Use musl targets for static Linux binaries#237
Conversation
Change Linux build targets from glibc to musl to produce truly static executables that work on all Linux distributions including NixOS. - i686-unknown-linux-gnu -> i686-unknown-linux-musl - x86_64-unknown-linux-gnu -> x86_64-unknown-linux-musl - aarch64-unknown-linux-gnu -> aarch64-unknown-linux-musl Fixes #107
There was a problem hiding this comment.
Pull request overview
This PR updates the Linux build targets in the CI/CD workflow to use musl libc instead of glibc, enabling the creation of fully static executables that are portable across all Linux distributions, including NixOS.
Key Changes:
- Replaced all Linux GNU targets with their musl equivalents across three architectures (i686, x86_64, aarch64)
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Enhance end-to-end testing with: 1. **Main E2E job**: Test npm package installation on all platforms - Runs on: ubuntu-latest, macos-latest, windows-latest - Tests with Node.js 20 - Full database integration tests on Linux (MySQL 5.6, 5.7, 8 & PostgreSQL 12-16) - Basic installation tests on macOS and Windows - Validates --version and --help commands 2. **E2E Linux distros with databases**: Test npm package across Linux distributions - Ubuntu 20.04, 22.04, 24.04 - Debian 11, 12 - Alpine 3.18, 3.19 (musl-native) - Fedora 38, 39 - Tests with MySQL 8 and PostgreSQL 16 - Installs Node.js in each container - Runs full integration tests with live databases 3. **Static binary Linux distro tests**: Verify musl static binaries work everywhere - Tests on all Linux distros including NixOS (issue #107) - Builds with x86_64-unknown-linux-musl target - Verifies binary is statically linked using ldd - Runs binary in each distro's container Benefits: - Ensures npm package works on all major platforms - Validates static binaries are truly portable - Tests against all supported database versions - Catches platform-specific issues before release - Specifically addresses NixOS compatibility (issue #107)
The previous check was incorrectly failing on static-pie (Position Independent Executable) binaries. A static-pie binary IS statically linked - it's a modern, more secure form of static linking. Changes: - Fix build command to include --target flag (was missing) - Update verification to accept both 'static' and 'static-pie' - Check file output for 'static' keyword instead of only ldd - Add detailed logging to show both file and ldd output - Accept 'not a dynamic executable' from ldd as valid This fixes the false positive failure in the linux-distro-static-binary-test job that was reporting 'Binary is not static!' for valid static-pie binaries.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 2 out of 2 changed files in this pull request and generated no new comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 3 out of 3 changed files in this pull request and generated 3 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 3 out of 3 changed files in this pull request and generated 1 comment.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| apt-get install -y nodejs | ||
| elif command -v dnf > /dev/null; then | ||
| # Fedora | ||
| dnf install -y nodejs npm |
There was a problem hiding this comment.
The Arch Linux distro (archlinux:latest) in the matrix is not handled in the package manager detection logic. Add an elif branch to handle pacman for Arch Linux installations.
| dnf install -y nodejs npm | |
| dnf install -y nodejs npm | |
| elif command -v pacman > /dev/null; then | |
| # Arch Linux | |
| pacman -Sy --noconfirm nodejs npm bash |
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 7 out of 7 changed files in this pull request and generated no new comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 9 out of 9 changed files in this pull request and generated 2 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| if command -v apk > /dev/null; then | ||
| # Alpine |
There was a problem hiding this comment.
[nitpick] The distro detection logic uses command -v apk which checks for the Alpine package manager, but this doesn't guarantee the system is Alpine Linux. A more robust approach would be to check /etc/os-release or use multiple package manager checks in a specific order. However, for the Alpine distros in the matrix (alpine:3.18, alpine:3.19), this should work correctly.
| if command -v apk > /dev/null; then | |
| # Alpine | |
| if [ -f /etc/os-release ] && grep -q '^ID=alpine' /etc/os-release; then | |
| # Alpine (detected via /etc/os-release) |
| apt-get install -y nodejs | ||
| elif command -v dnf > /dev/null; then | ||
| # Fedora | ||
| dnf install -y nodejs npm |
There was a problem hiding this comment.
[nitpick] For Fedora 38 and 39, the package manager should be dnf, but consider that Fedora 39 and later may have different Node.js versions in their repositories. You might want to use a consistent Node.js version across all distros by using NodeSource or nvm instead of relying on distro-provided packages.
| dnf install -y nodejs npm | |
| dnf install -y curl | |
| curl -fsSL https://rpm.nodesource.com/setup_20.x | bash - | |
| dnf install -y nodejs |
Change Linux build targets from glibc to musl to produce truly static executables that work on all Linux distributions including NixOS.
Fixes #107