You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When building golang binaries, if the net or os/user (among others) are part of the build, either direcly or indirectly, the resulting binary is dynamically linked. You can verify that by running ldd <binary>.
Since the resulting binary depends on the builders's libc, this can be an issue if there is a version mismatch on the runtime's libc. This has already been seen when using ubi8-minimal as runtime for binaries built on golang:1.19.
To prevent this from happenning, the suggestion is to use a RHEL9-based distribution as builder. You can easily get the same build environment as in the golang:1.19 image from a ubi9-minimal image:
FROM registry.access.redhat.com/ubi9/ubi-minimal:9.1 AS builder
ARG GO_VERSION
RUN microdnf install -y --nodocs --setopt=install_weak_deps=0 --disableplugin=subscription-manager \
make git gcc tar jq which findutils\
&& microdnf clean all --disableplugin=subscription-manager
RUN curl -fsSL https://go.dev/dl/go${GO_VERSION}.linux-amd64.tar.gz | tar -C /usr/local -xz \
&& ln -s /usr/local/go/bin/go /usr/bin/go \
&& ln -s /usr/local/go/bin/gofmt /usr/bin/gofmt
This expects a build argument GO_VERSION to be passed to the image (e.g. docker build -b 'GO_VERSION=1.19.8'...). This should allow you to easily get updates on newer language versions.
If the builder image does not change frequently, you may consider pushing it to some registry and afterwards pull it on builds to save some build time.
The text was updated successfully, but these errors were encountered:
According to https://github.com/netobserv/flowlogs-pipeline/blob/main/contrib/docker/Dockerfile, this multi-stage docker build is using the golang image to build the binary (which is based on Debian bullseye), and ubi9-minimal as runtime.
When building golang binaries, if the
net
oros/user
(among others) are part of the build, either direcly or indirectly, the resulting binary is dynamically linked. You can verify that by runningldd <binary>
.Since the resulting binary depends on the builders's
libc
, this can be an issue if there is a version mismatch on the runtime'slibc
. This has already been seen when usingubi8-minimal
as runtime for binaries built ongolang:1.19
.To prevent this from happenning, the suggestion is to use a RHEL9-based distribution as builder. You can easily get the same build environment as in the
golang:1.19
image from aubi9-minimal
image:This expects a build argument
GO_VERSION
to be passed to the image (e.g.docker build -b 'GO_VERSION=1.19.8'...
). This should allow you to easily get updates on newer language versions.If the builder image does not change frequently, you may consider pushing it to some registry and afterwards pull it on builds to save some build time.
The text was updated successfully, but these errors were encountered: