From 8c2b7958d81330f74285b5a6af13c6b9ba2d4aa3 Mon Sep 17 00:00:00 2001
From: Craig Condit <ccondit@apache.org>
Date: Fri, 15 Mar 2024 09:35:59 -0500
Subject: [PATCH] [YUNIKORN-2486] Web: Use Docker to build reproducible
 binaries (#179)

Introduces a build var (REPRODUCIBLE_BUILDS=1) to force building
binaries using Docker. This results in builds with a consistent
environment every time.

Closes: #179
---
 .gitignore        |  1 +
 .go_repro_version |  1 +
 Makefile          | 17 +++++++++++++++++
 3 files changed, 19 insertions(+)
 create mode 100644 .go_repro_version

diff --git a/.gitignore b/.gitignore
index 6c0c2684..065066f3 100644
--- a/.gitignore
+++ b/.gitignore
@@ -21,6 +21,7 @@ yarn-error.log
 .classpath
 .c9/
 *.launch
+*.swp
 .settings/
 *.sublime-workspace
 
diff --git a/.go_repro_version b/.go_repro_version
new file mode 100644
index 00000000..428abfd2
--- /dev/null
+++ b/.go_repro_version
@@ -0,0 +1 @@
+1.21.8
diff --git a/Makefile b/Makefile
index 86d5580d..cec163d3 100644
--- a/Makefile
+++ b/Makefile
@@ -72,6 +72,14 @@ ifeq ($(REGISTRY),)
 REGISTRY := apache
 endif
 
+# Reproducible builds mode
+GO_REPRO_VERSION := $(shell cat .go_repro_version)
+ifeq ($(REPRODUCIBLE_BUILDS),1)
+  REPRO := 1
+else
+  REPRO :=
+endif
+
 # Set the default web port
 PORT=9889
 
@@ -233,11 +241,20 @@ build_server_prod: $(RELEASE_BIN_DIR)/$(SERVER_BINARY)
 $(RELEASE_BIN_DIR)/$(SERVER_BINARY): go.mod go.sum $(shell find pkg)
 	@echo "building web server binary"
 	@mkdir -p ${RELEASE_BIN_DIR}
+ifeq ($(REPRO),1)
+	docker run -t --rm=true --volume "$(BASE_DIR):/buildroot" "golang:$(GO_REPRO_VERSION)" sh -c "cd /buildroot && \
+	CGO_ENABLED=0 GOOS=linux GOARCH=\"${EXEC_ARCH}\" \
+	go build -a -o=${RELEASE_BIN_DIR}/${SERVER_BINARY} -trimpath -ldflags \
+	'-buildid= -extldflags \"-static\" -X main.version=${VERSION} -X main.date=${DATE}' \
+	-tags netgo -installsuffix netgo \
+	./pkg/cmd/web/"
+else
 	CGO_ENABLED=0 GOOS=linux GOARCH="${EXEC_ARCH}" \
 	"$(GO)" build -a -o=${RELEASE_BIN_DIR}/${SERVER_BINARY} -trimpath -ldflags \
 	'-buildid= -extldflags "-static" -X main.version=${VERSION} -X main.date=${DATE}' \
 	-tags netgo -installsuffix netgo \
 	./pkg/cmd/web/
+endif
 
 # Run the web interface from the production image
 .PHONY: run