diff --git a/pkgs/build-support/go/module.nix b/pkgs/build-support/go/module.nix index 153b675d48ae..7d2960f699dc 100644 --- a/pkgs/build-support/go/module.nix +++ b/pkgs/build-support/go/module.nix @@ -41,6 +41,8 @@ , ldflags ? [ ] +, GOFLAGS ? [ ] + # needed for buildFlags{,Array} warning , buildFlags ? "" , buildFlagsArray ? "" @@ -153,11 +155,13 @@ let inherit (go) GOOS GOARCH; - GOFLAGS = lib.optionals (!proxyVendor) [ "-mod=vendor" ] ++ lib.optionals (!allowGoReference) [ "-trimpath" ]; + GOFLAGS = GOFLAGS + ++ lib.optional (!proxyVendor) "-mod=vendor" + ++ lib.optional (!allowGoReference) "-trimpath"; inherit CGO_ENABLED enableParallelBuilding GO111MODULE GOTOOLCHAIN; # If not set to an explicit value, set the buildid empty for reproducibility. - ldflags = ldflags ++ lib.optionals (!lib.any (lib.hasPrefix "-buildid=") ldflags) [ "-buildid=" ]; + ldflags = ldflags ++ lib.optional (!lib.any (lib.hasPrefix "-buildid=") ldflags) "-buildid="; configurePhase = args.configurePhase or ('' runHook preConfigure @@ -307,4 +311,6 @@ lib.warnIf (args' ? vendorSha256) "`vendorSha256` is deprecated. Use `vendorHash lib.warnIf (buildFlags != "" || buildFlagsArray != "") "Use the `ldflags` and/or `tags` attributes instead of `buildFlags`/`buildFlagsArray`" lib.warnIf (builtins.elem "-buildid=" ldflags) "`-buildid=` is set by default as ldflag by buildGoModule" +lib.warnIf (builtins.elem "-trimpath" GOFLAGS) "`-trimpath` is added by default to GOFLAGS by buildGoModule when allowGoReference isn't set to true" +lib.warnIf (lib.any (lib.hasPrefix "-mod=") GOFLAGS) "use `proxyVendor` to control Go module/vendor behavior instead of setting `-mod=` in GOFLAGS" package diff --git a/pkgs/build-support/go/package.nix b/pkgs/build-support/go/package.nix index 8ca5ca0dca01..94a459c267f3 100644 --- a/pkgs/build-support/go/package.nix +++ b/pkgs/build-support/go/package.nix @@ -39,6 +39,8 @@ , ldflags ? [ ] +, GOFLAGS ? [ ] + # needed for buildFlags{,Array} warning , buildFlags ? "" , buildFlagsArray ? "" @@ -89,12 +91,12 @@ let GO111MODULE = "off"; GOTOOLCHAIN = "local"; - GOFLAGS = lib.optionals (!allowGoReference) [ "-trimpath" ]; + GOFLAGS = GOFLAGS ++ lib.optional (!allowGoReference) "-trimpath" ; GOARM = toString (lib.intersectLists [(stdenv.hostPlatform.parsed.cpu.version or "")] ["5" "6" "7"]); # If not set to an explicit value, set the buildid empty for reproducibility. - ldflags = ldflags ++ lib.optionals (!lib.any (lib.hasPrefix "-buildid=") ldflags) [ "-buildid=" ]; + ldflags = ldflags ++ lib.optional (!lib.any (lib.hasPrefix "-buildid=") ldflags) "-buildid="; configurePhase = args.configurePhase or ('' runHook preConfigure @@ -286,4 +288,5 @@ in lib.warnIf (buildFlags != "" || buildFlagsArray != "") "Use the `ldflags` and/or `tags` attributes instead of `buildFlags`/`buildFlagsArray`" lib.warnIf (builtins.elem "-buildid=" ldflags) "`-buildid=` is set by default as ldflag by buildGoModule" +lib.warnIf (builtins.elem "-trimpath" GOFLAGS) "`-trimpath` is added by default to GOFLAGS by buildGoModule when allowGoReference isn't set to true" package diff --git a/pkgs/by-name/gc/gcs/package.nix b/pkgs/by-name/gc/gcs/package.nix index 406db2018624..1493836491af 100644 --- a/pkgs/by-name/gc/gcs/package.nix +++ b/pkgs/by-name/gc/gcs/package.nix @@ -56,7 +56,7 @@ buildGoModule rec { ]; # flags are based on https://github.com/richardwilkes/gcs/blob/master/build.sh - flags = [ "-a -trimpath" ]; + flags = [ "-a" ]; ldflags = [ "-s" "-w" "-X github.com/richardwilkes/toolbox/cmdline.AppVersion=${version}" ]; installPhase = '' diff --git a/pkgs/by-name/gt/gtrash/package.nix b/pkgs/by-name/gt/gtrash/package.nix index aee737aa83df..fb354bada06c 100644 --- a/pkgs/by-name/gt/gtrash/package.nix +++ b/pkgs/by-name/gt/gtrash/package.nix @@ -23,7 +23,6 @@ buildGoModule rec { doCheck = false; CGO_ENABLED = 0; - GOFLAGS = [ "-trimpath" ]; ldflags = [ "-s" "-w" diff --git a/pkgs/by-name/up/uplosi/package.nix b/pkgs/by-name/up/uplosi/package.nix index 57d7fab92ec7..101f29e85be9 100644 --- a/pkgs/by-name/up/uplosi/package.nix +++ b/pkgs/by-name/up/uplosi/package.nix @@ -18,7 +18,6 @@ buildGoModule rec { CGO_ENABLED = "0"; ldflags = [ "-s" "-w" "-X main.version=${version}" ]; - flags = [ "-trimpath" ]; nativeBuildInputs = [ installShellFiles ]; diff --git a/pkgs/development/tools/language-servers/jq-lsp/default.nix b/pkgs/development/tools/language-servers/jq-lsp/default.nix index 13f852790662..6952bea00d63 100644 --- a/pkgs/development/tools/language-servers/jq-lsp/default.nix +++ b/pkgs/development/tools/language-servers/jq-lsp/default.nix @@ -18,7 +18,7 @@ buildGoModule rec { # based on https://github.com/wader/jq-lsp/blob/master/.goreleaser.yml CGO_ENABLED = 0; - GOFLAGS = [ "-trimpath" ]; + ldflags = [ "-s" "-w" diff --git a/pkgs/tools/security/slsa-verifier/default.nix b/pkgs/tools/security/slsa-verifier/default.nix index 1ed192c732a1..d3dc65ba1523 100644 --- a/pkgs/tools/security/slsa-verifier/default.nix +++ b/pkgs/tools/security/slsa-verifier/default.nix @@ -17,8 +17,6 @@ buildGoModule rec { vendorHash = "sha256-rCGj2o59US2t/ckqXirEDgYn9dGvVSzMVcFEZosasBc="; CGO_ENABLED = 0; - GO111MODULE = "on"; - GOFLAGS = "-trimpath"; subPackages = [ "cli/slsa-verifier" ]; diff --git a/pkgs/tools/video/go2rtc/default.nix b/pkgs/tools/video/go2rtc/default.nix index 8ee378d6c264..12bb7f2b0b0f 100644 --- a/pkgs/tools/video/go2rtc/default.nix +++ b/pkgs/tools/video/go2rtc/default.nix @@ -16,10 +16,6 @@ buildGoModule rec { vendorHash = "sha256-KEW3ykEZvL6y1VacDIqtHW9B2RLHlHC29aqJjkEnRqQ="; - buildFlagArrays = [ - "-trimpath" - ]; - CGO_ENABLED = 0; ldflags = [