Skip to content

Commit

Permalink
Clear GOROOT when linking
Browse files Browse the repository at this point in the history
Due to golang/go#62047, Go 1.23 won't support `GOROOT_FINAL`.
This means that bazel-contrib#971 will no longer fix bazel-contrib#969,
meaning linked binaries will contain full GOROOT paths, making them non-reproducible.

Instead of using `GOROOT_FINAL`, this change sets `GOROOT` when invoking the linker,
which will cause the linker to continue to write `GOROOT` into the binary,
keeping builds consistent.

This works on Go 1.23rc1 as well.

I'm not a rules_go expert and I'm not married to this particular solution,
I just wanted to bring attention to the issue.
If there's a clever way we can set `-trimpath` when invoking the compiler,
that might be better - but we already use that flag to trim off the bazel sandbox I believe.
JacobOaks committed Jul 8, 2024
1 parent 634fc28 commit a86b2da
Showing 2 changed files with 7 additions and 1 deletion.
1 change: 0 additions & 1 deletion go/private/context.bzl
Original file line number Diff line number Diff line change
@@ -487,7 +487,6 @@ def go_context(ctx, attr = None):
"GOOS": mode.goos,
"GOEXPERIMENT": ",".join(toolchain.sdk.experiments),
"GOROOT": goroot,
"GOROOT_FINAL": "GOROOT",
"CGO_ENABLED": "0" if mode.pure else "1",

# If we use --action_env=GOPATH, or in other cases where environment
7 changes: 7 additions & 0 deletions go/tools/builders/link.go
Original file line number Diff line number Diff line change
@@ -149,6 +149,13 @@ func link(args []string) error {
// add in the unprocess pass through options
goargs = append(goargs, toolArgs...)
goargs = append(goargs, *main)

// Explicitly set GOROOT to a dummy value when running linker.
// This ensures that the GOROOT written into the binary
// is constant and thus builds are reproducible.
oldroot := os.Getenv("GOROOT")
defer os.Setenv("GOROOT", oldroot)
os.Setenv("GOROOT", "GOROOT")
if err := goenv.runCommand(goargs); err != nil {
return err
}

0 comments on commit a86b2da

Please sign in to comment.