Description
Update the Go builds to use -trimpath so we remove all the Jenkins filesystem from any stack traces for releases.
It is both annoying to see `/home/jenkins/...` in stack traces and a security breach: we're leaking information about our build infrastructure (a username, the fact we use jenkins, linux based, possible version info based on how jenkins does stuff with paths, etc.) which could be used in a supply chain attack.
e.g from the fluent bit unit tests (`make test-unit`) output:
{"level":"error","ts":1627383021.6549041,"logger":"couchbase-watcher","caller":"fluent/watcher.go:140","msg":"Fluent bit exited","error":"signal: killed","binary":"/bin/bash","config":"sleep 20000","configError":"open sleep 20000: no such file or directory","stacktrace":"github.com/couchbase/fluent-bit/pkg/fluent.Wait\n\t/Users/patrickstephens/github.com/couchbase/couchbase-fluent-bit/pkg/fluent/watcher.go:140\ngithub.com/couchbase/fluent-bit/pkg/fluent.addFluentBitWatcher.func1\n\t/Users/patrickstephens/github.com/couchbase/couchbase-fluent-bit/pkg/fluent/watcher.go:230\ngithub.com/oklog/run.(*Group).Run.func1\n\t/Users/patrickstephens/golang/pkg/mod/github.com/oklog/run@v1.1.0/group.go:38"}
|