[pacman-dev] [PATCH v4] makepkg: respect $SOURCE_DATE_EPOCH to activate reproducible builds
Eli Schwartz
eschwartz at archlinux.org
Wed Sep 13 03:59:24 UTC 2017
If SOURCE_DATE_EPOCH is set, `touch` all source files as part of
prepare() to fix the modification times. This works around build systems
and compilers that embed the file modification times into the file
contents of release artifacts.
Signed-off-by: Eli Schwartz <eschwartz at archlinux.org>
---
doc/makepkg.8.txt | 16 ++++++++++++++++
scripts/makepkg.sh.in | 13 ++++++++++++-
2 files changed, 28 insertions(+), 1 deletion(-)
diff --git a/doc/makepkg.8.txt b/doc/makepkg.8.txt
index 2dff1b19..e1d50775 100644
--- a/doc/makepkg.8.txt
+++ b/doc/makepkg.8.txt
@@ -206,6 +206,7 @@ Options
*\--printsrcinfo*::
Generate and print the SRCINFO file to stdout.
+
Additional Features
-------------------
makepkg supports building development versions of packages without having to
@@ -214,6 +215,19 @@ separate utility 'versionpkg'. See linkman:PKGBUILD[5] for details on how to
set up a development PKGBUILD.
+Reproducibility
+---------------
+makepkg is designed to be compatible with
+link:https://reproducible-builds.org/docs/[Reproducible Builds]. If the
+**SOURCE_DATE_EPOCH** environment variable is set, it will be exported to
+subprocesses, and source and package file modification times and package
+metadata will be unified based on the timestamp specified.
+
+If the **SOURCE_DATE_EPOCH** environment variable is not set, makepkg will use
+its own start date for internal use, but will not unify source file timestamps
+before building.
+
+
Environment Variables
---------------------
**PACMAN**::
@@ -265,6 +279,8 @@ Environment Variables
Specify a key to use when signing packages, overriding the GPGKEY setting
in linkman:makepkg.conf[5]
+**SOURCE_DATE_EPOCH=**"<date>"::
+ Used for link:https://reproducible-builds.org/docs/[Reproducible Builds].
Configuration
-------------
diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in
index 20e9dd7e..a466e4f1 100644
--- a/scripts/makepkg.sh.in
+++ b/scripts/makepkg.sh.in
@@ -79,6 +79,7 @@ PKGFUNC=0
PKGVERFUNC=0
PREPAREFUNC=0
REPKG=0
+REPRODUCIBLE=0
RMDEPS=0
SKIPCHECKSUMS=0
SKIPPGPCHECK=0
@@ -87,7 +88,12 @@ SPLITPKG=0
SOURCEONLY=0
VERIFYSOURCE=0
-export SOURCE_DATE_EPOCH=${SOURCE_DATE_EPOCH:-$(date +%s)}
+if [[ -n $SOURCE_DATE_EPOCH ]]; then
+ REPRODUCIBLE=1
+else
+ SOURCE_DATE_EPOCH=$(date +%s)
+fi
+export SOURCE_DATE_EPOCH
PACMAN_OPTS=()
@@ -1686,6 +1692,11 @@ if (( !REPKG )); then
if (( PREPAREFUNC )); then
run_prepare
fi
+ if (( REPRODUCIBLE )); then
+ # We have activated reproducible builds, so unify source times before
+ # building
+ find "$srcdir" -exec touch -h -d @$SOURCE_DATE_EPOCH {} +
+ fi
fi
if (( PKGVERFUNC )); then
--
2.14.1
More information about the pacman-dev
mailing list