summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAllan McRae <allan@archlinux.org>2017-05-12 12:41:20 +0200
committerAllan McRae <allan@archlinux.org>2017-05-16 04:54:01 +0200
commitd30878763ce1b5be453b563f2729d7333242e79b (patch)
tree453e67a0e740d25cad64a553eb6aa8fcfb6898ce
parent5f3812868600488de585771273e12a3e68a4d366 (diff)
downloadpacman-d30878763ce1b5be453b563f2729d7333242e79b.tar.gz
pacman-d30878763ce1b5be453b563f2729d7333242e79b.tar.xz
makepkg: introduce SOURCE_DATE_EPOCH
This patch introduces the SOURCE_DATE_EPOCH environmental variable. All files in a package are adjusted to have their modification dates set to the value of SOURCE_DATE_EPOCH, which defaults to "date +%s". Setting this variable allows a package that is built twice in the same environment to be (potentially) reproducible in that the checksum of the generated package file will be the same. Also adjust the compression of the mtree file to avoid gzip embedding a timestamp. Signed-off-by: Levente Polyak <anthraxx@archlinux.org>
-rw-r--r--scripts/makepkg.sh.in13
1 files changed, 9 insertions, 4 deletions
diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in
index c019ae3b..1f1217f4 100644
--- a/scripts/makepkg.sh.in
+++ b/scripts/makepkg.sh.in
@@ -87,6 +87,8 @@ SPLITPKG=0
SOURCEONLY=0
VERIFYSOURCE=0
+export SOURCE_DATE_EPOCH=${SOURCE_DATE_EPOCH:-$(date +%s)}
+
PACMAN_OPTS=()
shopt -s extglob
@@ -620,7 +622,6 @@ write_kv_pair() {
}
write_pkginfo() {
- local builddate=$(date -u "+%s")
if [[ -n $PACKAGER ]]; then
local packager="$PACKAGER"
else
@@ -654,7 +655,7 @@ write_pkginfo() {
write_kv_pair "pkgdesc" "$spd"
write_kv_pair "url" "$url"
- write_kv_pair "builddate" "$builddate"
+ write_kv_pair "builddate" "$SOURCE_DATE_EPOCH"
write_kv_pair "packager" "$packager"
write_kv_pair "size" "$size"
write_kv_pair "arch" "$pkgarch"
@@ -738,10 +739,14 @@ create_package() {
[[ -f $pkg_file ]] && rm -f "$pkg_file"
[[ -f $pkg_file.sig ]] && rm -f "$pkg_file.sig"
+ # ensure all elements of the package have the same mtime
+ find . -exec touch -h -d @$SOURCE_DATE_EPOCH {} +
+
msg2 "$(gettext "Generating .MTREE file...")"
- list_package_files | LANG=C bsdtar -cnzf .MTREE --format=mtree \
+ list_package_files | LANG=C bsdtar -cnf - --format=mtree \
--options='!all,use-set,type,uid,gid,mode,time,size,md5,sha256,link' \
- --null --files-from - --exclude .MTREE
+ --null --files-from - --exclude .MTREE | gzip -c -f -n > .MTREE
+ touch -d @$SOURCE_DATE_EPOCH .MTREE
msg2 "$(gettext "Compressing package...")"
# TODO: Maybe this can be set globally for robustness