From c21258b70ed91ab5ff8b1d345123fed1011a49c9 Mon Sep 17 00:00:00 2001 From: Sascha Grunert Date: Fri, 20 Mar 2020 10:55:23 +0100 Subject: Add podman static build MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit We’re now able to build a static podman binary based on a custom nix derivation. This is integrated in cirrus as well, whereas a later target would be to provide a self-contained static binary bundle which can be installed on any Linux x64-bit system. Fixes: https://github.com/containers/libpod/issues/1399 Signed-off-by: Sascha Grunert --- nix/default.nix | 53 +++++++++++++++++++++++++++++++++++++++++++++++++++++ nix/nixpkgs.json | 9 +++++++++ nix/nixpkgs.nix | 8 ++++++++ 3 files changed, 70 insertions(+) create mode 100644 nix/default.nix create mode 100644 nix/nixpkgs.json create mode 100644 nix/nixpkgs.nix (limited to 'nix') diff --git a/nix/default.nix b/nix/default.nix new file mode 100644 index 000000000..211caee93 --- /dev/null +++ b/nix/default.nix @@ -0,0 +1,53 @@ +let + pkgs = import ./nixpkgs.nix { + config = { + packageOverrides = pkg: { + go_1_12 = pkg.go_1_14; + }; + }; + }; + + static = pkg: pkg.overrideAttrs(old: { + configureFlags = (old.configureFlags or []) ++ + [ "--without-shared" "--disable-shared" ]; + dontDisableStatic = true; + enableSharedExecutables = false; + enableStatic = true; + }); + + patchLvm2 = pkg: pkg.overrideAttrs(old: { + configureFlags = [ + "--disable-cmdlib" "--disable-readline" "--disable-udev_rules" + "--disable-udev_sync" "--enable-pkgconfig" "--enable-static_link" + ]; + preConfigure = old.preConfigure + '' + substituteInPlace libdm/Makefile.in --replace \ + SUBDIRS=dm-tools SUBDIRS= + substituteInPlace tools/Makefile.in --replace \ + "TARGETS += lvm.static" "" + substituteInPlace tools/Makefile.in --replace \ + "INSTALL_LVM_TARGETS += install_tools_static" "" + ''; + postInstall = ""; + }); + + self = { + podman-static = (pkgs.podman.overrideAttrs(old: { + name = "podman-static"; + buildInputs = old.buildInputs ++ (with pkgs; [ + (static pkgs.libassuan) + (static pkgs.libgpgerror) + git + glibc + glibc.static + ]); + src = ./..; + EXTRA_LDFLAGS = ''-linkmode external -extldflags "-static -lm"''; + BUILDTAGS = ''static apparmor selinux seccomp systemd varlink containers_image_ostree_stub''; + })).override { + gpgme = (static pkgs.gpgme); + libseccomp = (static pkgs.libseccomp); + lvm2 = (patchLvm2 (static pkgs.lvm2)); + }; + }; +in self diff --git a/nix/nixpkgs.json b/nix/nixpkgs.json new file mode 100644 index 000000000..fbc774373 --- /dev/null +++ b/nix/nixpkgs.json @@ -0,0 +1,9 @@ +{ + "url": "https://github.com/nixos/nixpkgs", + "rev": "a08d4f605bca62c282ce9955d5ddf7d824e89809", + "date": "2020-03-20T10:10:15+01:00", + "sha256": "1bniq08dlmrmrz4aga1cj0d7rqbaq9xapm5ar15wdv2c6431z2m8", + "fetchSubmodules": false, + "deepClone": false, + "leaveDotGit": false +} diff --git a/nix/nixpkgs.nix b/nix/nixpkgs.nix new file mode 100644 index 000000000..21e7f17a2 --- /dev/null +++ b/nix/nixpkgs.nix @@ -0,0 +1,8 @@ +let + json = builtins.fromJSON (builtins.readFile ./nixpkgs.json); + nixpkgs = import (builtins.fetchTarball { + name = "nixos-unstable"; + url = "${json.url}/archive/${json.rev}.tar.gz"; + inherit (json) sha256; + }); +in nixpkgs -- cgit v1.2.3-54-g00ecf