From b1b4e5af745012a1c9117cfecfea5c814217033d Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Wed, 28 Jul 2021 22:09:09 +0200 Subject: [PATCH 1/3] Revert "plugins: update golang to 1.16.3 to build buildx on darwin/arm64" This reverts commit 60e28c914dbe5c0b7fe9fe73fefb24ecbd078085. Signed-off-by: Sebastiaan van Stijn --- static/Makefile | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/static/Makefile b/static/Makefile index 76c2da4cb2..219c9213c7 100644 --- a/static/Makefile +++ b/static/Makefile @@ -5,7 +5,8 @@ ENGINE_DIR=$(realpath $(CURDIR)/../src/github.com/docker/docker) GEN_STATIC_VER=$(shell ./gen-static-ver $(CLI_DIR) $(VERSION)) HASH_CMD=docker run -v $(CURDIR):/sum -w /sum debian:jessie bash hash_files DIR_TO_HASH:=build/linux -DOCKER_CLI_PLUGIN_GOLANG_IMG=golang:1.16.3 +GO_VERSION=$(shell grep "ARG GO_VERSION" $(CLI_DIR)/dockerfiles/Dockerfile.dev | awk -F'=' '{print $$2}') +DOCKER_CLI_GOLANG_IMG=golang:$(GO_VERSION) .PHONY: help help: ## show make targets @@ -103,7 +104,7 @@ cross-mac-plugins: cross-mac-plugins-amd64 cross-mac-plugins-arm64 cross-mac-plugins-%: CLI_BUILD_DIR := mac cross-mac-plugins-%: mkdir -p build/$(CLI_BUILD_DIR)/$*/docker - GOOS=darwin GOARCH=$* docker run $(BUILD_PLUGIN_RUN_VARS) $(DOCKER_CLI_PLUGIN_GOLANG_IMG) /build + GOOS=darwin GOARCH=$* docker run $(BUILD_PLUGIN_RUN_VARS) $(DOCKER_CLI_GOLANG_IMG) /build $(CHOWN) -R $(shell id -u):$(shell id -g) build/$(CLI_BUILD_DIR)/$* .PHONY: cross-win-plugins @@ -113,6 +114,6 @@ cross-win-plugins: cross-win-plugins-amd64 cross-win-plugins-%: CLI_BUILD_DIR := win cross-win-plugins-%: mkdir -p build/$(CLI_BUILD_DIR)/$*/docker/cli-plugins - GOOS=windows GOARCH=$* docker run $(BUILD_PLUGIN_RUN_VARS) $(DOCKER_CLI_PLUGIN_GOLANG_IMG) /build + GOOS=windows GOARCH=$* docker run $(BUILD_PLUGIN_RUN_VARS) $(DOCKER_CLI_GOLANG_IMG) /build $(CHOWN) -R $(shell id -u):$(shell id -g) build/$(CLI_BUILD_DIR)/$* find build/$(CLI_BUILD_DIR)/$*/docker -type f -not -name "*.exe" -exec mv {} {}.exe \; From 8141ee7d60c6c24801631796266f351c4e2a674e Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Wed, 28 Jul 2021 22:11:15 +0200 Subject: [PATCH 2/3] static: use same Go version as other builds Use the version that's defined/set in common.mk Signed-off-by: Sebastiaan van Stijn --- static/Makefile | 1 - 1 file changed, 1 deletion(-) diff --git a/static/Makefile b/static/Makefile index 219c9213c7..0dd44dd306 100644 --- a/static/Makefile +++ b/static/Makefile @@ -5,7 +5,6 @@ ENGINE_DIR=$(realpath $(CURDIR)/../src/github.com/docker/docker) GEN_STATIC_VER=$(shell ./gen-static-ver $(CLI_DIR) $(VERSION)) HASH_CMD=docker run -v $(CURDIR):/sum -w /sum debian:jessie bash hash_files DIR_TO_HASH:=build/linux -GO_VERSION=$(shell grep "ARG GO_VERSION" $(CLI_DIR)/dockerfiles/Dockerfile.dev | awk -F'=' '{print $$2}') DOCKER_CLI_GOLANG_IMG=golang:$(GO_VERSION) .PHONY: help From 9308b2f53b5233ed7fbc9db7367f16cc15874fca Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Wed, 28 Jul 2021 22:12:29 +0200 Subject: [PATCH 3/3] Bump go 1.16.6 (addresses CVE-2021-34558) This addresses CVE-2021-34558: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34558 go1.16.6 (released 2021-07-12) includes a security fix to the crypto/tls package, as well as bug fixes to the compiler, and the net and net/http packages. See the Go 1.16.6 milestone on the issue tracker for details: https://github.com/golang/go/issues?q=milestone%3AGo1.16.6+label%3ACherryPickApproved Signed-off-by: Sebastiaan van Stijn --- common.mk | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/common.mk b/common.mk index 6540c250f0..ce1ddd2a67 100644 --- a/common.mk +++ b/common.mk @@ -16,7 +16,7 @@ BUILDTIME=$(shell date -u -d "@$${SOURCE_DATE_EPOCH:-$$(date +%s)}" --rfc-3339 n CHOWN:=docker run --rm -v $(CURDIR):/v -w /v alpine chown DEFAULT_PRODUCT_LICENSE:=Community Engine DOCKER_GITCOMMIT:=abcdefg -GO_VERSION:=1.16.5 +GO_VERSION:=1.16.6 PLATFORM=Docker Engine - Community SHELL:=/bin/bash VERSION?=0.0.1-dev