# 构建 SPIRE ## 前置条件 ### Go 版本 检查项目要求的 Go 版本: ```bash cat .go-version ``` ### 安装 Go ```bash # macOS brew install go # Linux (手动安装) wget https://go.dev/dl/go1.21.x.linux-amd64.tar.gz sudo tar -C /usr/local -xzf go1.21.x.linux-amd64.tar.gz export PATH=$PATH:/usr/local/go/bin ``` ## 获取源码 ```bash git clone https://github.com/spiffe/spire.git cd spire ``` ## 使用 Make 构建 ### 基本构建 ```bash # 构建所有二进制文件 make build # 构建结果在 bin/ 目录 ls bin/ # spire-agent spire-server oidc-discovery-provider ``` ### 构建特定目标 ```bash # 只构建 Server make build-server # 只构建 Agent make build-agent # 构建 OIDC Discovery Provider make build-oidc-discovery-provider ``` ### 交叉编译 ```bash # 构建 Linux amd64 GOOS=linux GOARCH=amd64 make build # 构建 Linux arm64 GOOS=linux GOARCH=arm64 make build # 构建 Windows GOOS=windows GOARCH=amd64 make build ``` ## 使用 Go 直接构建 ```bash # 构建 Server go build -o bin/spire-server ./cmd/spire-server # 构建 Agent go build -o bin/spire-agent ./cmd/spire-agent # 带版本信息构建 go build -ldflags "-X github.com/spiffe/spire/pkg/common/version.gittag=v1.0.0" \ -o bin/spire-server ./cmd/spire-server ``` ## 构建容器镜像 ### 使用 Docker ```bash # 构建 Server 镜像 docker build -t spire-server:local -f Dockerfile --target spire-server . # 构建 Agent 镜像 docker build -t spire-agent:local -f Dockerfile --target spire-agent . ``` ### 多阶段构建 Dockerfile 使用多阶段构建优化镜像大小: ```dockerfile # 构建阶段 FROM golang:1.21 AS builder WORKDIR /build COPY . . RUN make build # 运行阶段 FROM gcr.io/distroless/static AS spire-server COPY --from=builder /build/bin/spire-server /usr/bin/spire-server ENTRYPOINT ["/usr/bin/spire-server"] ``` ## 开发构建 ### 启用调试信息 ```bash # 禁用优化,保留调试信息 go build -gcflags="all=-N -l" -o bin/spire-server ./cmd/spire-server ``` ### 使用 Race Detector ```bash go build -race -o bin/spire-server ./cmd/spire-server ``` ## 生成代码 ### Protocol Buffers ```bash # 安装 protoc # macOS brew install protobuf # 安装 Go 插件 go install google.golang.org/protobuf/cmd/protoc-gen-go@latest go install google.golang.org/grpc/cmd/protoc-gen-go-grpc@latest # 生成代码 make generate ``` ### Mocks ```bash # 安装 mockgen go install go.uber.org/mock/mockgen@latest # 生成 mocks make generate ``` ## 依赖管理 ### 更新依赖 ```bash # 更新所有依赖 go get -u ./... go mod tidy # 更新特定依赖 go get -u github.com/spiffe/go-spiffe/v2 go mod tidy ``` ### 检查依赖 ```bash # 查看直接依赖 go list -m -json all | jq 'select(.Main != true and .Indirect != true)' # 查看依赖图 go mod graph ``` ## 清理 ```bash # 清理构建产物 make clean # 清理 Go 缓存 go clean -cache -testcache ``` ## 常见问题 ### 构建失败:缺少依赖 ```bash # 下载依赖 go mod download # 验证依赖 go mod verify ``` ### CGO 相关问题 ```bash # 禁用 CGO CGO_ENABLED=0 make build # 启用 CGO(某些插件需要) CGO_ENABLED=1 make build ``` ### 版本信息不正确 ```bash # 确保 git 标签正确 git describe --tags # 手动指定版本 make build VERSION=1.0.0 ``` ## Makefile 目标 | 目标 | 描述 | |------|------| | `build` | 构建所有二进制文件 | | `build-server` | 构建 Server | | `build-agent` | 构建 Agent | | `test` | 运行单元测试 | | `lint` | 代码检查 | | `generate` | 生成代码 | | `clean` | 清理构建产物 | | `help` | 显示帮助 |