From: venkata.pyla@toshiba-tsip.com
To: isar-users@googlegroups.com
Cc: venkata pyla <venkata.pyla@toshiba-tsip.com>,
jan.kiszka@siemens.com, henning.schild@siemens.com,
kazuhiro3.hayashi@toshiba.co.jp, dinesh.kumar@toshiba-tsip.com
Subject: [PATCH] image.bbclass: set file timestamps inside the rootfs and initramfs image
Date: Mon, 7 Nov 2022 13:55:03 +0530 [thread overview]
Message-ID: <20221107082503.14774-1-venkata.pyla@toshiba-tsip.com> (raw)
From: venkata pyla <venkata.pyla@toshiba-tsip.com>
As part of reproducible-build work, one of the problem chosen to solve
is the file time stamps inside rootfs and initramfs are not identical
between two builds.
With the help of reproducible-builds.org and their suggestions, the
above problem can be fixed using 'SOURCE_DATE_EPOCH' variable [2].
In case of rootfs file time-stamps, set all the files and folders that
are newer than 'SOURCE_DATE_EPOCH' and set it to same.
In case of initramfs, regenerate the initramfs image with
'SOURCE_DATE_EPOCH' variable set as the mkinitramfs script is already
taken care of creating reproducible initramfs image when the
variable is set in the environment[3].
The SOURCE_DATE_EPOCH variable should be set to the last modification of
the git repository as explained in the documentation[2].
e.g:
SOURCE_DATE_EPOCH=$(git log -1 --pretty=%ct)
To know more about the reproducible builds and its goals please refer [1].
[1] https://reproducible-builds.org/
[2] https://reproducible-builds.org/docs/source-date-epoch/
[3] https://manpages.debian.org/bullseye/initramfs-tools-core/mkinitramfs.8.en.html#ENVIRONMENT
Signed-off-by: venkata pyla <venkata.pyla@toshiba-tsip.com>
---
meta/classes/image.bbclass | 15 +++++++++++++++
1 file changed, 15 insertions(+)
diff --git a/meta/classes/image.bbclass b/meta/classes/image.bbclass
index ccff810..c1bb4fd 100644
--- a/meta/classes/image.bbclass
+++ b/meta/classes/image.bbclass
@@ -431,6 +431,21 @@ do_rootfs_finalize() {
"${ROOTFSDIR}/etc/apt/sources.list.d/bootstrap.list"
rm -f "${ROOTFSDIR}/etc/apt/sources-list"
+
+ # Recreate initramfs inorder to set timestamps to SOURCE_DATE_EPOCH
+ # inorder to make reproducible initramfs
+ test ! -z "${SOURCE_DATE_EPOCH}" && \
+ SOURCE_DATE_EPOCH=${SOURCE_DATE_EPOCH} chroot "${ROOTFSDIR}" \
+ update-initramfs -u -v
+
+ # Set timestamp to files inside the rootfs image inorder to make
+ # reproducible rootfs
+ test ! -z "${SOURCE_DATE_EPOCH}" && \
+ find ${ROOTFSDIR} -newermt \
+ "$(date -d@${SOURCE_DATE_EPOCH} '+%Y-%m-%d %H:%M:%S')" \
+ -printf "%y %p\n" \
+ -exec touch '{}' -h -d@${SOURCE_DATE_EPOCH} ';'
+
EOSUDO
}
addtask rootfs_finalize before do_rootfs after do_rootfs_postprocess
--
2.20.1
next reply other threads:[~2022-11-07 8:25 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-11-07 8:25 venkata.pyla [this message]
2022-11-07 8:50 ` Moessbauer, Felix
2022-11-09 6:56 ` Venkata.Pyla
2022-11-07 8:53 ` Henning Schild
2022-11-09 9:27 ` Venkata.Pyla
2022-11-10 7:12 ` Henning Schild
2022-11-20 7:53 ` [PATCH] scripts/repro-test.sh: script to test reproducibility of Isar image venkata.pyla
2022-11-22 7:28 ` Anton Mikanovich
2022-11-22 8:49 ` Venkata.Pyla
2022-12-19 14:41 ` [PATCH 0/2] Test for verifiying reproducible images venkata.pyla
2022-12-28 8:40 ` Anton Mikanovich
2023-01-02 6:24 ` [PATCH] repro-build-test.py: Fix date_epoch time contains byte character b'' venkata.pyla
2023-01-11 5:42 ` Uladzimir Bely
2022-12-19 14:41 ` [PATCH 1/2] cibuilder.py: Add source_date_epoch to build configuration venkata.pyla
2022-12-19 14:41 ` [PATCH 2/2] repro-build-test.py: Test to check images are reproducible venkata.pyla
2023-01-07 0:01 ` Henning Schild
2022-11-21 5:16 ` [PATCH] image.bbclass: set file timestamps inside the rootfs and initramfs image Venkata.Pyla
2022-11-10 9:52 ` Balasubramanian Sundaram
2022-11-10 10:03 ` Anton Mikanovich
2022-11-10 10:17 ` Balasubramanian Sundaram
2022-11-10 10:19 ` Balasubramanian Sundaram
2022-11-10 10:27 ` Anton Mikanovich
2022-11-10 10:51 ` Balasubramanian Sundaram
2022-11-10 16:30 ` Henning Schild
2022-11-10 17:05 ` Henning Schild
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20221107082503.14774-1-venkata.pyla@toshiba-tsip.com \
--to=venkata.pyla@toshiba-tsip.com \
--cc=dinesh.kumar@toshiba-tsip.com \
--cc=henning.schild@siemens.com \
--cc=isar-users@googlegroups.com \
--cc=jan.kiszka@siemens.com \
--cc=kazuhiro3.hayashi@toshiba.co.jp \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox