2021-08-25 16:16:49 +01:00
|
|
|
#!/bin/sh
|
2021-08-26 07:30:05 +01:00
|
|
|
set -xeu
|
2021-08-25 16:16:49 +01:00
|
|
|
if [ ! -f /.dockerenv ]; then
|
|
|
|
echo Not running inside Docker, build will probably not be reproducible
|
|
|
|
echo Use docker_reproducible_build.sh instead to get the right environment
|
|
|
|
fi
|
2021-08-26 07:30:05 +01:00
|
|
|
here=$(pwd)
|
2021-08-25 16:16:49 +01:00
|
|
|
|
2021-08-26 07:30:05 +01:00
|
|
|
## fix the target architecture to get reproducible builds
|
|
|
|
## the architecture was choosen as old enought that it should cover most usage
|
|
|
|
## while still supporting usefull features like AES-NI. Older architectures
|
|
|
|
## won't be able to execute the resulting binary.
|
2021-08-25 16:16:49 +01:00
|
|
|
export CFLAGS="-march=westmere"
|
|
|
|
export RUSTFLAGS="-C target-cpu=westmere"
|
|
|
|
|
2021-08-26 07:30:05 +01:00
|
|
|
## force build to run in a fixed location. Ncessesary because the build path
|
|
|
|
## is somehow captured when compiling.
|
|
|
|
cp -a "$here" /arti
|
2021-08-25 16:16:49 +01:00
|
|
|
cd /arti
|
|
|
|
|
2021-08-26 07:30:05 +01:00
|
|
|
## use tmpfs to store dependancies sources. It has been observed that what
|
|
|
|
## filesystem these files reside on has an impact on the resulting binary.
|
|
|
|
## We put these in a tmpfs as a way to stabilize the result.
|
|
|
|
# TODO CI /dev/shm is too small to store sources, at the moment we rely on
|
|
|
|
# a but in docker that gives a bigger than intended tmpfs in an effort to hide
|
|
|
|
# the cgroup control fs. This does not actually interact with cgroups, but
|
|
|
|
# should be removed as soon as /dev/shm get increased
|
|
|
|
if mount | grep '/sys/fs/cgroup type tmpfs' > /dev/null; then
|
|
|
|
mkdir -p /sys/fs/cgroup/registry /usr/local/cargo/registry
|
|
|
|
ln -s /sys/fs/cgroup/registry /usr/local/cargo/registry/src
|
|
|
|
else
|
|
|
|
mkdir -p /dev/shm/registry /usr/local/cargo/registry
|
|
|
|
ln -s /dev/shm/registry /usr/local/cargo/registry/src
|
|
|
|
fi
|
2021-08-25 16:16:49 +01:00
|
|
|
|
|
|
|
## add missing dependancies
|
2021-08-26 07:30:05 +01:00
|
|
|
apk add --no-cache musl-dev perl make git
|
|
|
|
|
|
|
|
## bring back the Cargo.lock where dependancies version are strictly defined
|
|
|
|
mv misc/Cargo.lock Cargo.lock
|
2021-08-25 16:16:49 +01:00
|
|
|
|
2021-08-26 07:30:05 +01:00
|
|
|
## Build targeting x86_64-unknown-linux-musl to get a static binary
|
|
|
|
## feature "static" enable compiling some C dependancies instead of linking
|
|
|
|
## to system libraries. It is required to get a well behaving result.
|
2021-08-25 19:37:58 +01:00
|
|
|
cargo build -p arti --target x86_64-unknown-linux-musl --release --features static
|
2021-08-26 07:30:05 +01:00
|
|
|
|
|
|
|
set +x
|
|
|
|
echo branch: "$(git rev-parse --abbrev-ref HEAD)"
|
|
|
|
echo commit: "$(git rev-parse HEAD)"
|
|
|
|
echo build hash: "$(sha256sum target/x86_64-unknown-linux-musl/release/arti | cut -d " " -f 1)"
|
2021-08-25 19:37:58 +01:00
|
|
|
|
|
|
|
mv /arti/target/x86_64-unknown-linux-musl/release/arti "$here"/arti-bin
|