| Message ID | 20260114064400.4070617-1-changqing.li@windriver.com |
|---|---|
| State | New |
| Headers | show |
| Series | [V4] go.bbclass: set buildid to empty string to improve reproducibility | expand |
On Wed, 2026-01-14 at 14:44 +0800, changqing.li@windriver.com wrote: > From: Changqing Li <changqing.li@windriver.com> > > Go packages and binaries are stamped with build IDs that record both the > action ID, which is a hash of the inputs to the action that produced the > packages or binary, and the content ID, which is a hash of the action > output, namely the archive or binary itself, Refer [1]. > > And action ID include hash of modroot, which will include build path, > so this make go package not reproducible. > Refer [2], keying off module path instead of module root directory is a TODO. > > [snip of log] > HASH[moduleIndex]: "go1.25.3" > HASH[moduleIndex]: "modroot /build-a/tmp/work/x86-64-v3-wrs-linux/buildah/1.41.5/recipe-sysroot-native/usr/lib/go/src/cmd\n" > HASH[moduleIndex]: "package go1.25.3 go index v2 /build-a/tmp/work/x86-64-v3-wrs-linux/buildah/1.41.5/recipe-sysroot-native/usr/lib/go/src/cmd/buildid\n" > HASH[moduleIndex]: "file buildid.go 2025-10-13 16:08:43 +0000 UTC 1704\n" > HASH[moduleIndex]: "file doc.go 2025-10-13 16:08:43 +0000 UTC 558\n" > HASH[moduleIndex]: 007b9fe2edd5b3232f5c98ae6c46e80a435141cb627ba5418c5314c0cbf4df7b > > Report this issue to upstream, refer [3] > Workaround the reproducible by setting buildid to empty, refer [4] The trouble is there is a lot of potentially important information going into these buildids and you're just removing that functionality entirely. Can we patch out the problematic component until it is fixed instead? I'm very reticent to remove them entirely, that doesn't feel like a good solution. Cheers, Richard
diff --git a/meta/classes-recipe/go.bbclass b/meta/classes-recipe/go.bbclass index b540471ba2..1c43b36fc0 100644 --- a/meta/classes-recipe/go.bbclass +++ b/meta/classes-recipe/go.bbclass @@ -51,11 +51,12 @@ GO_RPATH:class-native = "${@'-r ${STAGING_LIBDIR_NATIVE}/go/pkg/${TARGET_GOTUPLE GO_RPATH_LINK:class-native = "${@'-Wl,-rpath-link=${STAGING_LIBDIR_NATIVE}/go/pkg/${TARGET_GOTUPLE}_dynlink' if d.getVar('GO_DYNLINK') else ''}" GO_EXTLDFLAGS ?= "${HOST_CC_ARCH}${TOOLCHAIN_OPTIONS} ${GO_RPATH_LINK} ${LDFLAGS}" GO_LINKMODE ?= "" +GO_BUILDID ?= "-buildid=" GO_EXTRA_LDFLAGS ?= "" GO_LINUXLOADER ?= "-I ${@get_linuxloader(d)}" # Use system loader. If uninative is used, the uninative loader will be patched automatically GO_LINUXLOADER:class-native = "" -GO_LDFLAGS ?= '-ldflags="${GO_RPATH} ${GO_LINKMODE} ${GO_LINUXLOADER} ${GO_EXTRA_LDFLAGS} -extldflags '${GO_EXTLDFLAGS}'"' +GO_LDFLAGS ?= '-ldflags="${GO_RPATH} ${GO_LINKMODE} ${GO_LINUXLOADER} ${GO_EXTRA_LDFLAGS} ${GO_BUILDID} -extldflags '${GO_EXTLDFLAGS}'"' export GOBUILDFLAGS ?= "-v ${GO_LDFLAGS} -trimpath" export GOPATH_OMIT_IN_ACTIONID ?= "1" export GOPTESTBUILDFLAGS ?= "${GOBUILDFLAGS} -c"