summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAlejandro del Castillo <alejandro.delcastillo@ni.com>2018-01-25 14:02:51 -0600
committerAlejandro del Castillo <alejandro.delcastillo@ni.com>2018-01-29 04:19:37 -0600
commit682f8c5e35b8854a9bb858b8ee1714d27e0c00db (patch)
tree98c3731cd3348611dd72784bd348f165b4e51c02
parentfcb26339000021eb9bb711aa264247aebcfdd4ae (diff)
downloadopkg-utils-682f8c5e35b8854a9bb858b8ee1714d27e0c00db.tar.gz
opkg-utils-682f8c5e35b8854a9bb858b8ee1714d27e0c00db.tar.bz2
opkg-utils-682f8c5e35b8854a9bb858b8ee1714d27e0c00db.zip
opkg-build: improve package reproducibility
Implements some of the recommendations by reproducible-build.org [1] - Set modification time to SOURCE_DATE_EPOCH env variable - Enable deterministic sorting of directory entries - Do not save timestamp on gzip compressed archive bugzilla #11242 [1] https://reproducible-builds.org/docs/archives/ Signed-off-by: Alejandro del Castillo <alejandro.delcastillo@ni.com>
-rwxr-xr-xopkg-build18
1 files changed, 15 insertions, 3 deletions
diff --git a/opkg-build b/opkg-build
index 0fe513a..7bfdd99 100755
--- a/opkg-build
+++ b/opkg-build
@@ -149,6 +149,7 @@ outer=ar
noclean=0
opkext=0
compressor=gzip
+compressorargs="-9n"
# Determine if tar supports the --format argument by checking the help output.
#
@@ -222,6 +223,15 @@ done
cext=$(compressor_ext $compressor)
+if [ $compressor = "gzip" ] ; then
+ # pgzip requires -T to avoid timestamps on the gzip archive
+ if gzip --help 2>&1 | grep -- "-T" > /dev/null; then
+ compressorargs="-9nT"
+ fi
+else
+ compressorargs=""
+fi
+
shift $(($OPTIND - 1))
# continue on to process additional arguments
@@ -267,9 +277,11 @@ fi
tmp_dir=$dest_dir/IPKG_BUILD.$$
mkdir $tmp_dir
+build_date="$(date --utc --date="@${SOURCE_DATE_EPOCH:-$(date +%s)}" +%Y-%m-%d)"
+
echo $CONTROL > $tmp_dir/tarX
-( cd $pkg_dir && tar $ogargs -X $tmp_dir/tarX -c --$compressor $tarformat -f $tmp_dir/data.tar.$cext . )
-( cd $pkg_dir/$CONTROL && tar $ogargs -cz $tarformat -f $tmp_dir/control.tar.gz . )
+( cd $pkg_dir && tar $ogargs --sort=name --mtime=$build_date -X $tmp_dir/tarX -c $tarformat . | $compressor $compressorargs > $tmp_dir/data.tar.$cext )
+( cd $pkg_dir/$CONTROL && tar $ogargs --sort=name --mtime=$build_date -c $tarformat . | gzip $compressorargs > $tmp_dir/control.tar.gz )
rm $tmp_dir/tarX
echo "2.0" > $tmp_dir/debian-binary
@@ -284,7 +296,7 @@ rm -f $pkg_file
if [ "$outer" = "ar" ] ; then
( cd $tmp_dir && ar -crf $pkg_file ./debian-binary ./control.tar.gz ./data.tar.$cext )
else
- ( cd $tmp_dir && tar -cz $tarformat -f $pkg_file ./debian-binary ./control.tar.gz ./data.tar.$cext )
+ ( cd $tmp_dir && tar -c --sort=name --mtime=$build_date $tarformat ./debian-binary ./control.tar.gz ./data.tar.$cext | gzip $compressorargs > $pkg_file )
fi
rm $tmp_dir/debian-binary $tmp_dir/data.tar.$cext $tmp_dir/control.tar.gz