1 year ago · 1005cbc1e4
--- a/assert_ts_toolchain_match.go
+++ b/assert_ts_toolchain_match.go
@@ -0,0 +1,27 @@
 
				+// Copyright (c) Tailscale Inc & AUTHORS
			
 
				+// SPDX-License-Identifier: BSD-3-Clause
			
 
				+
			
 
				+//go:build tailscale_go
			
 
				+
			
 
				+package tailscaleroot
			
 
				+
			
 
				+import (
			
 
				+	"fmt"
			
 
				+	"os"
			
 
				+	"strings"
			
 
				+)
			
 
				+
			
 
				+func init() {
			
 
				+	tsRev, ok := tailscaleToolchainRev()
			
 
				+	if !ok {
			
 
				+		panic("binary built with tailscale_go build tag but failed to read build info or find tailscale.toolchain.rev in build info")
			
 
				+	}
			
 
				+	want := strings.TrimSpace(GoToolchainRev)
			
 
				+	if tsRev != want {
			
 
				+		if os.Getenv("TS_PERMIT_TOOLCHAIN_MISMATCH") == "1" {
			
 
				+			fmt.Fprintf(os.Stderr, "tailscale.toolchain.rev = %q, want %q; but ignoring due to TS_PERMIT_TOOLCHAIN_MISMATCH=1\n", tsRev, want)
			
 
				+			return
			
 
				+		}
			
 
				+		panic(fmt.Sprintf("binary built with tailscale_go build tag but Go toolchain %q doesn't match github.com/tailscale/tailscale expected value %q; override this failure with TS_PERMIT_TOOLCHAIN_MISMATCH=1", tsRev, want))
			
 
				+	}
			
 
				+}
			
--- a/version-embed.go
+++ b/version-embed.go
@@ -4,7 +4,10 @@
 
				 // Package tailscaleroot embeds VERSION.txt into the binary.
			
 
				 package tailscaleroot
			
 
				 
			
 
				-import _ "embed"
			
 
				+import (
			
 
				+	_ "embed"
			
 
				+	"runtime/debug"
			
 
				+)
			
 
				 
			
 
				 // VersionDotTxt is the contents of VERSION.txt. Despite the tempting filename,
			
 
				 // this does not necessarily contain the accurate version number of the build, which
			
@@ -22,3 +25,16 @@ var AlpineDockerTag string
 
				 //
			
 
				 //go:embed go.toolchain.rev
			
 
				 var GoToolchainRev string
			
 
				+
			
 
				+func tailscaleToolchainRev() (gitHash string, ok bool) {
			
 
				+	bi, ok := debug.ReadBuildInfo()
			
 
				+	if !ok {
			
 
				+		return "", false
			
 
				+	}
			
 
				+	for _, s := range bi.Settings {
			
 
				+		if s.Key == "tailscale.toolchain.rev" {
			
 
				+			return s.Value, true
			
 
				+		}
			
 
				+	}
			
 
				+	return "", false
			
 
				+}
			
--- a/version_tailscale_test.go
+++ b/version_tailscale_test.go
@@ -7,23 +7,15 @@ package tailscaleroot
 
				 
			
 
				 import (
			
 
				 	"os"
			
 
				-	"runtime/debug"
			
 
				 	"strings"
			
 
				 	"testing"
			
 
				 )
			
 
				 
			
 
				 func TestToolchainMatches(t *testing.T) {
			
 
				-	bi, ok := debug.ReadBuildInfo()
			
 
				+	tsRev, ok := tailscaleToolchainRev()
			
 
				 	if !ok {
			
 
				 		t.Fatal("failed to read build info")
			
 
				 	}
			
 
				-	var tsRev string
			
 
				-	for _, s := range bi.Settings {
			
 
				-		if s.Key == "tailscale.toolchain.rev" {
			
 
				-			tsRev = s.Value
			
 
				-			break
			
 
				-		}
			
 
				-	}
			
 
				 	want := strings.TrimSpace(GoToolchainRev)
			
 
				 	if tsRev != want {
			
 
				 		if os.Getenv("TS_PERMIT_TOOLCHAIN_MISMATCH") == "1" {