This information can be used to reproduce build conditions, which can then be used to determine if a package builds reproducibly. Signed-off-by: Allan McRae <allan@archlinux.org> --- v2: Add build directory, PKGBUILD sha256sum and debug packaging flags. scripts/makepkg.sh.in | 49 +++++++++++++++++++++++++++++++++++-------------- 1 file changed, 35 insertions(+), 14 deletions(-) diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in index 6ededa3..db96a30 100644 --- a/scripts/makepkg.sh.in +++ b/scripts/makepkg.sh.in @@ -223,7 +223,7 @@ run_pacman() { else cmd=("$PACMAN_PATH" "$@") fi - if [[ $1 != -@(T|Qq) ]]; then + if [[ $1 != -@(T|Qq|Q) ]]; then if type -p sudo >/dev/null; then cmd=(sudo "${cmd[@]}") else @@ -1143,19 +1143,30 @@ write_pkginfo() { [[ $optdepends ]] && printf "optdepend = %s\n" "${optdepends[@]//+([[:space:]])/ }" [[ $makedepends ]] && printf "makedepend = %s\n" "${makedepends[@]}" [[ $checkdepends ]] && printf "checkdepend = %s\n" "${checkdepends[@]}" +} - local it - for it in "${packaging_options[@]}"; do - check_option "$it" "y" - case $? in - 0) - printf "makepkgopt = %s\n" "$it" - ;; - 1) - printf "makepkgopt = %s\n" "!$it" - ;; - esac - done +write_buildinfo() { + msg2 "$(gettext "Generating %s file...")" ".BUILDINFO" + + printf "builddir = %s\n" "${BUILDDIR}" + + local sum="$(openssl dgst -sha256 "${BUILDFILE}")" + sum=${sum##* } + + printf "pkgbuild_sha256sum = %s\n" $sum + + printf "buildenv = %s\n" "${BUILDENV[@]}" + printf "options = %s\n" "${OPTIONS[@]}" + + printf "cppflags = %s\n" "$cppflags" + printf "cflags = %s\n" "$cflags" + printf "cxxflags = %s\n" "$cxxflags" + printf "ldflags = %s\n" "$ldflags" + printf "debug_cflags = %s\n" "$debug_cflags" + printf "debug_cxxflags = %s\n" "$debug_cxxflags" + + local pkglist=($(run_pacman -Q | sed "s# #-#")) + printf "installed = %s\n" "${pkglist[@]}" } create_package() { @@ -1172,8 +1183,9 @@ create_package() { pkgarch=$(get_pkg_arch) write_pkginfo > .PKGINFO + write_buildinfo > .BUILDINFO - local comp_files=('.PKGINFO') + local comp_files=('.PKGINFO' '.BUILDINFO') # check for changelog/install files for i in 'changelog/.CHANGELOG' 'install/.INSTALL'; do @@ -1958,6 +1970,15 @@ GPGKEY=${_GPGKEY:-$GPGKEY} PACKAGER=${_PACKAGER:-$PACKAGER} CARCH=${_CARCH:-$CARCH} +# record initial build environment +cppflags="$CPPFLAGS" +cflags="$CFLAGS" +cxxflags="$CXXFLAGS" +ldflags="$LDFLAGS" +debug_cflags="$DEBUG_CFLAGS" +debug_cxxflags="$DEBUG_CXXFLAGS" + + if (( ! INFAKEROOT )); then if (( EUID == 0 )); then error "$(gettext "Running %s as root is not allowed as it can cause permanent,\n\ -- 2.6.1