockerfile +++ b/build/Dockerfile @@ -1,8 +1,8 @@ -# Use an Alpine-based Go image for the builder stage -FROM golang:1.24-alpine AS builder +# Stage 1: Build the static library +FROM golang:1.24.1-bookworm AS builder -# Install dependencies for musl and binutils if needed -RUN apk update && apk add --no-cache build-base +# Install dependencies +RUN apt-get update && apt-get install -y gcc binutils libc6-dev # Argument can be set during build time with --build-arg GOARCH=arm64 ARG GOARCH=amd64 @@ -27,17 +27,7 @@ RUN go build -tags civisibility_native -buildmode=c-archive -ldflags='-s -w -ext RUN strip --strip-unneeded ./output/static/libtestoptimization.a # Build the dynamic library (c-shared) -# We need to set the correct dynamic linker based on GOARCH. -RUN \ - if [ "$GOARCH" = "amd64" ]; then \ - export DYNAMIC_LINKER="/lib/ld-musl-x86_64.so.1"; \ - elif [ "$GOARCH" = "arm64" ]; then \ - export DYNAMIC_LINKER="/lib/ld-musl-aarch64.so.1"; \ - else \ - echo "Unsupported architecture: $GOARCH" && exit 1; \ - fi && \ - echo "Using dynamic linker: $DYNAMIC_LINKER" && \ - CGO_LDFLAGS="" go build -tags civisibility_native -buildmode=c-shared -ldflags="-s -w -extldflags \"-Wl,--dynamic-linker=${DYNAMIC_LINKER}\"" -gcflags="all=-l" -o ./output/dynamic/libtestoptimization.so *.go +RUN CGO_LDFLAGS="" go build -tags civisibility_native -buildmode=c-shared -ldflags="-linkmode external -extldflags '-static'" -gcflags="all=-l" -o ./output/dynamic/libtestoptimization.so *.go RUN strip --strip-unneeded ./output/dynamic/libtestoptimization.so # Stage 2: Extract the library From 1195876f91760ee72ec432ac47e7fb292bf2a2de Mon Sep 17 00:00:00 2001 From: Tony Redondo Date: Fri, 28 Mar 2025 16:54:40 +0100 Subject: [PATCH 12/28] alpine again --- build/Dockerfile | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/build/Dockerfile b/build/Dockerfile index 0eabf30..896049f 100644 --- a/build/Dockerfile +++ b/build/Dockerfile @@ -1,8 +1,8 @@ -# Stage 1: Build the static library -FROM golang:1.24.1-bookworm AS builder +# Use an Alpine-based Go image for the builder stage +FROM golang:1.24-alpine AS builder -# Install dependencies -RUN apt-get update && apt-get install -y gcc binutils libc6-dev +# Install dependencies for musl and binutils if needed +RUN apk update && apk add --no-cache musl-dev build-base # Argument can be set during build time with --build-arg GOARCH=arm64 ARG GOARCH=amd64 @@ -26,7 +26,6 @@ WORKDIR /app/internal/civisibility/native RUN go build -tags civisibility_native -buildmode=c-archive -ldflags='-s -w -extldflags "-static"' -gcflags="all=-l" -o ./output/static/libtestoptimization.a *.go RUN strip --strip-unneeded ./output/static/libtestoptimization.a -# Build the dynamic library (c-shared) RUN CGO_LDFLAGS="" go build -tags civisibility_native -buildmode=c-shared -ldflags="-linkmode external -extldflags '-static'" -gcflags="all=-l" -o ./output/dynamic/libtestoptimization.so *.go RUN strip --strip-unneeded ./output/dynamic/libtestoptimization.so From 1137aea703d39abb9f78b79af76f62c2aac7bf5a Mon Sep 17 00:00:00 2001 From: Tony Redondo Date: Fri, 28 Mar 2025 17:02:46 +0100 Subject: [PATCH 13/28] changes --- build/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build/Dockerfile b/build/Dockerfile index 896049f..fd78db3 100644 --- a/build/Dockerfile +++ b/build/Dockerfile @@ -26,7 +26,7 @@ WORKDIR /app/internal/civisibility/native RUN go build -tags civisibility_native -buildmode=c-archive -ldflags='-s -w -extldflags "-static"' -gcflags="all=-l" -o ./output/static/libtestoptimization.a *.go RUN strip --strip-unneeded ./output/static/libtestoptimization.a -RUN CGO_LDFLAGS="" go build -tags civisibility_native -buildmode=c-shared -ldflags="-linkmode external -extldflags '-static'" -gcflags="all=-l" -o ./output/dynamic/libtestoptimization.so *.go +RUN CGO_CFLAGS="-static -fPIC" CGO_LDFLAGS="" go build -tags civisibility_native -buildmode=c-shared -ldflags="-linkmode external -extldflags '-static'" -gcflags="all=-l" -o ./output/dynamic/libtestoptimization.so *.go RUN strip --strip-unneeded ./output/dynamic/libtestoptimization.so # Stage 2: Extract the library From 5ae8767d3d416438b34d6fc2fd4c1edf3e55a9d5 Mon Sep 17 00:00:00 2001 From: Tony Redondo Date: Fri, 28 Mar 2025 17:26:05 +0100 Subject: [PATCH 14/28] changes --- build/Dockerfile | 20 +++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) diff --git a/build/Dockerfile b/build/Dockerfile index fd78db3..374ad81 100644 --- a/build/Dockerfile +++ b/build/Dockerfile @@ -1,12 +1,26 @@ # Use an Alpine-based Go image for the builder stage -FROM golang:1.24-alpine AS builder +FROM debian:stretch AS builder -# Install dependencies for musl and binutils if needed -RUN apk update && apk add --no-cache musl-dev build-base +# Install necessary packages: wget for downloading Go, gcc for compiling, +# libc6-dev for glibc headers, tar to extract the Go archive. +RUN apt-get update && apt-get install -y \ + wget \ + gcc \ + libc6-dev \ + tar \ + && rm -rf /var/lib/apt/lists/* # Argument can be set during build time with --build-arg GOARCH=arm64 ARG GOARCH=amd64 +# Download and extract Go +ENV GOFILENAME=go1.24.1.linux-${GOARCH}.tar.gz \ + GODOWNLOADURL=https://go.dev/dl/go1.24.1.linux-${GOARCH}.tar.gz +RUN wget -O go.tar.gz ${GODOWNLOADURL} && \ + tar -C /usr/local -xzf go.tar.gz && \ + rm go.tar.gz +ENV PATH="$PATH:/usr/local/go/bin" + # Configure environment variables for CGO, operating system, architecture, and compiler ENV CGO_ENABLED=1 \ GOOS=linux \ From 9cf9fb482c1d3f0510003d5be502a32c35a6b67e Mon Sep 17 00:00:00 2001 From: Tony Redondo Date: Fri, 28 Mar 2025 17:27:41 +0100 Subject: [PATCH 15/28] changes --- build/Dockerfile | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/build/Dockerfile b/build/Dockerfile index 374ad81..89569a5 100644 --- a/build/Dockerfile +++ b/build/Dockerfile @@ -7,8 +7,7 @@ RUN apt-get update && apt-get install -y \ wget \ gcc \ libc6-dev \ - tar \ - && rm -rf /var/lib/apt/lists/* + tar # Argument can be set during build time with --build-arg GOARCH=arm64 ARG GOARCH=amd64 From 125eb8d33244bf3181ecde70bf4802b9a417acca Mon Sep 17 00:00:00 2001 From: Tony Redondo Date: Fri, 28 Mar 2025 17:28:55 +0100 Subject: [PATCH 16/28] changes --- build/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build/Dockerfile b/build/Dockerfile index 89569a5..a66b4e7 100644 --- a/build/Dockerfile +++ b/build/Dockerfile @@ -3,7 +3,7 @@ FROM debian:stretch AS builder # Install necessary packages: wget for downloading Go, gcc for compiling, # libc6-dev for glibc headers, tar to extract the Go archive. -RUN apt-get update && apt-get install -y \ +RUN apt-get install -y \ wget \ gcc \ libc6-dev \ From 61ae402a391f6426592cba87f4bfac0a02544e4c Mon Sep 17 00:00:00 2001 From: Tony Redondo Date: Sat, 29 Mar 2025 23:23:46 +0100 Subject: [PATCH 17/28] crazy test --- build/Dockerfile | 71 ++++++++++++++++++++++++++++++++++++++---------- 1 file changed, 56 insertions(+), 15 deletions(-) diff --git a/build/Dockerfile b/build/Dockerfile index a66b4e7..7615fb3 100644 --- a/build/Dockerfile +++ b/build/Dockerfile @@ -1,13 +1,39 @@ # Use an Alpine-based Go image for the builder stage -FROM debian:stretch AS builder - -# Install necessary packages: wget for downloading Go, gcc for compiling, -# libc6-dev for glibc headers, tar to extract the Go archive. -RUN apt-get install -y \ - wget \ - gcc \ - libc6-dev \ - tar +FROM atadog/libddwaf:toolchain AS builder + +ENV QUIC_LTTng=0 + +RUN apt-get update \ + && apt-get -y upgrade \ + && DEBIAN_FRONTEND=noninteractive apt-get install -y --fix-missing \ + cmake \ + git \ + wget \ + curl \ + cmake \ + make \ + gcc \ + build-essential \ + uuid-dev \ + autoconf \ + gdb \ + tar \ + \ + && rm -rf /var/lib/apt/lists/* + +# We need to set this environment variable to make sure +# that compiling/linking will act as if it was on Alpine +ENV IsAlpine=true \ +## This dockerfile is meant to build universal binaries + AsUniversal=true + + +RUN ln -s `which clang-16` /usr/bin/clang && \ + ln -s `which clang++-16` /usr/bin/clang++ + +ENV \ + CXX=clang++ \ + CC=clang # Argument can be set during build time with --build-arg GOARCH=arm64 ARG GOARCH=amd64 @@ -23,10 +49,18 @@ ENV PATH="$PATH:/usr/local/go/bin" # Configure environment variables for CGO, operating system, architecture, and compiler ENV CGO_ENABLED=1 \ GOOS=linux \ - GOARCH=$GOARCH \ - CC=gcc \ - CGO_CFLAGS="-O2 -Os -s -DNDEBUG -fdata-sections -ffunction-sections" \ - CGO_LDFLAGS="-s -Wl,--gc-sections,-static" + GOARCH=$GOARCH + +# Target para musl según arquitectura +RUN echo "GOARCH=$GOARCH" \ + && if [ "$GOARCH" = "amd64" ]; then \ + export MUSL_TARGET="x86_64-linux-musl"; \ + elif [ "$GOARCH" = "arm64" ]; then \ + export MUSL_TARGET="aarch64-linux-musl"; \ + else \ + echo "Unsupported architecture: $GOARCH" && exit 1; \ + fi \ + && echo "MUSL_TARGET=$MUSL_TARGET" > /musl_target_env.sh WORKDIR /app @@ -36,10 +70,17 @@ COPY . . WORKDIR /app/internal/civisibility/native # Build the library -RUN go build -tags civisibility_native -buildmode=c-archive -ldflags='-s -w -extldflags "-static"' -gcflags="all=-l" -o ./output/static/libtestoptimization.a *.go +# Ejecutamos el build en una capa aparte para soportar $MUSL_TARGET +RUN . /musl_target_env.sh \ + && export CGO_CFLAGS="--target=$MUSL_TARGET -nostdinc++ -isystem /toolchain/include" \ + && export CGO_LDFLAGS="--target=$MUSL_TARGET -L/toolchain/lib -lc++ -lc++abi -lunwind -lm" \ + && go build -tags civisibility_native -buildmode=c-archive -o ./output/static/libtestoptimization.a *.go RUN strip --strip-unneeded ./output/static/libtestoptimization.a -RUN CGO_CFLAGS="-static -fPIC" CGO_LDFLAGS="" go build -tags civisibility_native -buildmode=c-shared -ldflags="-linkmode external -extldflags '-static'" -gcflags="all=-l" -o ./output/dynamic/libtestoptimization.so *.go +RUN . /musl_target_env.sh \ + && export CGO_CFLAGS="--target=$MUSL_TARGET -nostdinc++ -isystem /toolchain/include" \ + && export CGO_LDFLAGS="--target=$MUSL_TARGET -L/toolchain/lib -lc++ -lc++abi -lunwind -lm" \ + && go build -tags civisibility_native -buildmode=c-shared -o ./output/dynamic/libtestoptimization.so *.go RUN strip --strip-unneeded ./output/dynamic/libtestoptimization.so # Stage 2: Extract the library From 5dcd23eb90f003b851d7d52fddd4dad4d62ca573 Mon Sep 17 00:00:00 2001 From: Tony Redondo Date: Sat, 29 Mar 2025 23:25:04 +0100 Subject: [PATCH 18/28] fix --- build/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build/Dockerfile b/build/Dockerfile index 7615fb3..9cffb31 100644 --- a/build/Dockerfile +++ b/build/Dockerfile @@ -1,5 +1,5 @@ # Use an Alpine-based Go image for the builder stage -FROM atadog/libddwaf:toolchain AS builder +FROM datadog/libddwaf:toolchain AS builder ENV QUIC_LTTng=0 From 219198822fc21bcebf896177d1fda5418a2ac2d8 Mon Sep 17 00:00:00 2001 From: Tony Redondo Date: Sat, 29 Mar 2025 23:34:21 +0100 Subject: [PATCH 19/28] changes --- build/Dockerfile | 43 +++++++++++++++++++++---------------------- 1 file changed, 21 insertions(+), 22 deletions(-) diff --git a/build/Dockerfile b/build/Dockerfile index 9cffb31..41b7a02 100644 --- a/build/Dockerfile +++ b/build/Dockerfile @@ -37,6 +37,16 @@ ENV \ # Argument can be set during build time with --build-arg GOARCH=arm64 ARG GOARCH=amd64 +# Set MUSL_TARGET depending on GOARCH +ARG MUSL_TARGET +ENV GOARCH=$GOARCH + +# Resolve MUSL target dynamically +RUN case "$GOARCH" in \ + amd64) echo "x86_64-linux-musl" > /musl_target ;; \ + arm64) echo "aarch64-linux-musl" > /musl_target ;; \ + *) echo "Unsupported architecture: $GOARCH" && exit 1 ;; \ + esac # Download and extract Go ENV GOFILENAME=go1.24.1.linux-${GOARCH}.tar.gz \ @@ -51,17 +61,6 @@ ENV CGO_ENABLED=1 \ GOOS=linux \ GOARCH=$GOARCH -# Target para musl según arquitectura -RUN echo "GOARCH=$GOARCH" \ - && if [ "$GOARCH" = "amd64" ]; then \ - export MUSL_TARGET="x86_64-linux-musl"; \ - elif [ "$GOARCH" = "arm64" ]; then \ - export MUSL_TARGET="aarch64-linux-musl"; \ - else \ - echo "Unsupported architecture: $GOARCH" && exit 1; \ - fi \ - && echo "MUSL_TARGET=$MUSL_TARGET" > /musl_target_env.sh - WORKDIR /app # Copy everything from the current directory to the PWD (Present Working Directory) inside the container @@ -71,17 +70,17 @@ WORKDIR /app/internal/civisibility/native # Build the library # Ejecutamos el build en una capa aparte para soportar $MUSL_TARGET -RUN . /musl_target_env.sh \ - && export CGO_CFLAGS="--target=$MUSL_TARGET -nostdinc++ -isystem /toolchain/include" \ - && export CGO_LDFLAGS="--target=$MUSL_TARGET -L/toolchain/lib -lc++ -lc++abi -lunwind -lm" \ - && go build -tags civisibility_native -buildmode=c-archive -o ./output/static/libtestoptimization.a *.go -RUN strip --strip-unneeded ./output/static/libtestoptimization.a - -RUN . /musl_target_env.sh \ - && export CGO_CFLAGS="--target=$MUSL_TARGET -nostdinc++ -isystem /toolchain/include" \ - && export CGO_LDFLAGS="--target=$MUSL_TARGET -L/toolchain/lib -lc++ -lc++abi -lunwind -lm" \ - && go build -tags civisibility_native -buildmode=c-shared -o ./output/dynamic/libtestoptimization.so *.go -RUN strip --strip-unneeded ./output/dynamic/libtestoptimization.so +RUN export MUSL_TARGET=$(cat /musl_target) && \ + export CGO_CFLAGS="--target=$MUSL_TARGET -nostdinc++ -isystem /toolchain/include" && \ + export CGO_LDFLAGS="--target=$MUSL_TARGET -L/toolchain/lib -lc++ -lc++abi -lunwind -lm" && \ + go build -tags civisibility_native -buildmode=c-archive -o ./output/static/libtestoptimization.a *.go && \ + strip --strip-unneeded ./output/static/libtestoptimization.a + +RUN export MUSL_TARGET=$(cat /musl_target) && \ + export CGO_CFLAGS="--target=$MUSL_TARGET -nostdinc++ -isystem /toolchain/include" && \ + export CGO_LDFLAGS="--target=$MUSL_TARGET -L/toolchain/lib -lc++ -lc++abi -lunwind -lm" && \ + go build -tags civisibility_native -buildmode=c-shared -o ./output/dynamic/libtestoptimization.so *.go && \ + strip --strip-unneeded ./output/dynamic/libtestoptimization.so # Stage 2: Extract the library FROM alpine:latest From b455881bf0e82e85734a46684eccd7032d010241 Mon Sep 17 00:00:00 2001 From: Tony Redondo Date: Sat, 29 Mar 2025 23:44:45 +0100 Subject: [PATCH 20/28] changes --- build/Dockerfile | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/build/Dockerfile b/build/Dockerfile index 41b7a02..11cda3c 100644 --- a/build/Dockerfile +++ b/build/Dockerfile @@ -71,17 +71,24 @@ WORKDIR /app/internal/civisibility/native # Build the library # Ejecutamos el build en una capa aparte para soportar $MUSL_TARGET RUN export MUSL_TARGET=$(cat /musl_target) && \ - export CGO_CFLAGS="--target=$MUSL_TARGET -nostdinc++ -isystem /toolchain/include" && \ - export CGO_LDFLAGS="--target=$MUSL_TARGET -L/toolchain/lib -lc++ -lc++abi -lunwind -lm" && \ + export CGO_CFLAGS="--target=$MUSL_TARGET -nostdinc++ -isystem /sysroot/$MUSL_TARGET/usr/include" && \ + export CGO_LDFLAGS="--target=$MUSL_TARGET \ + /sysroot/$MUSL_TARGET/usr/lib/libc++.a \ + /sysroot/$MUSL_TARGET/usr/lib/libc++abi.a \ + /sysroot/$MUSL_TARGET/usr/lib/libunwind.a -lm -lc -lpthread -ldl" && \ go build -tags civisibility_native -buildmode=c-archive -o ./output/static/libtestoptimization.a *.go && \ strip --strip-unneeded ./output/static/libtestoptimization.a RUN export MUSL_TARGET=$(cat /musl_target) && \ - export CGO_CFLAGS="--target=$MUSL_TARGET -nostdinc++ -isystem /toolchain/include" && \ - export CGO_LDFLAGS="--target=$MUSL_TARGET -L/toolchain/lib -lc++ -lc++abi -lunwind -lm" && \ + export CGO_CFLAGS="--target=$MUSL_TARGET -nostdinc++ -isystem /sysroot/$MUSL_TARGET/usr/include" && \ + export CGO_LDFLAGS="--target=$MUSL_TARGET \ + /sysroot/$MUSL_TARGET/usr/lib/libc++.a \ + /sysroot/$MUSL_TARGET/usr/lib/libc++abi.a \ + /sysroot/$MUSL_TARGET/usr/lib/libunwind.a -lm -lc -lpthread -ldl" && \ go build -tags civisibility_native -buildmode=c-shared -o ./output/dynamic/libtestoptimization.so *.go && \ strip --strip-unneeded ./output/dynamic/libtestoptimization.so + # Stage 2: Extract the library FROM alpine:latest From 318e49aeaeedfb628c8354304f66c906991af346 Mon Sep 17 00:00:00 2001 From: Tony Redondo Date: Sat, 29 Mar 2025 23:48:53 +0100 Subject: [PATCH 21/28] changes --- build/Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/build/Dockerfile b/build/Dockerfile index 11cda3c..8a072e4 100644 --- a/build/Dockerfile +++ b/build/Dockerfile @@ -43,8 +43,8 @@ ENV GOARCH=$GOARCH # Resolve MUSL target dynamically RUN case "$GOARCH" in \ - amd64) echo "x86_64-linux-musl" > /musl_target ;; \ - arm64) echo "aarch64-linux-musl" > /musl_target ;; \ + amd64) echo "x86_64-none-linux-musl" > /musl_target ;; \ + arm64) echo "aarch64-none-linux-musl" > /musl_target ;; \ *) echo "Unsupported architecture: $GOARCH" && exit 1 ;; \ esac From 1064d8c50a06986b1608dbb28c5172e34f69a728 Mon Sep 17 00:00:00 2001 From: Tony Redondo Date: Mon, 31 Mar 2025 00:11:40 +0200 Subject: [PATCH 22/28] changes --- build/Dockerfile | 52 ++++++++++++++++++++++++++++++------------------ 1 file changed, 33 insertions(+), 19 deletions(-) diff --git a/build/Dockerfile b/build/Dockerfile index 8a072e4..aec6519 100644 --- a/build/Dockerfile +++ b/build/Dockerfile @@ -41,14 +41,16 @@ ARG GOARCH=amd64 ARG MUSL_TARGET ENV GOARCH=$GOARCH -# Resolve MUSL target dynamically +# Set MUSL target triple and sysroot RUN case "$GOARCH" in \ - amd64) echo "x86_64-none-linux-musl" > /musl_target ;; \ - arm64) echo "aarch64-none-linux-musl" > /musl_target ;; \ + amd64) echo "x86_64-none-linux-musl" > /musl_target && \ + echo "ld-musl-x86_64.so.1" > /musl_interpreter ;; \ + arm64) echo "aarch64-none-linux-musl" > /musl_target && \ + echo "ld-musl-aarch64.so.1" > /musl_interpreter ;; \ *) echo "Unsupported architecture: $GOARCH" && exit 1 ;; \ esac -# Download and extract Go +# Install Go manually ENV GOFILENAME=go1.24.1.linux-${GOARCH}.tar.gz \ GODOWNLOADURL=https://go.dev/dl/go1.24.1.linux-${GOARCH}.tar.gz RUN wget -O go.tar.gz ${GODOWNLOADURL} && \ @@ -56,35 +58,47 @@ RUN wget -O go.tar.gz ${GODOWNLOADURL} && \ rm go.tar.gz ENV PATH="$PATH:/usr/local/go/bin" -# Configure environment variables for CGO, operating system, architecture, and compiler ENV CGO_ENABLED=1 \ GOOS=linux \ GOARCH=$GOARCH WORKDIR /app - -# Copy everything from the current directory to the PWD (Present Working Directory) inside the container COPY . . WORKDIR /app/internal/civisibility/native -# Build the library -# Ejecutamos el build en una capa aparte para soportar $MUSL_TARGET +# Build .a and .so using proper flags from CMake toolchain RUN export MUSL_TARGET=$(cat /musl_target) && \ - export CGO_CFLAGS="--target=$MUSL_TARGET -nostdinc++ -isystem /sysroot/$MUSL_TARGET/usr/include" && \ - export CGO_LDFLAGS="--target=$MUSL_TARGET \ - /sysroot/$MUSL_TARGET/usr/lib/libc++.a \ - /sysroot/$MUSL_TARGET/usr/lib/libc++abi.a \ - /sysroot/$MUSL_TARGET/usr/lib/libunwind.a -lm -lc -lpthread -ldl" && \ + export MUSL_INTERPRETER=$(cat /musl_interpreter) && \ + export SYSROOT=/sysroot/$MUSL_TARGET && \ + export CFLAGS="--target=$MUSL_TARGET -nostdinc++ -isystem $SYSROOT/usr/include \ + -Qunused-arguments -fPIC -rtlib=compiler-rt -unwindlib=libunwind \ + -static-libgcc -fno-omit-frame-pointer -ffunction-sections -fdata-sections" && \ + export LDFLAGS="--target=$MUSL_TARGET -fPIC -fuse-ld=lld-16 -nodefaultlibs \ + -Wl,-Bstatic -lc++ -lc++abi $SYSROOT/usr/lib/libclang_rt.builtins.a -lunwind \ + -Wl,-Bdynamic -lc $SYSROOT/usr/lib/libclang_rt.builtins.a \ + -Wl,--dynamic-linker,$SYSROOT/lib/$MUSL_INTERPRETER \ + -Wl,-rpath=$SYSROOT -resource-dir $SYSROOT/usr/lib/resource_dir \ + -Wl,--gc-sections -Wl,--discard-all -Wl,--icf=safe" && \ + export CGO_CFLAGS="$CFLAGS" && \ + export CGO_LDFLAGS="$LDFLAGS" && \ go build -tags civisibility_native -buildmode=c-archive -o ./output/static/libtestoptimization.a *.go && \ strip --strip-unneeded ./output/static/libtestoptimization.a RUN export MUSL_TARGET=$(cat /musl_target) && \ - export CGO_CFLAGS="--target=$MUSL_TARGET -nostdinc++ -isystem /sysroot/$MUSL_TARGET/usr/include" && \ - export CGO_LDFLAGS="--target=$MUSL_TARGET \ - /sysroot/$MUSL_TARGET/usr/lib/libc++.a \ - /sysroot/$MUSL_TARGET/usr/lib/libc++abi.a \ - /sysroot/$MUSL_TARGET/usr/lib/libunwind.a -lm -lc -lpthread -ldl" && \ + export MUSL_INTERPRETER=$(cat /musl_interpreter) && \ + export SYSROOT=/sysroot/$MUSL_TARGET && \ + export CFLAGS="--target=$MUSL_TARGET -nostdinc++ -isystem $SYSROOT/usr/include \ + -Qunused-arguments -fPIC -rtlib=compiler-rt -unwindlib=libunwind \ + -static-libgcc -fno-omit-frame-pointer -ffunction-sections -fdata-sections" && \ + export LDFLAGS="--target=$MUSL_TARGET -fPIC -fuse-ld=lld-16 -nodefaultlibs \ + -Wl,-Bstatic -lc++ -lc++abi $SYSROOT/usr/lib/libclang_rt.builtins.a -lunwind \ + -Wl,-Bdynamic -lc $SYSROOT/usr/lib/libclang_rt.builtins.a \ + -Wl,--dynamic-linker,$SYSROOT/lib/$MUSL_INTERPRETER \ + -Wl,-rpath=$SYSROOT -resource-dir $SYSROOT/usr/lib/resource_dir \ + -Wl,--gc-sections -Wl,--discard-all -Wl,--icf=safe" && \ + export CGO_CFLAGS="$CFLAGS" && \ + export CGO_LDFLAGS="$LDFLAGS" && \ go build -tags civisibility_native -buildmode=c-shared -o ./output/dynamic/libtestoptimization.so *.go && \ strip --strip-unneeded ./output/dynamic/libtestoptimization.so From 149849c8c5f3c4f49bb505537b77416dd3221187 Mon Sep 17 00:00:00 2001 From: Tony Redondo Date: Mon, 31 Mar 2025 00:20:28 +0200 Subject: [PATCH 23/28] change --- build/Dockerfile | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/build/Dockerfile b/build/Dockerfile index aec6519..deca267 100644 --- a/build/Dockerfile +++ b/build/Dockerfile @@ -75,10 +75,11 @@ RUN export MUSL_TARGET=$(cat /musl_target) && \ -Qunused-arguments -fPIC -rtlib=compiler-rt -unwindlib=libunwind \ -static-libgcc -fno-omit-frame-pointer -ffunction-sections -fdata-sections" && \ export LDFLAGS="--target=$MUSL_TARGET -fPIC -fuse-ld=lld-16 -nodefaultlibs \ - -Wl,-Bstatic -lc++ -lc++abi $SYSROOT/usr/lib/libclang_rt.builtins.a -lunwind \ - -Wl,-Bdynamic -lc $SYSROOT/usr/lib/libclang_rt.builtins.a \ + -L$SYSROOT/usr/lib -Wl,-Bstatic -lc++ -lc++abi -lunwind \ + -Wl,-Bdynamic -lc \ -Wl,--dynamic-linker,$SYSROOT/lib/$MUSL_INTERPRETER \ - -Wl,-rpath=$SYSROOT -resource-dir $SYSROOT/usr/lib/resource_dir \ + -Wl,-rpath=$SYSROOT \ + -resource-dir $SYSROOT/usr/lib/resource_dir \ -Wl,--gc-sections -Wl,--discard-all -Wl,--icf=safe" && \ export CGO_CFLAGS="$CFLAGS" && \ export CGO_LDFLAGS="$LDFLAGS" && \ @@ -92,10 +93,11 @@ RUN export MUSL_TARGET=$(cat /musl_target) && \ -Qunused-arguments -fPIC -rtlib=compiler-rt -unwindlib=libunwind \ -static-libgcc -fno-omit-frame-pointer -ffunction-sections -fdata-sections" && \ export LDFLAGS="--target=$MUSL_TARGET -fPIC -fuse-ld=lld-16 -nodefaultlibs \ - -Wl,-Bstatic -lc++ -lc++abi $SYSROOT/usr/lib/libclang_rt.builtins.a -lunwind \ - -Wl,-Bdynamic -lc $SYSROOT/usr/lib/libclang_rt.builtins.a \ + -L$SYSROOT/usr/lib -Wl,-Bstatic -lc++ -lc++abi -lunwind \ + -Wl,-Bdynamic -lc \ -Wl,--dynamic-linker,$SYSROOT/lib/$MUSL_INTERPRETER \ - -Wl,-rpath=$SYSROOT -resource-dir $SYSROOT/usr/lib/resource_dir \ + -Wl,-rpath=$SYSROOT \ + -resource-dir $SYSROOT/usr/lib/resource_dir \ -Wl,--gc-sections -Wl,--discard-all -Wl,--icf=safe" && \ export CGO_CFLAGS="$CFLAGS" && \ export CGO_LDFLAGS="$LDFLAGS" && \ From 91b2f013bee031f748d4f681a1f1cb822be8936f Mon Sep 17 00:00:00 2001 From: Tony Redondo Date: Mon, 31 Mar 2025 00:53:55 +0200 Subject: [PATCH 24/28] change --- build/Dockerfile | 24 ++++++++++-------------- 1 file changed, 10 insertions(+), 14 deletions(-) diff --git a/build/Dockerfile b/build/Dockerfile index deca267..de094f0 100644 --- a/build/Dockerfile +++ b/build/Dockerfile @@ -41,24 +41,23 @@ ARG GOARCH=amd64 ARG MUSL_TARGET ENV GOARCH=$GOARCH -# Set MUSL target triple and sysroot +# Set MUSL target and interpreter (for legacy references, even if we don't use it anymore) RUN case "$GOARCH" in \ - amd64) echo "x86_64-none-linux-musl" > /musl_target && \ - echo "ld-musl-x86_64.so.1" > /musl_interpreter ;; \ - arm64) echo "aarch64-none-linux-musl" > /musl_target && \ - echo "ld-musl-aarch64.so.1" > /musl_interpreter ;; \ + amd64) echo "x86_64-none-linux-musl" > /musl_target ;; \ + arm64) echo "aarch64-none-linux-musl" > /musl_target ;; \ *) echo "Unsupported architecture: $GOARCH" && exit 1 ;; \ esac # Install Go manually ENV GOFILENAME=go1.24.1.linux-${GOARCH}.tar.gz \ GODOWNLOADURL=https://go.dev/dl/go1.24.1.linux-${GOARCH}.tar.gz + RUN wget -O go.tar.gz ${GODOWNLOADURL} && \ tar -C /usr/local -xzf go.tar.gz && \ rm go.tar.gz -ENV PATH="$PATH:/usr/local/go/bin" -ENV CGO_ENABLED=1 \ +ENV PATH="$PATH:/usr/local/go/bin" \ + CGO_ENABLED=1 \ GOOS=linux \ GOARCH=$GOARCH @@ -67,9 +66,8 @@ COPY . . WORKDIR /app/internal/civisibility/native -# Build .a and .so using proper flags from CMake toolchain +# Build static library (.a) RUN export MUSL_TARGET=$(cat /musl_target) && \ - export MUSL_INTERPRETER=$(cat /musl_interpreter) && \ export SYSROOT=/sysroot/$MUSL_TARGET && \ export CFLAGS="--target=$MUSL_TARGET -nostdinc++ -isystem $SYSROOT/usr/include \ -Qunused-arguments -fPIC -rtlib=compiler-rt -unwindlib=libunwind \ @@ -77,17 +75,16 @@ RUN export MUSL_TARGET=$(cat /musl_target) && \ export LDFLAGS="--target=$MUSL_TARGET -fPIC -fuse-ld=lld-16 -nodefaultlibs \ -L$SYSROOT/usr/lib -Wl,-Bstatic -lc++ -lc++abi -lunwind \ -Wl,-Bdynamic -lc \ - -Wl,--dynamic-linker,$SYSROOT/lib/$MUSL_INTERPRETER \ -Wl,-rpath=$SYSROOT \ -resource-dir $SYSROOT/usr/lib/resource_dir \ -Wl,--gc-sections -Wl,--discard-all -Wl,--icf=safe" && \ export CGO_CFLAGS="$CFLAGS" && \ export CGO_LDFLAGS="$LDFLAGS" && \ + mkdir -p ./output/static && \ go build -tags civisibility_native -buildmode=c-archive -o ./output/static/libtestoptimization.a *.go && \ - strip --strip-unneeded ./output/static/libtestoptimization.a +# Build shared library (.so) RUN export MUSL_TARGET=$(cat /musl_target) && \ - export MUSL_INTERPRETER=$(cat /musl_interpreter) && \ export SYSROOT=/sysroot/$MUSL_TARGET && \ export CFLAGS="--target=$MUSL_TARGET -nostdinc++ -isystem $SYSROOT/usr/include \ -Qunused-arguments -fPIC -rtlib=compiler-rt -unwindlib=libunwind \ @@ -95,14 +92,13 @@ RUN export MUSL_TARGET=$(cat /musl_target) && \ export LDFLAGS="--target=$MUSL_TARGET -fPIC -fuse-ld=lld-16 -nodefaultlibs \ -L$SYSROOT/usr/lib -Wl,-Bstatic -lc++ -lc++abi -lunwind \ -Wl,-Bdynamic -lc \ - -Wl,--dynamic-linker,$SYSROOT/lib/$MUSL_INTERPRETER \ -Wl,-rpath=$SYSROOT \ -resource-dir $SYSROOT/usr/lib/resource_dir \ -Wl,--gc-sections -Wl,--discard-all -Wl,--icf=safe" && \ export CGO_CFLAGS="$CFLAGS" && \ export CGO_LDFLAGS="$LDFLAGS" && \ + mkdir -p ./output/dynamic && \ go build -tags civisibility_native -buildmode=c-shared -o ./output/dynamic/libtestoptimization.so *.go && \ - strip --strip-unneeded ./output/dynamic/libtestoptimization.so # Stage 2: Extract the library From 51071d1aa5c07fa1ae6439b545a75165ab089a90 Mon Sep 17 00:00:00 2001 From: Tony Redondo Date: Mon, 31 Mar 2025 00:55:18 +0200 Subject: [PATCH 25/28] . --- build/Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/build/Dockerfile b/build/Dockerfile index de094f0..731bfe8 100644 --- a/build/Dockerfile +++ b/build/Dockerfile @@ -81,7 +81,7 @@ RUN export MUSL_TARGET=$(cat /musl_target) && \ export CGO_CFLAGS="$CFLAGS" && \ export CGO_LDFLAGS="$LDFLAGS" && \ mkdir -p ./output/static && \ - go build -tags civisibility_native -buildmode=c-archive -o ./output/static/libtestoptimization.a *.go && \ + go build -tags civisibility_native -buildmode=c-archive -o ./output/static/libtestoptimization.a *.go # Build shared library (.so) RUN export MUSL_TARGET=$(cat /musl_target) && \ @@ -98,7 +98,7 @@ RUN export MUSL_TARGET=$(cat /musl_target) && \ export CGO_CFLAGS="$CFLAGS" && \ export CGO_LDFLAGS="$LDFLAGS" && \ mkdir -p ./output/dynamic && \ - go build -tags civisibility_native -buildmode=c-shared -o ./output/dynamic/libtestoptimization.so *.go && \ + go build -tags civisibility_native -buildmode=c-shared -o ./output/dynamic/libtestoptimization.so *.go # Stage 2: Extract the library From b53c2e5725252e645bf8896a98e5bac7b0ba8294 Mon Sep 17 00:00:00 2001 From: Tony Redondo Date: Mon, 31 Mar 2025 10:58:34 +0200 Subject: [PATCH 26/28] changes --- build/Dockerfile | 83 ++++++++++++++++++++++++++---------------------- 1 file changed, 45 insertions(+), 38 deletions(-) diff --git a/build/Dockerfile b/build/Dockerfile index 731bfe8..109e04a 100644 --- a/build/Dockerfile +++ b/build/Dockerfile @@ -1,7 +1,10 @@ # Use an Alpine-based Go image for the builder stage FROM datadog/libddwaf:toolchain AS builder -ENV QUIC_LTTng=0 +# Variables de entorno para el build universal +ENV QUIC_LTTng=0 \ + IsAlpine=true \ + AsUniversal=true RUN apt-get update \ && apt-get -y upgrade \ @@ -21,84 +24,87 @@ RUN apt-get update \ \ && rm -rf /var/lib/apt/lists/* -# We need to set this environment variable to make sure -# that compiling/linking will act as if it was on Alpine -ENV IsAlpine=true \ -## This dockerfile is meant to build universal binaries - AsUniversal=true - - -RUN ln -s `which clang-16` /usr/bin/clang && \ - ln -s `which clang++-16` /usr/bin/clang++ +RUN ln -sf "$(which clang-16)" /usr/bin/clang && \ + ln -sf "$(which clang++-16)" /usr/bin/clang++ -ENV \ - CXX=clang++ \ +ENV CXX=clang++ \ CC=clang # Argument can be set during build time with --build-arg GOARCH=arm64 ARG GOARCH=amd64 -# Set MUSL_TARGET depending on GOARCH -ARG MUSL_TARGET ENV GOARCH=$GOARCH -# Set MUSL target and interpreter (for legacy references, even if we don't use it anymore) +# Definimos el MUSL target y comprobamos la arquitectura +# Guardamos el target en un archivo para usarlo en los comandos posteriores RUN case "$GOARCH" in \ amd64) echo "x86_64-none-linux-musl" > /musl_target ;; \ arm64) echo "aarch64-none-linux-musl" > /musl_target ;; \ *) echo "Unsupported architecture: $GOARCH" && exit 1 ;; \ esac +# Definimos el intérprete de carga dinámica según la arquitectura +RUN case "$GOARCH" in \ + amd64) echo "ld-musl-x86_64.so.1" > /interpreter ;; \ + arm64) echo "ld-musl-aarch64.so.1" > /interpreter ;; \ + *) echo "Unsupported architecture: $GOARCH" && exit 1 ;; \ + esac + + # Install Go manually ENV GOFILENAME=go1.24.1.linux-${GOARCH}.tar.gz \ GODOWNLOADURL=https://go.dev/dl/go1.24.1.linux-${GOARCH}.tar.gz - RUN wget -O go.tar.gz ${GODOWNLOADURL} && \ tar -C /usr/local -xzf go.tar.gz && \ rm go.tar.gz ENV PATH="$PATH:/usr/local/go/bin" \ CGO_ENABLED=1 \ - GOOS=linux \ - GOARCH=$GOARCH + GOOS=linux WORKDIR /app COPY . . WORKDIR /app/internal/civisibility/native -# Build static library (.a) +# Comunes: Leemos el MUSL target y el intérprete definidos previamente +# Se usarán en ambos builds (estático y compartido) RUN export MUSL_TARGET=$(cat /musl_target) && \ export SYSROOT=/sysroot/$MUSL_TARGET && \ + export INTERPRETER=$(cat /interpreter) && \ + echo "Using SYSROOT: $SYSROOT and INTERPRETER: $INTERPRETER" && \ + mkdir -p ./output + +# Build de la librería estática (.a) con buildmode=c-archive +RUN export MUSL_TARGET=$(cat /musl_target) && \ + export SYSROOT=/sysroot/$MUSL_TARGET && \ + export INTERPRETER=$(cat /interpreter) && \ export CFLAGS="--target=$MUSL_TARGET -nostdinc++ -isystem $SYSROOT/usr/include \ -Qunused-arguments -fPIC -rtlib=compiler-rt -unwindlib=libunwind \ -static-libgcc -fno-omit-frame-pointer -ffunction-sections -fdata-sections" && \ export LDFLAGS="--target=$MUSL_TARGET -fPIC -fuse-ld=lld-16 -nodefaultlibs \ - -L$SYSROOT/usr/lib -Wl,-Bstatic -lc++ -lc++abi -lunwind \ - -Wl,-Bdynamic -lc \ - -Wl,-rpath=$SYSROOT \ - -resource-dir $SYSROOT/usr/lib/resource_dir \ - -Wl,--gc-sections -Wl,--discard-all -Wl,--icf=safe" && \ + -L$SYSROOT/usr/lib -Wl,-Bstatic -lc++ -lc++abi ${SYSROOT}/usr/lib/libclang_rt.builtins.a -lunwind \ + -Wl,-Bdynamic -lc ${SYSROOT}/usr/lib/libclang_rt.builtins.a \ + -Wl,--dynamic-linker,$SYSROOT/lib/${INTERPRETER} -Wl,-rpath,$SYSROOT \ + -resource-dir $SYSROOT/usr/lib/resource_dir -Wl,--gc-sections -Wl,--discard-all -Wl,--icf=safe" && \ export CGO_CFLAGS="$CFLAGS" && \ export CGO_LDFLAGS="$LDFLAGS" && \ - mkdir -p ./output/static && \ - go build -tags civisibility_native -buildmode=c-archive -o ./output/static/libtestoptimization.a *.go + go build -tags civisibility_native -buildmode=c-archive -o ./output/libtestoptimization.a *.go -# Build shared library (.so) +# Build de la librería compartida (.so) con buildmode=c-shared RUN export MUSL_TARGET=$(cat /musl_target) && \ export SYSROOT=/sysroot/$MUSL_TARGET && \ + export INTERPRETER=$(cat /interpreter) && \ export CFLAGS="--target=$MUSL_TARGET -nostdinc++ -isystem $SYSROOT/usr/include \ -Qunused-arguments -fPIC -rtlib=compiler-rt -unwindlib=libunwind \ -static-libgcc -fno-omit-frame-pointer -ffunction-sections -fdata-sections" && \ export LDFLAGS="--target=$MUSL_TARGET -fPIC -fuse-ld=lld-16 -nodefaultlibs \ - -L$SYSROOT/usr/lib -Wl,-Bstatic -lc++ -lc++abi -lunwind \ - -Wl,-Bdynamic -lc \ - -Wl,-rpath=$SYSROOT \ - -resource-dir $SYSROOT/usr/lib/resource_dir \ - -Wl,--gc-sections -Wl,--discard-all -Wl,--icf=safe" && \ + -L$SYSROOT/usr/lib -Wl,-Bstatic -lc++ -lc++abi ${SYSROOT}/usr/lib/libclang_rt.builtins.a -lunwind \ + -Wl,-Bdynamic -lc ${SYSROOT}/usr/lib/libclang_rt.builtins.a \ + -Wl,--dynamic-linker,$SYSROOT/lib/${INTERPRETER} -Wl,-rpath,$SYSROOT \ + -resource-dir $SYSROOT/usr/lib/resource_dir -Wl,--gc-sections -Wl,--discard-all -Wl,--icf=safe" && \ export CGO_CFLAGS="$CFLAGS" && \ export CGO_LDFLAGS="$LDFLAGS" && \ - mkdir -p ./output/dynamic && \ - go build -tags civisibility_native -buildmode=c-shared -o ./output/dynamic/libtestoptimization.so *.go + go build -tags civisibility_native -buildmode=c-shared -o ./output/libtestoptimization.so *.go # Stage 2: Extract the library @@ -120,11 +126,12 @@ COPY --from=builder /app/internal/civisibility/native/output/dynamic/libtestopti COPY --from=builder /app/internal/civisibility/native/output/dynamic/libtestoptimization.h /output/dynamic/libtestoptimization.h # Compress both files into zip archives -RUN cd /output/static && zip -j -9 ../${FILE_NAME}-static.zip *.* -RUN cd /output/dynamic && zip -j -9 ../${FILE_NAME}-dynamic.zip *.* +RUN cd /output/static && zip -j -9 ../${FILE_NAME}-static.zip *.* && \ + cd /output/dynamic && zip -j -9 ../${FILE_NAME}-dynamic.zip *.* + # Create a SHA256 checksum file for the archive -RUN sha256sum /output/${FILE_NAME}-static.zip > /output/${FILE_NAME}-static.zip.sha256sum -RUN sha256sum /output/${FILE_NAME}-dynamic.zip > /output/${FILE_NAME}-dynamic.zip.sha256sum +RUN sha256sum /output/${FILE_NAME}-static.zip > /output/${FILE_NAME}-static.zip.sha256sum && \ + sha256sum /output/${FILE_NAME}-dynamic.zip > /output/${FILE_NAME}-dynamic.zip.sha256sum RUN rm -r /output/static /output/dynamic From 911f5216b4df8703569d269d7a419245bbb08ef0 Mon Sep 17 00:00:00 2001 From: Tony Redondo Date: Mon, 31 Mar 2025 11:01:51 +0200 Subject: [PATCH 27/28] fixes --- build/Dockerfile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/build/Dockerfile b/build/Dockerfile index 109e04a..7d88c04 100644 --- a/build/Dockerfile +++ b/build/Dockerfile @@ -72,7 +72,7 @@ RUN export MUSL_TARGET=$(cat /musl_target) && \ export SYSROOT=/sysroot/$MUSL_TARGET && \ export INTERPRETER=$(cat /interpreter) && \ echo "Using SYSROOT: $SYSROOT and INTERPRETER: $INTERPRETER" && \ - mkdir -p ./output + mkdir -p ./output/static ./output/dynamic # Build de la librería estática (.a) con buildmode=c-archive RUN export MUSL_TARGET=$(cat /musl_target) && \ @@ -88,7 +88,7 @@ RUN export MUSL_TARGET=$(cat /musl_target) && \ -resource-dir $SYSROOT/usr/lib/resource_dir -Wl,--gc-sections -Wl,--discard-all -Wl,--icf=safe" && \ export CGO_CFLAGS="$CFLAGS" && \ export CGO_LDFLAGS="$LDFLAGS" && \ - go build -tags civisibility_native -buildmode=c-archive -o ./output/libtestoptimization.a *.go + go build -tags civisibility_native -buildmode=c-archive -o ./output/static/libtestoptimization.a *.go # Build de la librería compartida (.so) con buildmode=c-shared RUN export MUSL_TARGET=$(cat /musl_target) && \ @@ -104,7 +104,7 @@ RUN export MUSL_TARGET=$(cat /musl_target) && \ -resource-dir $SYSROOT/usr/lib/resource_dir -Wl,--gc-sections -Wl,--discard-all -Wl,--icf=safe" && \ export CGO_CFLAGS="$CFLAGS" && \ export CGO_LDFLAGS="$LDFLAGS" && \ - go build -tags civisibility_native -buildmode=c-shared -o ./output/libtestoptimization.so *.go + go build -tags civisibility_native -buildmode=c-shared -o ./output/dynamic/libtestoptimization.so *.go # Stage 2: Extract the library From 27cd2655fd4b59bd1ccd5fb86524ae8bf96b941c Mon Sep 17 00:00:00 2001 From: Tony Redondo Date: Mon, 31 Mar 2025 11:33:41 +0200 Subject: [PATCH 28/28] change --- build/Dockerfile | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/build/Dockerfile b/build/Dockerfile index 7d88c04..26a68fe 100644 --- a/build/Dockerfile +++ b/build/Dockerfile @@ -99,8 +99,7 @@ RUN export MUSL_TARGET=$(cat /musl_target) && \ -static-libgcc -fno-omit-frame-pointer -ffunction-sections -fdata-sections" && \ export LDFLAGS="--target=$MUSL_TARGET -fPIC -fuse-ld=lld-16 -nodefaultlibs \ -L$SYSROOT/usr/lib -Wl,-Bstatic -lc++ -lc++abi ${SYSROOT}/usr/lib/libclang_rt.builtins.a -lunwind \ - -Wl,-Bdynamic -lc ${SYSROOT}/usr/lib/libclang_rt.builtins.a \ - -Wl,--dynamic-linker,$SYSROOT/lib/${INTERPRETER} -Wl,-rpath,$SYSROOT \ + -Wl,-Bstatic -lc -Wl,-Bdynamic \ -resource-dir $SYSROOT/usr/lib/resource_dir -Wl,--gc-sections -Wl,--discard-all -Wl,--icf=safe" && \ export CGO_CFLAGS="$CFLAGS" && \ export CGO_LDFLAGS="$LDFLAGS" && \