commit 51f2c026fde882c5c7b84b0aebe976703752f866 Author: Hans-Christoph Steiner hans@eds.org Date: Thu Jul 16 20:09:20 2020 +0200
gitlab-ci: include flags to make reproducible builds
* https://github.com/golang/go/issues/33772 --- .gitlab-ci.yml | 14 ++++++++------ Vagrantfile | 3 ++- 2 files changed, 10 insertions(+), 7 deletions(-)
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 35caa6c..c9dd50b 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -1,4 +1,9 @@
+variables: + DEBIAN_FRONTEND: noninteractive + REPRODUCIBLE_FLAGS: -trimpath -ldflags=-buildid= + +# set up apt for automated use .apt-template: &apt-template - export LC_ALL=C.UTF-8 - export DEBIAN_FRONTEND=noninteractive @@ -13,13 +18,13 @@ - apt-get update - apt-get dist-upgrade
+ # Set things up to use the OS-native packages for Go. Anything that # is downloaded by go during the `go fmt` stage is not coming from the # Debian/Ubuntu repo. So those would need to be packaged for this to # make it into Debian and/or Ubuntu. .debian-native-template: &debian-native-template variables: - DEBIAN_FRONTEND: noninteractive GOPATH: /usr/share/gocode before_script: - apt-get update @@ -47,8 +52,6 @@
# use Go installed as part of the official, Debian-based Docker images .golang-docker-debian-template: &golang-docker-debian-template - variables: - DEBIAN_FRONTEND: noninteractive before_script: - apt-get update - apt-get -qy install --no-install-recommends @@ -63,7 +66,7 @@
- cd $CI_PROJECT_DIR/client/ - go get - - go build + - go build $REPRODUCIBLE_FLAGS
.test-template: &test-template artifacts: @@ -86,7 +89,6 @@ android: image: debian:bullseye-backports variables: ANDROID_HOME: /usr/lib/android-sdk - DEBIAN_FRONTEND: noninteractive GOPATH: "/go" LANG: C.UTF-8 PATH: "/go/bin:/usr/lib/go-1.16/bin:/usr/bin:/bin" @@ -135,7 +137,7 @@ android: # gomobile builds a shared library not a CLI executable - sed -i 's,^package main$,package snowflakeclient,' snowflake.go - go get golang.org/x/mobile/bind - - gomobile bind -v -target=android -trimpath . + - gomobile bind -v -target=android $REPRODUCIBLE_FLAGS .
go-1.13: image: golang:1.13-stretch diff --git a/Vagrantfile b/Vagrantfile index 1b538d5..36a31fe 100644 --- a/Vagrantfile +++ b/Vagrantfile @@ -7,7 +7,8 @@ configfile = YAML.load_file(File.join(srvpath, "/.gitlab-ci.yml")) remote_url = 'https://git.torproject.org/pluggable-transports/snowflake.git'
# set up essential environment variables -env = configfile['android']['variables'] +env = configfile['variables'] +env = env.merge(configfile['android']['variables']) env['CI_PROJECT_DIR'] = '/builds/tpo/anti-censorship/pluggable-transports/snowflake' env_file = Tempfile.new('env') File.chmod(0644, env_file.path)