add golang 1.24

2025-03-20 14:43:50 +03:00 · 2025-02-13 11:34:22 +03:00 · 2025-02-13 11:34:22 +03:00 · 1f580e1969
commit 1f580e1969
parent a0c620d183
7 changed files with 92 additions and 5 deletions
--- a/.github/workflows/buildx.yml
+++ b/.github/workflows/buildx.yml
@ -61,6 +61,12 @@ jobs:
          - path: 1.23-nofaccessat2
            tags: "1.23-nofaccessat2"
            platforms: linux/amd64,linux/arm64,linux/386
+          - path: 1.24
+            tags: "1.24"
+            platforms: linux/amd64,linux/arm64,linux/386
+          - path: 1.24-nofaccessat2
+            tags: "1.24-nofaccessat2"
+            platforms: linux/amd64,linux/arm64,linux/386

    steps:
      - name: Checkout
@ -89,11 +95,11 @@ jobs:
          echo ::set-output name=tags::${TAGS}

      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v3.2.0
+        uses: docker/setup-qemu-action@v3.4.0

      - name: Set up Docker Buildx
        id: buildx
-        uses: docker/setup-buildx-action@v3.6.1
+        uses: docker/setup-buildx-action@v3.9.0
        with:
          install: true

@ -101,7 +107,7 @@ jobs:
        run: echo ${{ steps.buildx.outputs.platforms }}

      - name: Docker Buildx (build)
-        uses: docker/build-push-action@v6.7.0
+        uses: docker/build-push-action@v6.13.0
        if: success() && !contains(github.ref, 'master')
        with:
          push: false
@ -119,7 +125,7 @@ jobs:
          password: ${{ secrets.DOCKER_PASSWORD }}

      - name: Docker Buildx (push)
-        uses: docker/build-push-action@v6.7.0
+        uses: docker/build-push-action@v6.13.0
        if: success() && contains(github.ref, 'master')
        with:
          push: true
--- a/.github/workflows/dockerimage.yml
+++ b/.github/workflows/dockerimage.yml
@ -25,3 +25,5 @@ jobs:
          docker run -i $(docker build -q 1.22-nofaccessat2) /bin/sh -c "go version && bash --version && make --version && git --version && gcc --version && jq --version && curl --version && air -v && dlv version && which gocov && go-junit-report -version && dumb-init --version && merge-junit --version"
          docker run -i $(docker build -q 1.23) /bin/sh -c "go version && bash --version && make --version && git --version && gcc --version && jq --version && curl --version && air -v && dlv version && which gocov && go-junit-report -version && dumb-init --version && merge-junit --version"
          docker run -i $(docker build -q 1.23-nofaccessat2) /bin/sh -c "go version && bash --version && make --version && git --version && gcc --version && jq --version && curl --version && air -v && dlv version && which gocov && go-junit-report -version && dumb-init --version && merge-junit --version"
+          docker run -i $(docker build -q 1.24) /bin/sh -c "go version && bash --version && make --version && git --version && gcc --version && jq --version && curl --version && air -v && dlv version && which gocov && go-junit-report -version && dumb-init --version && merge-junit --version"
+          docker run -i $(docker build -q 1.24-nofaccessat2) /bin/sh -c "go version && bash --version && make --version && git --version && gcc --version && jq --version && curl --version && air -v && dlv version && which gocov && go-junit-report -version && dumb-init --version && merge-junit --version"
--- a/.github/workflows/hadolint.yml
+++ b/.github/workflows/hadolint.yml
@ -10,4 +10,4 @@ jobs:
      - run: brew install hadolint
      - name: Lint Dockerfiles
        run: |
-          hadolint {1.16,1.16-3.13,1.17,1.17-3.13,1.18,1.18-nofaccessat2,1.19,1.19-nofaccessat2,1.20,1.20-nofaccessat2,1.21,1.21-nofaccessat2,1.22,1.22-nofaccessat2,1.23,1.23-nofaccessat2}/Dockerfile
+          hadolint {1.16,1.16-3.13,1.17,1.17-3.13,1.18,1.18-nofaccessat2,1.19,1.19-nofaccessat2,1.20,1.20-nofaccessat2,1.21,1.21-nofaccessat2,1.22,1.22-nofaccessat2,1.23,1.23-nofaccessat2,1.24,1.24-nofaccessat2}/Dockerfile
--- a/1.24-nofaccessat2/Dockerfile
+++ b/1.24-nofaccessat2/Dockerfile
@ -0,0 +1,32 @@
+FROM golang:1.24-alpine
+COPY disable_faccessat2.patch /tmp/disable_faccessat2.patch
+RUN set -eux; \
+    apk add --no-cache --virtual .build-deps gcc make patch git alpine-sdk coreutils cmake sudo && \
+    mkdir -p /var/cache/distfiles && \
+    chmod a+w /var/cache/distfiles && \
+    git clone --depth 1 --branch "v$(cat /etc/alpine-release)" git://git.alpinelinux.org/aports /tmp/aports && \
+    cd /tmp/aports/main/musl && \
+    mv /tmp/disable_faccessat2.patch /tmp/aports/main/musl/ && \
+    sed -i -E 's/\thandle-aux-at_base.patch/\thandle-aux-at_base.patch\n\tdisable_faccessat2.patch/' APKBUILD && \
+    adduser -G abuild -g "Alpine Package Builder" -s /bin/ash -D builder && \
+    echo "builder ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers && \
+    chown -R builder:abuild /tmp/aports && \
+    sudo -u builder sh -c 'abuild checksum && abuild-keygen -an && abuild -r' && \
+    find /home/builder -type f -name '*.apk' -exec apk add --allow-untrusted --no-cache {} \;; \
+    sudo -u builder sh -c 'abuild clean && abuild cleancache' && \
+    apk del --no-network .build-deps && \
+    deluser builder && \
+    rm -rf /home/builder /var/cache/distfiles /tmp/aports
+RUN set -eux; \
+    apk add --no-cache bash make git gcc libc-dev jq curl dumb-init mailcap tzdata && \
+    go install github.com/go-delve/delve/cmd/dlv@latest && \
+	go install github.com/air-verse/air@v1.61.5 && \
+	go install github.com/jstemmer/go-junit-report@latest && \
+	go install github.com/axw/gocov/gocov@v1.2.1 && \
+    go install gotest.tools/gotestsum@latest && \
+    chmod -R 777 "$GOPATH" && \
+    curl -L https://github.com/tobni/merge-junit/releases/download/v0.2.1/merge-junit-v0.2.1-x86_64-unknown-linux-musl.tar.gz | tar -xz && \
+    mv ./merge-junit-v0.2.1-x86_64-unknown-linux-musl/merge-junit /usr/bin/merge-junit && \
+    rm -rf /merge-junit-v0.2.1-x86_64-unknown-linux-musl
+WORKDIR /
+ENTRYPOINT ["/usr/bin/dumb-init", "--"]
--- a/1.24-nofaccessat2/disable_faccessat2.patch
+++ b/1.24-nofaccessat2/disable_faccessat2.patch
@ -0,0 +1,23 @@
+--- v1.2.3/src/unistd/faccessat.c	2022-04-07 20:12:40.000000000 +0300
+++ v1.2.1/src/unistd/faccessat.c	2020-08-04 07:21:09.000000000 +0300
+@@ -25,17 +25,12 @@
+ 
+ int faccessat(int fd, const char *filename, int amode, int flag)
+ {
+-	if (flag) {
+-		int ret = __syscall(SYS_faccessat2, fd, filename, amode, flag);
+-		if (ret != -ENOSYS) return __syscall_ret(ret);
+-	}
+	if (!flag || (flag==AT_EACCESS && getuid()==geteuid() && getgid()==getegid()))
+		return syscall(SYS_faccessat, fd, filename, amode, flag);
+ 
+-	if (flag & ~AT_EACCESS)
+	if (flag != AT_EACCESS)
+ 		return __syscall_ret(-EINVAL);
+ 
+-	if (!flag || (getuid()==geteuid() && getgid()==getegid()))
+-		return syscall(SYS_faccessat, fd, filename, amode);
+-
+ 	char stack[1024];
+ 	sigset_t set;
+ 	pid_t pid;
--- a/1.24-nofaccessat2/faccessat2-test.c
+++ b/1.24-nofaccessat2/faccessat2-test.c
@ -0,0 +1,10 @@
+#include <unistd.h>
+#include <fcntl.h>
+
+int main() {
+    // TODO: Use this code to test resulting images.
+    // Should not call faccessat2 under the hood.
+	faccessat(0, "/",  R_OK, AT_EACCESS);
+
+	return 0;
+}
--- a/1.24/Dockerfile
+++ b/1.24/Dockerfile
@ -0,0 +1,14 @@
+FROM golang:1.24-alpine
+RUN set -eux; \
+    apk add --no-cache bash make git gcc libc-dev jq curl dumb-init mailcap tzdata && \
+    go install github.com/go-delve/delve/cmd/dlv@latest && \
+	go install github.com/air-verse/air@v1.61.5 && \
+	go install github.com/jstemmer/go-junit-report@latest && \
+	go install github.com/axw/gocov/gocov@v1.2.1 && \
+    go install gotest.tools/gotestsum@latest && \
+    chmod -R 777 "$GOPATH" && \
+    curl -L https://github.com/tobni/merge-junit/releases/download/v0.2.1/merge-junit-v0.2.1-x86_64-unknown-linux-musl.tar.gz | tar -xz && \
+    mv ./merge-junit-v0.2.1-x86_64-unknown-linux-musl/merge-junit /usr/bin/merge-junit && \
+    rm -rf /merge-junit-v0.2.1-x86_64-unknown-linux-musl
+WORKDIR /
+ENTRYPOINT ["/usr/bin/dumb-init", "--"]