build: add option to use nightly and dynamic linking

deployments/docker/build/02.server-builder

@@ -1,6 +1,15 @@
 FROM rust:slim
+
+ARG DSIEM_NIGHTLY_RUST
+RUN [ ! -z "$DSIEM_NIGHTLY_RUST" ] && \
+  rustup toolchain install nightly && \
+  rustup component add rust-src --toolchain nightly-x86_64-unknown-linux-gnu
+
 COPY . .
 WORKDIR /ctx
 RUN cd server && cargo fetch
-RUN RUSTFLAGS="-C target-feature=+crt-static" cargo build --target x86_64-unknown-linux-gnu --release
+
+ARG DSIEM_DYNAMIC_LIBGCC
+RUN ./scripts/build-glibc.sh
+
 RUN rm -rf target/release && mv target/x86_64-unknown-linux-gnu/release target/release

deployments/docker/build/03.base-alpine

@@ -1 +1,3 @@
-FROM alpine
+ARG alpine_base
+
+FROM ${alpine_base}

deployments/docker/build/03.base-wolfi

@@ -1,5 +1,7 @@
 FROM cgr.dev/chainguard/wolfi-base
+ARG apk_extra_packages
 # replace with full busybox to add wget
-RUN apk del busybox && apk add --no-cache busybox-full
+# optionally also add extra packages, i.e. libgcc if dynamic linking is used
+RUN apk del busybox && apk add --no-cache busybox-full ${apk_extra_packages}
 # ensure /var/run is a symlink to /run, required in some systems
 RUN [ ! -L "/var/run" ] && rm -rf /var/run && ln -s /run /var/run || true

scripts/build-glibc.sh

@@ -6,22 +6,23 @@
 #   scripts/build-glibc.sh
 
 # - build with nightly toolchain and dynamic linking to glibc:
-#   DSIEM_DYNAMIC_LIBC=1 DSIEM_NIGHTLY_RUST=1 scripts/build-glibc.sh
+#   DSIEM_DYNAMIC_LIBGCC=1 DSIEM_NIGHTLY_RUST=1 scripts/build-glibc.sh
 
 # - build specific binary:
 #   scripts/build-glibc.sh --bin dsiem-backend
 
-set -x
-
-dir=$(git rev-parse --show-toplevel) && cd $dir || { echo "not in a git repo" && exit 1; }
+grep -q Dsiem ./Cargo.toml 2>/dev/null || { echo "not in the root of the project" && exit 1; }
 
 # defaults to static build and stable toolchain unless overriden using these
 
-[ "$DSIEM_DYNAMIC_LIBC" ] && target_feature="-crt-static" || target_feature="+crt-static"
+[ "$DSIEM_DYNAMIC_LIBGCC" ] && target_feature="-crt-static" || target_feature="+crt-static"
 [ "$DSIEM_NIGHTLY_RUST" ] &&
   nightly="+nightly" &&
   option_z="-Zlocation-detail=none" &&
-  build_std="-Z build-std=std,panic_abort -Z build-std-features=panic_immediate_abort"
+  build_std="-Z build-std=std,panic_abort -Z build-std-features=panic_immediate_abort" &&
+  ([ "$DSIEM_DYNAMIC_LIBGCC" ] && option_z="${option_z} -Zsanitizer=address" || true)
+
+set -x
 
 RUSTFLAGS="-C target-feature=${target_feature} ${option_z}" \
   cargo ${nightly} build ${build_std} --target x86_64-unknown-linux-gnu --release $@

scripts/dockerbuild.sh

@@ -9,11 +9,17 @@
 # if 2nd argument is the same as env variable DEFAULT_BASE_IMAGE, the image will be tagged as "latest"
 # the default for DEFAULT_BASE_IMAGE for now is "wolfi"
 
+# if env variable DSIEM_DYNAMIC_LIBGCC is set, glibc will be linked dynamically (except for "alpine_musl")
+# if env variable DSIEM_NIGHTLY_RUST is set, the nightly version of rust will be used
+
 dir="./deployments/docker/build"
 [ ! -e $dir ] && echo must be executed from the repo root directory. && exit 1
 
 DEFAULT_BASE_IMAGE=${DEFAULT_BASE_IMAGE:-wolfi}
 
+DSIEM_DYNAMIC_LIBGCC=${DSIEM_DYNAMIC_LIBGCC:-""}
+DSIEM_NIGHTLY_RUST=${DSIEM_NIGHTLY_RUST:-""}
+
 image_name=$1
 base_image=$2
 
@@ -45,15 +51,18 @@ rsync -vhra --delete ./ $tmpctx/ \
   --exclude='Dockerfile' \
   --exclude-from=<(git -C ./ ls-files --exclude-standard -oi --directory)
 
+mkdir -p $tmpctx/scripts && cp ./scripts/build-glibc.sh $tmpctx/scripts/build-glibc.sh
+
 pkg="$tmpctx/Cargo.toml"
 [ ! -f "$pkg" ] && echo $pkg isnt available && exit 1
 version=$(grep version Cargo.toml | head -1 | cut -d\" -f2)
 
 build_image() {
   local dockerfile=$1
   local image_name=$2
+  local extra_arg=$3
   echo building $image_name ..
-  docker build -f ${dockerfile} -t ${image_name} . || {
+  docker build -f ${dockerfile} -t ${image_name} ${extra_arg} . || {
     echo "failed building image"
     exit 1
   }
@@ -65,10 +74,19 @@ cd $dir/
 build_image 01.webui-builder dsiem-dev/webui-builder
 
 # dsiem-dev/server-builder
-build_image 02.server-builder${dsiem_lib} dsiem-dev/server-builder
+
+[ "$DSIEM_DYNAMIC_LIBGCC" ] &&
+  libgcc_arg="--build-arg apk_extra_packages=libgcc --build-arg DSIEM_DYNAMIC_LIBGCC=1" &&
+  alpine_arg="--build-arg alpine_base=mmta/alpine-glibc" ||
+  alpine_arg="--build-arg alpine_base=alpine"
+
+[ "$DSIEM_NIGHTLY_RUST" ] &&
+  nightly_arg="--build-arg DSIEM_NIGHTLY_RUST=1"
+
+build_image 02.server-builder${dsiem_lib} dsiem-dev/server-builder "${libgcc_arg} ${nightly_arg}"
 
 # dsiem-dev/base-image
-build_image 03.base-${base_image} dsiem-dev/base-image
+build_image 03.base-${base_image} dsiem-dev/base-image "${libgcc_arg} ${alpine_arg}"
 
 this_image=${image_name}:${version}-${base_image}