diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 7f2c7821ff..a34abc2425 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -54,23 +54,36 @@ jobs: if-no-files-found: error retention-days: 7 + prepare-cross: + runs-on: ubuntu-latest + needs: + - validate-dco + outputs: + matrix: ${{ steps.platforms.outputs.matrix }} + steps: + - + name: Checkout + uses: actions/checkout@v3 + - + name: Create matrix + id: platforms + run: | + matrix="$(docker buildx bake binary-cross --print | jq -cr '.target."binary-cross".platforms')" + echo "matrix=$matrix" >> $GITHUB_OUTPUT + - + name: Show matrix + run: | + echo ${{ steps.platforms.outputs.matrix }} + cross: runs-on: ubuntu-20.04 needs: - validate-dco + - prepare-cross strategy: fail-fast: false matrix: - platform: - - linux/amd64 - - linux/arm/v5 - - linux/arm/v6 - - linux/arm/v7 - - linux/arm64 - - linux/ppc64le - - linux/s390x - - windows/amd64 - - windows/arm64 + platform: ${{ fromJson(needs.prepare-cross.outputs.matrix) }} steps: - name: Checkout @@ -89,9 +102,9 @@ jobs: name: Build uses: docker/bake-action@v2 with: - targets: cross - env: - DOCKER_CROSSPLATFORMS: ${{ matrix.platform }} + targets: binary + set: | + *.platform=${{ matrix.platform }} - name: Upload artifacts uses: actions/upload-artifact@v3 diff --git a/Dockerfile b/Dockerfile index 0777e02661..e830658774 100644 --- a/Dockerfile +++ b/Dockerfile @@ -8,7 +8,6 @@ ARG XX_VERSION=1.1.2 ARG VPNKIT_VERSION=0.5.0 ARG DOCKERCLI_VERSION=v17.06.2-ce -ARG CROSS="false" ARG SYSTEMD="false" ARG DEBIAN_FRONTEND=noninteractive ARG DOCKER_STATIC=1 @@ -128,60 +127,6 @@ RUN /download-frozen-image-v2.sh /build \ hello-world:latest@sha256:d58e752213a51785838f9eed2b7a498ffa1cb3aa7f946dda11af39286c3db9a9 \ arm32v7/hello-world:latest@sha256:50b8560ad574c779908da71f7ce370c0a2471c098d44d1c8f6b513c5a55eeeb1 -FROM base AS cross-false - -FROM --platform=linux/amd64 base AS cross-true -ARG DEBIAN_FRONTEND -RUN dpkg --add-architecture arm64 -RUN dpkg --add-architecture armel -RUN dpkg --add-architecture armhf -RUN dpkg --add-architecture ppc64el -RUN dpkg --add-architecture s390x -RUN --mount=type=cache,sharing=locked,id=moby-cross-true-aptlib,target=/var/lib/apt \ - --mount=type=cache,sharing=locked,id=moby-cross-true-aptcache,target=/var/cache/apt \ - apt-get update && apt-get install -y --no-install-recommends \ - crossbuild-essential-arm64 \ - crossbuild-essential-armel \ - crossbuild-essential-armhf \ - crossbuild-essential-ppc64el \ - crossbuild-essential-s390x - -FROM cross-${CROSS} AS dev-base - -FROM dev-base AS runtime-dev-cross-false -ARG DEBIAN_FRONTEND -RUN --mount=type=cache,sharing=locked,id=moby-cross-false-aptlib,target=/var/lib/apt \ - --mount=type=cache,sharing=locked,id=moby-cross-false-aptcache,target=/var/cache/apt \ - apt-get update && apt-get install -y --no-install-recommends \ - binutils-mingw-w64 \ - g++-mingw-w64-x86-64 \ - libapparmor-dev \ - libbtrfs-dev \ - libdevmapper-dev \ - libseccomp-dev \ - libsystemd-dev \ - libudev-dev - -FROM --platform=linux/amd64 runtime-dev-cross-false AS runtime-dev-cross-true -ARG DEBIAN_FRONTEND -# These crossbuild packages rely on gcc-, but this doesn't want to install -# on non-amd64 systems, so other architectures cannot crossbuild amd64. -RUN --mount=type=cache,sharing=locked,id=moby-cross-true-aptlib,target=/var/lib/apt \ - --mount=type=cache,sharing=locked,id=moby-cross-true-aptcache,target=/var/cache/apt \ - apt-get update && apt-get install -y --no-install-recommends \ - libapparmor-dev:arm64 \ - libapparmor-dev:armel \ - libapparmor-dev:armhf \ - libapparmor-dev:ppc64el \ - libapparmor-dev:s390x \ - libseccomp-dev:arm64 \ - libseccomp-dev:armel \ - libseccomp-dev:armhf \ - libseccomp-dev:ppc64el \ - libseccomp-dev:s390x - -FROM runtime-dev-cross-${CROSS} AS runtime-dev - # delve FROM base AS delve-src WORKDIR /usr/src/delve @@ -494,8 +439,47 @@ FROM containerutil-build AS containerutil-windows-amd64 FROM containerutil-windows-${TARGETARCH} AS containerutil-windows FROM containerutil-${TARGETOS} AS containerutil -# TODO: Some of this is only really needed for testing, it would be nice to split this up -FROM runtime-dev AS dev-systemd-false +FROM base AS dev-systemd-false +COPY --from=dockercli /build/ /usr/local/cli +COPY --from=frozen-images /build/ /docker-frozen-images +COPY --from=swagger /build/ /usr/local/bin/ +COPY --from=delve /build/ /usr/local/bin/ +COPY --from=tomll /build/ /usr/local/bin/ +COPY --from=gowinres /build/ /usr/local/bin/ +COPY --from=tini /build/ /usr/local/bin/ +COPY --from=registry /build/ /usr/local/bin/ +COPY --from=criu /build/ /usr/local/bin/ +COPY --from=gotestsum /build/ /usr/local/bin/ +COPY --from=golangci_lint /build/ /usr/local/bin/ +COPY --from=shfmt /build/ /usr/local/bin/ +COPY --from=runc /build/ /usr/local/bin/ +COPY --from=containerd /build/ /usr/local/bin/ +COPY --from=rootlesskit /build/ /usr/local/bin/ +COPY --from=vpnkit / /usr/local/bin/ +COPY --from=containerutil /build/ /usr/local/bin/ +COPY --from=crun /build/ /usr/local/bin/ +COPY hack/dockerfile/etc/docker/ /etc/docker/ +ENV PATH=/usr/local/cli:$PATH +WORKDIR /go/src/github.com/docker/docker +VOLUME /var/lib/docker +VOLUME /home/unprivilegeduser/.local/share/docker +# Wrap all commands in the "docker-in-docker" script to allow nested containers +ENTRYPOINT ["hack/dind"] + +FROM dev-systemd-false AS dev-systemd-true +RUN --mount=type=cache,sharing=locked,id=moby-dev-aptlib,target=/var/lib/apt \ + --mount=type=cache,sharing=locked,id=moby-dev-aptcache,target=/var/cache/apt \ + apt-get update && apt-get install -y --no-install-recommends \ + dbus \ + dbus-user-session \ + systemd \ + systemd-sysv +RUN mkdir -p hack \ + && curl -o hack/dind-systemd https://raw.githubusercontent.com/AkihiroSuda/containerized-systemd/b70bac0daeea120456764248164c21684ade7d0d/docker-entrypoint.sh \ + && chmod +x hack/dind-systemd +ENTRYPOINT ["hack/dind-systemd"] + +FROM dev-systemd-${SYSTEMD} AS dev ARG DEBIAN_FRONTEND RUN groupadd -r docker RUN useradd --create-home --gid docker unprivilegeduser \ @@ -539,118 +523,84 @@ RUN --mount=type=cache,sharing=locked,id=moby-dev-aptlib,target=/var/lib/apt \ xz-utils \ zip \ zstd - - # Switch to use iptables instead of nftables (to match the CI hosts) # TODO use some kind of runtime auto-detection instead if/when nftables is supported (https://github.com/moby/moby/issues/26824) RUN update-alternatives --set iptables /usr/sbin/iptables-legacy || true \ && update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy || true \ && update-alternatives --set arptables /usr/sbin/arptables-legacy || true - ARG YAMLLINT_VERSION=1.27.1 RUN pip3 install yamllint==${YAMLLINT_VERSION} - -COPY --from=dockercli /build/ /usr/local/cli -COPY --from=frozen-images /build/ /docker-frozen-images -COPY --from=swagger /build/ /usr/local/bin/ -COPY --from=delve /build/ /usr/local/bin/ -COPY --from=tomll /build/ /usr/local/bin/ -COPY --from=gowinres /build/ /usr/local/bin/ -COPY --from=tini /build/ /usr/local/bin/ -COPY --from=registry /build/ /usr/local/bin/ -COPY --from=criu /build/ /usr/local/bin/ -COPY --from=gotestsum /build/ /usr/local/bin/ -COPY --from=golangci_lint /build/ /usr/local/bin/ -COPY --from=shfmt /build/ /usr/local/bin/ -COPY --from=runc /build/ /usr/local/bin/ -COPY --from=containerd /build/ /usr/local/bin/ -COPY --from=rootlesskit /build/ /usr/local/bin/ -COPY --from=vpnkit / /usr/local/bin/ -COPY --from=containerutil /build/ /usr/local/bin/ -COPY --from=crun /build/ /usr/local/bin/ -COPY hack/dockerfile/etc/docker/ /etc/docker/ -ENV PATH=/usr/local/cli:$PATH -ARG DOCKER_BUILDTAGS -ENV DOCKER_BUILDTAGS="${DOCKER_BUILDTAGS}" -WORKDIR /go/src/github.com/docker/docker -VOLUME /var/lib/docker -VOLUME /home/unprivilegeduser/.local/share/docker -# Wrap all commands in the "docker-in-docker" script to allow nested containers -ENTRYPOINT ["hack/dind"] - -FROM dev-systemd-false AS dev-systemd-true RUN --mount=type=cache,sharing=locked,id=moby-dev-aptlib,target=/var/lib/apt \ --mount=type=cache,sharing=locked,id=moby-dev-aptcache,target=/var/cache/apt \ - apt-get update && apt-get install -y --no-install-recommends \ - dbus \ - dbus-user-session \ - systemd \ - systemd-sysv -RUN mkdir -p hack \ - && curl -o hack/dind-systemd https://raw.githubusercontent.com/AkihiroSuda/containerized-systemd/b70bac0daeea120456764248164c21684ade7d0d/docker-entrypoint.sh \ - && chmod +x hack/dind-systemd -ENTRYPOINT ["hack/dind-systemd"] + apt-get update && apt-get install --no-install-recommends -y \ + gcc \ + pkg-config \ + dpkg-dev \ + libapparmor-dev \ + libbtrfs-dev \ + libdevmapper-dev \ + libseccomp-dev \ + libsecret-1-dev \ + libsystemd-dev \ + libudev-dev -FROM dev-systemd-${SYSTEMD} AS dev - -FROM runtime-dev AS binary-base -ARG DOCKER_GITCOMMIT=HEAD -ENV DOCKER_GITCOMMIT=${DOCKER_GITCOMMIT} -ARG VERSION -ENV VERSION=${VERSION} -ARG PLATFORM -ENV PLATFORM=${PLATFORM} -ARG PRODUCT -ENV PRODUCT=${PRODUCT} -ARG DEFAULT_PRODUCT_LICENSE -ENV DEFAULT_PRODUCT_LICENSE=${DEFAULT_PRODUCT_LICENSE} -ARG PACKAGER_NAME -ENV PACKAGER_NAME=${PACKAGER_NAME} -ARG DOCKER_BUILDTAGS -ENV DOCKER_BUILDTAGS="${DOCKER_BUILDTAGS}" -ENV PREFIX=/build -# TODO: This is here because hack/make.sh binary copies these extras binaries -# from $PATH into the bundles dir. -# It would be nice to handle this in a different way. -COPY --from=tini /build/ /usr/local/bin/ -COPY --from=runc /build/ /usr/local/bin/ -COPY --from=containerd /build/ /usr/local/bin/ -COPY --from=rootlesskit /build/ /usr/local/bin/ -COPY --from=vpnkit / /usr/local/bin/ -COPY --from=containerutil /build/ /usr/local/bin/ -COPY --from=gowinres /build/ /usr/local/bin/ +FROM base AS build +COPY --from=gowinres /build/ /usr/local/bin/ WORKDIR /go/src/github.com/docker/docker - -FROM binary-base AS build-binary -RUN --mount=type=cache,target=/root/.cache \ - --mount=type=bind,target=.,ro \ +ENV GO111MODULE=off +ENV CGO_ENABLED=1 +ARG DEBIAN_FRONTEND +ARG TARGETPLATFORM +RUN --mount=type=cache,sharing=locked,id=moby-build-aptlib,target=/var/lib/apt \ + --mount=type=cache,sharing=locked,id=moby-build-aptcache,target=/var/cache/apt \ + xx-apt-get install --no-install-recommends -y \ + gcc \ + libapparmor-dev \ + libbtrfs-dev \ + libc6-dev \ + libdevmapper-dev \ + libseccomp-dev \ + libsecret-1-dev \ + libsystemd-dev \ + libudev-dev +ARG DOCKER_BUILDTAGS +ARG DOCKER_DEBUG +ARG DOCKER_GITCOMMIT=HEAD +ARG DOCKER_LDFLAGS +ARG DOCKER_STATIC +ARG VERSION +ARG PLATFORM +ARG PRODUCT +ARG DEFAULT_PRODUCT_LICENSE +ARG PACKAGER_NAME +# PREFIX overrides DEST dir in make.sh script otherwise it fails because of +# read only mount in current work dir +ENV PREFIX=/tmp +RUN --mount=type=bind,target=. \ --mount=type=tmpfs,target=cli/winresources/dockerd \ --mount=type=tmpfs,target=cli/winresources/docker-proxy \ - hack/make.sh binary - -FROM binary-base AS build-dynbinary -RUN --mount=type=cache,target=/root/.cache \ - --mount=type=bind,target=.,ro \ - --mount=type=tmpfs,target=cli/winresources/dockerd \ - --mount=type=tmpfs,target=cli/winresources/docker-proxy \ - hack/make.sh dynbinary - -FROM binary-base AS build-cross -ARG DOCKER_CROSSPLATFORMS -RUN --mount=type=cache,target=/root/.cache \ - --mount=type=bind,target=.,ro \ - --mount=type=tmpfs,target=cli/winresources/dockerd \ - --mount=type=tmpfs,target=cli/winresources/docker-proxy \ - hack/make.sh cross + --mount=type=cache,target=/root/.cache/go-build,id=moby-build-$TARGETPLATFORM < docker buildx bake binary +# > DOCKER_STATIC=0 docker buildx bake binary +# or +# > make binary +# > make dynbinary FROM scratch AS binary -COPY --from=build-binary /build/bundles/ / - -FROM scratch AS dynbinary -COPY --from=build-dynbinary /build/bundles/ / - -FROM scratch AS cross -COPY --from=build-cross /build/bundles/ / +COPY --from=build /build/ / +# usage: +# > make shell +# > SYSTEMD=true make shell FROM dev AS final -COPY . /go/src/github.com/docker/docker +COPY . . diff --git a/Makefile b/Makefile index 3de756456a..92f1d41b9e 100644 --- a/Makefile +++ b/Makefile @@ -31,7 +31,6 @@ export VALIDATE_ORIGIN_BRANCH # make DOCKER_LDFLAGS="-X github.com/docker/docker/daemon/graphdriver.priority=overlay2,devicemapper" dynbinary # DOCKER_ENVS := \ - -e DOCKER_CROSSPLATFORMS \ -e BUILD_APT_MIRROR \ -e BUILDFLAGS \ -e KEEPBUNDLE \ @@ -142,17 +141,7 @@ endif BUILD_OPTS := ${BUILD_APT_MIRROR} ${DOCKER_BUILD_ARGS} ${DOCKER_BUILD_OPTS} -f "$(DOCKERFILE)" BUILD_CMD := $(BUILDX) build - -# This is used for the legacy "build" target and anything still depending on it -BUILD_CROSS = -ifdef DOCKER_CROSS -BUILD_CROSS = --build-arg CROSS=$(DOCKER_CROSS) -endif -ifdef DOCKER_CROSSPLATFORMS -BUILD_CROSS = --build-arg CROSS=true -endif - -VERSION_AUTOGEN_ARGS = --build-arg VERSION --build-arg DOCKER_GITCOMMIT --build-arg PRODUCT --build-arg PLATFORM --build-arg DEFAULT_PRODUCT_LICENSE --build-arg PACKAGER_NAME +BAKE_CMD := $(BUILDX) bake default: binary @@ -160,14 +149,13 @@ all: build ## validate all checks, build linux binaries, run all tests,\ncross b $(DOCKER_RUN_DOCKER) bash -c 'hack/validate/default && hack/make.sh' binary: bundles ## build statically linked linux binaries - $(BUILD_CMD) $(BUILD_OPTS) --output=bundles/ --target=$@ $(VERSION_AUTOGEN_ARGS) . + $(BAKE_CMD) binary dynbinary: bundles ## build dynamically linked linux binaries - $(BUILD_CMD) $(BUILD_OPTS) --output=bundles/ --target=$@ $(VERSION_AUTOGEN_ARGS) . + $(BAKE_CMD) dynbinary -cross: BUILD_OPTS += --build-arg CROSS=true --build-arg DOCKER_CROSSPLATFORMS -cross: bundles ## cross build the binaries for darwin, freebsd and\nwindows - $(BUILD_CMD) $(BUILD_OPTS) --output=bundles/ --target=$@ $(VERSION_AUTOGEN_ARGS) . +cross: bundles ## cross build the binaries + $(BAKE_CMD) binary-cross bundles: mkdir bundles @@ -195,13 +183,13 @@ else build: shell_target := --target=final endif build: bundles - $(BUILD_CMD) $(BUILD_OPTS) $(shell_target) --load $(BUILD_CROSS) -t "$(DOCKER_IMAGE)" . + $(BUILD_CMD) $(BUILD_OPTS) $(shell_target) --load -t "$(DOCKER_IMAGE)" . shell: build ## start a shell inside the build env $(DOCKER_RUN_DOCKER) bash test: build test-unit ## run the unit, integration and docker-py tests - $(DOCKER_RUN_DOCKER) hack/make.sh dynbinary cross test-integration test-docker-py + $(DOCKER_RUN_DOCKER) hack/make.sh dynbinary test-integration test-docker-py test-docker-py: build ## run the docker-py tests $(DOCKER_RUN_DOCKER) hack/make.sh dynbinary test-docker-py @@ -228,8 +216,8 @@ validate: build ## validate DCO, Seccomp profile generation, gofmt,\n./pkg/ isol validate-%: build ## validate specific check $(DOCKER_RUN_DOCKER) hack/validate/$* -win: build ## cross build the binary for windows - $(DOCKER_RUN_DOCKER) DOCKER_CROSSPLATFORMS=windows/amd64 hack/make.sh cross +win: bundles ## cross build the binary for windows + $(BAKE_CMD) --set *.platform=windows/amd64 binary .PHONY: swagger-gen swagger-gen: diff --git a/docker-bake.hcl b/docker-bake.hcl index fc9d0b7630..e46a64a9a6 100644 --- a/docker-bake.hcl +++ b/docker-bake.hcl @@ -4,9 +4,6 @@ variable "BUNDLES_OUTPUT" { variable "DOCKER_STATIC" { default = "1" } -variable "DOCKER_CROSSPLATFORMS" { - default = "" -} target "_common" { args = { @@ -20,6 +17,23 @@ group "default" { targets = ["binary"] } +target "_platforms" { + platforms = [ + "linux/amd64", + "linux/arm/v5", + "linux/arm/v6", + "linux/arm/v7", + "linux/arm64", + "linux/ppc64le", + "linux/s390x", + "windows/amd64" + ] +} + +# +# build dockerd and docker-proxy +# + target "binary" { inherits = ["_common"] target = "binary" @@ -28,16 +42,13 @@ target "binary" { target "dynbinary" { inherits = ["binary"] - target = "dynbinary" + args = { + DOCKER_STATIC = "0" + } } -target "cross" { - inherits = ["binary"] - args = { - CROSS = "true" - DOCKER_CROSSPLATFORMS = DOCKER_CROSSPLATFORMS - } - target = "cross" +target "binary-cross" { + inherits = ["binary", "_platforms"] } # diff --git a/docs/contributing/set-up-dev-env.md b/docs/contributing/set-up-dev-env.md index d3efcd029f..e8ef9b23aa 100644 --- a/docs/contributing/set-up-dev-env.md +++ b/docs/contributing/set-up-dev-env.md @@ -150,10 +150,10 @@ can take over 15 minutes to complete. Removing bundles/ ---> Making bundle: binary (in bundles/binary) - Building: bundles/binary-daemon/dockerd-17.06.0-dev - Created binary: bundles/binary-daemon/dockerd-17.06.0-dev - Copying nested executables into bundles/binary-daemon - + Building bundles/binary-daemon/dockerd (linux/amd64)... + Created binary: bundles/binary-daemon/dockerd + Building bundles/binary-daemon/docker-proxy (linux/amd64)... + Created binary:bundles/binary-daemon/docker-proxy ``` 7. Run `make install`, which copies the binary to the container's diff --git a/docs/contributing/test.md b/docs/contributing/test.md index 099b92c7d8..fe162a9d42 100644 --- a/docs/contributing/test.md +++ b/docs/contributing/test.md @@ -123,7 +123,7 @@ Try this now. 4. Run the tests using the `hack/make.sh` script. ```bash - # hack/make.sh dynbinary binary cross test-integration test-docker-py + # hack/make.sh dynbinary binary test-integration test-docker-py ``` The tests run just as they did within your local host. @@ -132,11 +132,11 @@ Try this now. just the integration tests: ```bash - # hack/make.sh dynbinary binary cross test-integration + # hack/make.sh dynbinary binary test-integration ``` Most test targets require that you build these precursor targets first: - `dynbinary binary cross` + `dynbinary binary` ## Run unit tests diff --git a/hack/README.md b/hack/README.md index 8310b45831..5d1c47d239 100644 --- a/hack/README.md +++ b/hack/README.md @@ -44,7 +44,7 @@ all of the tests. - When running inside a Docker development container, `hack/make.sh` does not have a single target that runs all the tests. You need to provide a single command line with multiple targets that performs the same thing. -An example referenced from [Run targets inside a development container](https://docs.docker.com/opensource/project/test-and-docs/#run-targets-inside-a-development-container): `root@5f8630b873fe:/go/src/github.com/moby/moby# hack/make.sh dynbinary binary cross test-unit test-integration test-docker-py` +An example referenced from [Run targets inside a development container](https://docs.docker.com/opensource/project/test-and-docs/#run-targets-inside-a-development-container): `root@5f8630b873fe:/go/src/github.com/moby/moby# hack/make.sh dynbinary binary test-unit test-integration test-docker-py` - For more information related to testing outside the scope of this README, refer to [Run tests and test documentation](https://docs.docker.com/opensource/project/test-and-docs/) diff --git a/hack/make.sh b/hack/make.sh index 427def3aca..85bf430dff 100755 --- a/hack/make.sh +++ b/hack/make.sh @@ -36,7 +36,6 @@ DEFAULT_BUNDLES=( dynbinary test-integration test-docker-py - cross ) VERSION=${VERSION:-dev} diff --git a/hack/make/.binary b/hack/make/.binary index 20bedb9a77..8b412b5a72 100644 --- a/hack/make/.binary +++ b/hack/make/.binary @@ -16,56 +16,59 @@ source "${MAKEDIR}/.go-autogen" ( export GOGC=${DOCKER_BUILD_GOGC:-1000} - if [ "$(go env GOOS)/$(go env GOARCH)" != "$(go env GOHOSTOS)/$(go env GOHOSTARCH)" ]; then - # must be cross-compiling! - case "$(go env GOOS)/$(go env GOARCH)" in - windows/amd64) - export CC="${CC:-x86_64-w64-mingw32-gcc}" - export CGO_ENABLED=1 - ;; - linux/arm) - case "${GOARM}" in - 5) - export CC="${CC:-arm-linux-gnueabi-gcc}" - export CGO_ENABLED=1 - export CGO_CFLAGS="-march=armv5t" - export CGO_CXXFLAGS="-march=armv5t" - ;; - 6) - export CC="${CC:-arm-linux-gnueabi-gcc}" - export CGO_ENABLED=1 - export CGO_CFLAGS="-march=armv6" - export CGO_CXXFLAGS="-march=armv6" - ;; - 7) - export CC="${CC:-arm-linux-gnueabihf-gcc}" - export CGO_ENABLED=1 - export CGO_CFLAGS="-march=armv7-a" - export CGO_CXXFLAGS="-march=armv7-a" - ;; - *) - export CC="${CC:-arm-linux-gnueabihf-gcc}" - export CGO_ENABLED=1 - ;; - esac - ;; - linux/arm64) - export CC="${CC:-aarch64-linux-gnu-gcc}" - export CGO_ENABLED=1 - ;; - linux/amd64) - export CC="${CC:-x86_64-linux-gnu-gcc}" - export CGO_ENABLED=1 - ;; - linux/ppc64le) - export CC="${CC:-powerpc64le-linux-gnu-gcc}" - export CGO_ENABLED=1 - ;; - linux/s390x) - export CC="${CC:-s390x-linux-gnu-gcc}" - export CGO_ENABLED=1 - ;; - esac + # for non-sandboxed invocation + if ! command -v xx-go > /dev/null 2>&1; then + if [ "$(go env GOOS)/$(go env GOARCH)" != "$(go env GOHOSTOS)/$(go env GOHOSTARCH)" ]; then + # must be cross-compiling! + case "$(go env GOOS)/$(go env GOARCH)" in + windows/amd64) + export CC="${CC:-x86_64-w64-mingw32-gcc}" + export CGO_ENABLED=1 + ;; + linux/arm) + case "${GOARM}" in + 5) + export CC="${CC:-arm-linux-gnueabi-gcc}" + export CGO_ENABLED=1 + export CGO_CFLAGS="-march=armv5t" + export CGO_CXXFLAGS="-march=armv5t" + ;; + 6) + export CC="${CC:-arm-linux-gnueabi-gcc}" + export CGO_ENABLED=1 + export CGO_CFLAGS="-march=armv6" + export CGO_CXXFLAGS="-march=armv6" + ;; + 7) + export CC="${CC:-arm-linux-gnueabihf-gcc}" + export CGO_ENABLED=1 + export CGO_CFLAGS="-march=armv7-a" + export CGO_CXXFLAGS="-march=armv7-a" + ;; + *) + export CC="${CC:-arm-linux-gnueabihf-gcc}" + export CGO_ENABLED=1 + ;; + esac + ;; + linux/arm64) + export CC="${CC:-aarch64-linux-gnu-gcc}" + export CGO_ENABLED=1 + ;; + linux/amd64) + export CC="${CC:-x86_64-linux-gnu-gcc}" + export CGO_ENABLED=1 + ;; + linux/ppc64le) + export CC="${CC:-powerpc64le-linux-gnu-gcc}" + export CGO_ENABLED=1 + ;; + linux/s390x) + export CC="${CC:-s390x-linux-gnu-gcc}" + export CGO_ENABLED=1 + ;; + esac + fi fi # -buildmode=pie is not supported on Windows and Linux on mips, riscv64 and ppc64be. @@ -80,8 +83,18 @@ source "${MAKEDIR}/.go-autogen" ;; esac - echo "Building: $DEST/$BINARY_FULLNAME" - echo "GOOS=\"${GOOS}\" GOARCH=\"${GOARCH}\" GOARM=\"${GOARM}\"" + # only necessary for non-sandboxed invocation where TARGETPLATFORM is empty + PLATFORM_NAME=$TARGETPLATFORM + if [ -z "$PLATFORM_NAME" ]; then + PLATFORM_NAME="$(go env GOOS)/$(go env GOARCH)" + if [ -n "$(go env GOARM)" ]; then + PLATFORM_NAME+="/$(go env GOARM)" + elif [ -n "$(go env GOAMD64)" ] && [ "$(go env GOAMD64)" != "v1" ]; then + PLATFORM_NAME+="/$(go env GOAMD64)" + fi + fi + + echo "Building $DEST/$BINARY_FULLNAME ($PLATFORM_NAME)..." go build \ -o "$DEST/$BINARY_FULLNAME" \ "${BUILDFLAGS[@]}" \ diff --git a/hack/make/binary-daemon b/hack/make/binary-daemon index 07be976710..02ec3ce56b 100644 --- a/hack/make/binary-daemon +++ b/hack/make/binary-daemon @@ -1,35 +1,10 @@ #!/usr/bin/env bash set -e -copy_binaries() { - local dir="$1" - - # Add nested executables to bundle dir so we have complete set of - # them available, but only if the native OS/ARCH is the same as the - # OS/ARCH of the build target - if [ "$(go env GOOS)/$(go env GOARCH)" != "$(go env GOHOSTOS)/$(go env GOHOSTARCH)" ]; then - return - fi - if [ ! -x /usr/local/bin/runc ]; then - return - fi - echo "Copying nested executables into $dir" - for file in containerd containerd-shim-runc-v2 ctr runc docker-init rootlesskit rootlesskit-docker-proxy dockerd-rootless.sh dockerd-rootless-setuptool.sh; do - cp -f "$(command -v "$file")" "$dir/" - done - # vpnkit might not be available for the target platform, see vpnkit stage in - # the Dockerfile for more information. - if command -v vpnkit > /dev/null 2>&1; then - cp -f "$(command -v vpnkit)" "$dir/" - fi -} - [ -z "$KEEPDEST" ] && rm -rf "$DEST" ( GO_PACKAGE='github.com/docker/docker/cmd/dockerd' BINARY_NAME='dockerd' - source "${MAKEDIR}/.binary" - copy_binaries "$DEST" ) diff --git a/hack/make/cross b/hack/make/cross deleted file mode 100644 index 1e2d5d628d..0000000000 --- a/hack/make/cross +++ /dev/null @@ -1,37 +0,0 @@ -#!/usr/bin/env bash -set -e - -# if we have our linux/amd64 version compiled, let's symlink it in -if [ -x "${DEST}/../binary-daemon/dockerd" ]; then - arch=$(go env GOHOSTARCH) - mkdir -p "$DEST/linux/${arch}" - ( - cd "${DEST}/linux/${arch}" - ln -sf ../../../binary-daemon/* ./ - ) - echo "Created symlinks:" "${DEST}/linux/${arch}/"* -fi - -DOCKER_CROSSPLATFORMS=${DOCKER_CROSSPLATFORMS:-"linux/amd64 windows/amd64 linux/ppc64le linux/s390x"} - -for platform in ${DOCKER_CROSSPLATFORMS}; do - ( - export KEEPDEST=1 - export DEST="${DEST}/${platform}" # bundles/VERSION/cross/GOOS/GOARCH/docker-VERSION - export GOOS=${platform%%/*} - export GOARCH=${platform#*/} - - if [[ "${GOARCH}" = "arm/"* ]]; then - GOARM=${GOARCH##*/v} - GOARCH=${GOARCH%/v*} - export GOARM - fi - - echo "Cross building: ${DEST}" - mkdir -p "${DEST}" - ABS_DEST="$(cd "${DEST}" && pwd -P)" - source "${MAKEDIR}/binary" - - source "${MAKEDIR}/cross-platform-dependent" - ) -done diff --git a/hack/make/cross-platform-dependent b/hack/make/cross-platform-dependent deleted file mode 100644 index 21824ed7c9..0000000000 --- a/hack/make/cross-platform-dependent +++ /dev/null @@ -1,6 +0,0 @@ -#!/usr/bin/env bash -set -e - -if [ ${platform} == "windows/amd64" ]; then - source "${MAKEDIR}/containerutility" -fi