2021-08-25 16:16:49 +01:00
|
|
|
#!/bin/sh
|
2021-08-26 18:22:41 +01:00
|
|
|
#
|
|
|
|
|
# This script is run inside a docker container as part of our
|
|
|
|
|
# reporoducible build process.
|
|
|
|
|
#
|
2021-08-26 07:30:05 +01:00
|
|
|
set -xeu
|
2021-08-25 16:16:49 +01:00
|
|
|
if [ ! -f /.dockerenv ]; then
|
|
|
|
|
echo Not running inside Docker, build will probably not be reproducible
|
2021-08-26 18:22:41 +01:00
|
|
|
echo Use docker_reproducible_build.sh instead to get the right environment
|
2021-08-25 16:16:49 +01:00
|
|
|
fi
|
2021-08-26 07:30:05 +01:00
|
|
|
here=$(pwd)
|
2021-08-25 16:16:49 +01:00
|
|
|
|
2021-08-26 07:30:05 +01:00
|
|
|
## fix the target architecture to get reproducible builds
|
|
|
|
|
## the architecture was choosen as old enought that it should cover most usage
|
|
|
|
|
## while still supporting usefull features like AES-NI. Older architectures
|
|
|
|
|
## won't be able to execute the resulting binary.
|
2021-08-25 16:16:49 +01:00
|
|
|
export CFLAGS="-march=westmere"
|
|
|
|
|
export RUSTFLAGS="-C target-cpu=westmere"
|
|
|
|
|
|
2021-08-26 07:30:05 +01:00
|
|
|
## force build to run in a fixed location. Ncessesary because the build path
|
|
|
|
|
## is somehow captured when compiling.
|
|
|
|
|
cp -a "$here" /arti
|
2021-08-25 16:16:49 +01:00
|
|
|
cd /arti
|
|
|
|
|
|
2021-08-26 07:30:05 +01:00
|
|
|
## use tmpfs to store dependancies sources. It has been observed that what
|
|
|
|
|
## filesystem these files reside on has an impact on the resulting binary.
|
|
|
|
|
## We put these in a tmpfs as a way to stabilize the result.
|
2021-08-30 20:58:38 +01:00
|
|
|
mkdir -p /dev/shm/registry /usr/local/cargo/registry
|
|
|
|
|
ln -s /dev/shm/registry /usr/local/cargo/registry/src
|
2021-08-25 16:16:49 +01:00
|
|
|
|
|
|
|
|
## add missing dependancies
|
2021-08-29 12:48:33 +01:00
|
|
|
apk add --no-cache musl-dev perl make git mingw-w64-gcc
|
|
|
|
|
rustup target add x86_64-pc-windows-gnu
|
2021-08-26 07:30:05 +01:00
|
|
|
|
|
|
|
|
## bring back the Cargo.lock where dependancies version are strictly defined
|
|
|
|
|
mv misc/Cargo.lock Cargo.lock
|
2021-08-25 16:16:49 +01:00
|
|
|
|
2021-08-26 07:30:05 +01:00
|
|
|
## Build targeting x86_64-unknown-linux-musl to get a static binary
|
|
|
|
|
## feature "static" enable compiling some C dependancies instead of linking
|
|
|
|
|
## to system libraries. It is required to get a well behaving result.
|
2021-08-25 19:37:58 +01:00
|
|
|
cargo build -p arti --target x86_64-unknown-linux-musl --release --features static
|
2021-08-29 12:48:33 +01:00
|
|
|
mv /arti/target/x86_64-unknown-linux-musl/release/arti "$here"/arti-linux
|
2021-08-26 07:30:05 +01:00
|
|
|
|
2021-08-29 12:48:33 +01:00
|
|
|
## PE contains a timestamp of when they were built. Don't insert this value
|
|
|
|
|
export RUSTFLAGS="$RUSTFLAGS -C link-arg=-Wl,--no-insert-timestamp"
|
|
|
|
|
cargo build -p arti --target x86_64-pc-windows-gnu --release --features static
|
|
|
|
|
mv /arti/target/x86_64-pc-windows-gnu/release/arti.exe "$here"/arti-windows.exe
|
2021-08-25 19:37:58 +01:00
|
|
|
|
2021-08-29 12:48:33 +01:00
|
|
|
set +x
|
|
|
|
|
echo "branch :" "$(git rev-parse --abbrev-ref HEAD)"
|
|
|
|
|
echo "commit :" "$(git rev-parse HEAD)"
|
|
|
|
|
echo "Linux hash :" "$(sha256sum "$here"/arti-linux | cut -d " " -f 1)"
|
|
|
|
|
echo "Windows hash :" "$(sha256sum "$here"/arti-windows.exe | cut -d " " -f 1)"
|
