From a50b2d910bc6d39a3928fc6813788cce9004f7b7 Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Tue, 10 Jun 2025 18:27:11 +0200 Subject: [PATCH 1/2] Makefile: use libsqlite3 build when possible Dynamically link sqlite3 when installed, the main motivation is that we reduce the podman binary size with that. I see about 3.3 MB savings. But also dynamically linking it means if there a vulnerabilities only the sqlite3 distro package needs updating and we don't have to make a new podman release with the vendored update. Signed-off-by: Paul Holzinger --- Makefile | 3 ++- hack/sqlite_tag.sh | 7 +++++++ 2 files changed, 9 insertions(+), 1 deletion(-) create mode 100755 hack/sqlite_tag.sh diff --git a/Makefile b/Makefile index bfa1f002..459723bc 100644 --- a/Makefile +++ b/Makefile @@ -92,7 +92,8 @@ MANPAGES ?= $(MANPAGES_MD:%.md=%) BTRFS_BUILD_TAG = $(shell hack/btrfs_installed_tag.sh) LIBSUBID_BUILD_TAG = $(shell hack/libsubid_tag.sh) -LOCAL_BUILD_TAGS = $(BTRFS_BUILD_TAG) $(LIBSUBID_BUILD_TAG) +SQLITE_BUILD_TAG = $(shell hack/sqlite_tag.sh) +LOCAL_BUILD_TAGS = $(BTRFS_BUILD_TAG) $(LIBSUBID_BUILD_TAG) $(SQLITE_BUILD_TAG) BUILDTAGS += $(LOCAL_BUILD_TAGS) ifeq ($(DISABLE_CGO), 1) diff --git a/hack/sqlite_tag.sh b/hack/sqlite_tag.sh new file mode 100755 index 00000000..0248355c --- /dev/null +++ b/hack/sqlite_tag.sh @@ -0,0 +1,7 @@ +#!/usr/bin/env bash +${CPP:-${CC:-cc} -E} ${CPPFLAGS} - &> /dev/null << EOF +#include +EOF +if test $? -eq 0 ; then + echo libsqlite3 +fi From f87cd5ec621ea7ed3762bb582b972dab321aecfa Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Tue, 10 Jun 2025 18:31:48 +0200 Subject: [PATCH 2/2] rpm: build rpm with libsqlite3 tag So we dynamically link to sqlite in fedora instead of vendoring a static copy. Signed-off-by: Paul Holzinger --- rpm/skopeo.spec | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/rpm/skopeo.spec b/rpm/skopeo.spec index c13acf3d..4c2347f2 100644 --- a/rpm/skopeo.spec +++ b/rpm/skopeo.spec @@ -66,6 +66,7 @@ BuildRequires: libassuan-devel BuildRequires: glib2-devel BuildRequires: make BuildRequires: shadow-utils-subid-devel +BuildRequires: sqlite-devel Requires: containers-common >= 4:1-21 %description @@ -117,7 +118,7 @@ CGO_CFLAGS=$(echo $CGO_CFLAGS | sed 's/-specs=\/usr\/lib\/rpm\/redhat\/redhat-an export CGO_CFLAGS="$CGO_CFLAGS -m64 -mtune=generic -fcf-protection=full" %endif -BASEBUILDTAGS="$(hack/libsubid_tag.sh)" +BASEBUILDTAGS="$(hack/libsubid_tag.sh) libsqlite3" %if %{defined build_with_btrfs} export BUILDTAGS="$BASEBUILDTAGS $(hack/btrfs_installed_tag.sh)" %else