-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathbuild.sh
executable file
·124 lines (102 loc) · 3.45 KB
/
build.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
#!/bin/sh
set -e
HERE="$(dirname "$(readlink -f "$0")")"
cd "$HERE"
WITH_UPX=1
VENDOR_UPX=1
platform="$(uname -s)"
platform_arch="$(uname -m)"
export MAKEFLAGS="-j$(nproc)"
if [ "$platform" == "Linux" ]
then
export CFLAGS="-static"
export LDFLAGS='--static'
else
echo "= WARNING: your platform does not support static binaries."
echo "= (This is mainly due to non-static libc availability.)"
exit 1
fi
if [ -x "$(which apk 2>/dev/null)" ]
then
apk add git gcc make musl-dev autoconf automake libtool ninja \
linux-headers meson cmake pkgconfig libcap-dev \
libxslt clang patch upx bash-completion
fi
if [ "$WITH_UPX" == 1 ]
then
if [[ "$VENDOR_UPX" == 1 || ! -x "$(which upx 2>/dev/null)" ]]
then
upx_ver=4.2.4
case "$platform_arch" in
x86_64) upx_arch=amd64 ;;
aarch64) upx_arch=arm64 ;;
esac
wget https://github.com/upx/upx/releases/download/v${upx_ver}/upx-${upx_ver}-${upx_arch}_linux.tar.xz
tar xvf upx-${upx_ver}-${upx_arch}_linux.tar.xz
mv upx-${upx_ver}-${upx_arch}_linux/upx /usr/bin/
rm -rf upx-${upx_ver}-${upx_arch}_linux*
fi
fi
if [ -d build ]
then
echo "= removing previous build directory"
rm -rf build
fi
# if [ -d release ]
# then
# echo "= removing previous release directory"
# rm -rf release
# fi
echo "= create build and release directory"
mkdir -p build
mkdir -p release
(cd build
export CFLAGS="$CFLAGS -Os -g0 -ffunction-sections -fdata-sections -fvisibility=hidden -fmerge-all-constants"
export LDFLAGS="$LDFLAGS -Wl,--gc-sections -Wl,--strip-all"
echo "= build static deps"
(export CC=gcc
[ -d "/usr/lib/$platform_arch-linux-gnu" ] && \
libdir="/usr/lib/$platform_arch-linux-gnu/"||\
libdir="/usr/lib/"
echo "= build libcap lib"
(git clone git://git.kernel.org/pub/scm/libs/libcap/libcap.git && cd libcap/libcap
make libcap.a
mv -fv libcap.a $libdir)
)
echo "= download bubblewrap"
git clone https://github.com/containers/bubblewrap.git
bubblewrap_version="$(cd bubblewrap && git describe --long --tags|sed 's/^v//;s/\([^-]*-g\)/r\1/;s/-/./g')"
bubblewrap_dir="${HERE}/build/bubblewrap-${bubblewrap_version}"
mv "bubblewrap" "bubblewrap-${bubblewrap_version}"
echo "= bubblewrap v${bubblewrap_version}"
echo "= build bubblewrap"
(cd "${bubblewrap_dir}"
export CC=gcc
patch<"$HERE/caps.patch"
meson build -D selinux=disabled
ninja -C build bwrap.p/bubblewrap.c.o bwrap.p/bind-mount.c.o bwrap.p/network.c.o bwrap.p/utils.c.o
(cd build && \
"$CC" $CFLAGS $LDFLAGS -o bwrap bwrap.p/bubblewrap.c.o bwrap.p/bind-mount.c.o bwrap.p/network.c.o bwrap.p/utils.c.o \
-static -L/usr/lib -lcap)
)
echo "= extracting bubblewrap binaries and libraries"
mv -fv "${bubblewrap_dir}"/build/bwrap "$HERE"/release/bwrap-${platform_arch}
)
echo "= build super-strip"
(cd build && git clone https://github.com/aunali1/super-strip.git && cd super-strip
make
mv -fv sstrip /usr/bin/)
echo "= super-strip release binaries"
sstrip release/*-"${platform_arch}"
if [[ "$WITH_UPX" == 1 && -x "$(which upx 2>/dev/null)" ]]
then
echo "= upx compressing"
find release -name "*-${platform_arch}"|\
xargs -I {} upx --force-overwrite -9 --best {} -o {}-upx
fi
if [ "$NO_CLEANUP" != 1 ]
then
echo "= cleanup"
rm -rfv build
fi
echo "= bubblewrap done"