From mboxrd@z Thu Jan 1 00:00:00 1970 X-GM-THRID: 7184069459095584768 X-Received: by 2002:a6b:6d05:0:b0:6c9:26fd:3de4 with SMTP id a5-20020a6b6d05000000b006c926fd3de4mr3727987iod.164.1672899544996; Wed, 04 Jan 2023 22:19:04 -0800 (PST) X-BeenThere: isar-users@googlegroups.com Received: by 2002:a92:c7c7:0:b0:305:c221:5e07 with SMTP id g7-20020a92c7c7000000b00305c2215e07ls2393901ilk.0.-pod-prod-gmail; Wed, 04 Jan 2023 22:19:04 -0800 (PST) X-Google-Smtp-Source: AMrXdXsCoSvXQxQQQcF2IFtG7xACqFepnq5KRfAnowItC4DNfRGEKjeglmhpJy5jh3roqPnR9Or7 X-Received: by 2002:a92:c748:0:b0:30b:f2a7:92c2 with SMTP id y8-20020a92c748000000b0030bf2a792c2mr27147830ilp.7.1672899544420; Wed, 04 Jan 2023 22:19:04 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1672899544; cv=none; d=google.com; s=arc-20160816; b=qtTdIe3Mcr7fGgnKhPxnlFWVURMYUtTzYzGLS93Er6D22ebKKePaNqGxdYaRj8YPSl 1EcH7muUWuI6kGg7D2B3oEVMoGte4vEf2fOk8k2O7RUZkDisqSwu6gic9QutpnlUYdeF /SY3auN+xBZYj38fCoGZSN4dWiHaAPJuv7hjABlXZk7Tko9vVDitMfnOZUxIviXBw3oY ODPw5rXqiQfTF4HJpmx0hb2AzVqtA3aWYDjo0enTS4yQAyuwHntVqiycEmyMzv+lbHm/ 7SzMfs3pJx22boh+qWs7lMWlA54WHEJHC2pvh9XUtz6efQJRjW+eKXRVaZnx+78WFOeH YJXw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from; bh=yL5iG7iItA8n4tun7JDcutls5VY3sAV9NLsLcsSqFpg=; b=Sg2YcfS74muNpzrXXd7OQ5xmcbs8aHACNelSAK0ypX/Fb6JoI1ufhZYsf2UK8rKxBL NAWxKDMhQotHHRBM1HAaqqt4fxCcazgHdy3X7NYDNh6NbpKIuzxLelryA8zhAeURgN6y yj0LwrljSAGvqDy7iWk9XIzWnVig0poDsBs0/mfBhcvYkCSbag8OeHVjNjQW+c6uryee oT+qtrhSzBUQE41SW0fnvq4h9WhMXKzy/s/K2zBG7AQkOmdPdtVs0xltpJv14fIyvaO4 WJHkbtmYL4j64i2ug5XlfHpuey0xGfIcNNCstjvKOA8GKt1Cf7CIE9ruEF4Npc0LXR5z oduA== ARC-Authentication-Results: i=1; gmr-mx.google.com; spf=pass (google.com: domain of venkata.pyla@toshiba-tsip.com designates 210.130.202.156 as permitted sender) smtp.mailfrom=venkata.pyla@toshiba-tsip.com Return-Path: Received: from mo-csw.securemx.jp (mo-csw1114.securemx.jp. [210.130.202.156]) by gmr-mx.google.com with ESMTPS id b3-20020a056e020c8300b00300ee6fc286si3638908ile.3.2023.01.04.22.19.03 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 04 Jan 2023 22:19:03 -0800 (PST) Received-SPF: pass (google.com: domain of venkata.pyla@toshiba-tsip.com designates 210.130.202.156 as permitted sender) client-ip=210.130.202.156; Authentication-Results: gmr-mx.google.com; spf=pass (google.com: domain of venkata.pyla@toshiba-tsip.com designates 210.130.202.156 as permitted sender) smtp.mailfrom=venkata.pyla@toshiba-tsip.com Received: by mo-csw.securemx.jp (mx-mo-csw1114) id 3056J101009732; Thu, 5 Jan 2023 15:19:02 +0900 X-Iguazu-Qid: 2wGqiQJF0gksTyQJrE X-Iguazu-QSIG: v=2; s=0; t=1672899541; q=2wGqiQJF0gksTyQJrE; m=mXhz1HCsbzqlsTaDMKKWsf9U0s4TYs29YOjaHNMk5yM= Received: from imx12-a.toshiba.co.jp ([38.106.60.135]) by relay.securemx.jp (mx-mr1110) id 3056J01h012411 (version=TLSv1.2 cipher=AES128-GCM-SHA256 bits=128 verify=NOT); Thu, 5 Jan 2023 15:19:01 +0900 From: venkata.pyla@toshiba-tsip.com To: isar-users@googlegroups.com Cc: venkata pyla , amikan@ilbers.de, jan.kiszka@siemens.com, henning.schild@siemens.com, kazuhiro3.hayashi@toshiba.co.jp, dinesh.kumar@toshiba-tsip.com Subject: [PATCH v2 1/1] image.bbclass: fix non-reproducible file time-stamps inside rootfs Date: Thu, 5 Jan 2023 11:48:57 +0530 X-TSB-HOP2: ON Message-Id: <20230105061857.14993-2-venkata.pyla@toshiba-tsip.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-OriginalArrivalTime: 05 Jan 2023 06:18:58.0999 (UTC) FILETIME=[98E9E470:01D920CD] X-TUID: K3inruwDi60f From: venkata pyla As part of reproducible-build work, the rootfs images generated on same source should be identical between two builds. In this commit it tries to solve one of the non-reproducible problem i.e. the rootfs file time-stamps generated during build time are not reproducible, it uses one of the solution provided in the debian live-build image project (refer [1]), it fixes by finding all the files/folders that are gernerated newly and set the time-stamp provided by `SOURCE_DATE_EPOCH` environment variable. [1] https://salsa.debian.org/live-team/live-build/-/merge_requests/218 Signed-off-by: venkata pyla --- meta-isar/conf/local.conf.sample | 10 ++++++++++ meta/classes/image.bbclass | 9 +++++++++ 2 files changed, 19 insertions(+) diff --git a/meta-isar/conf/local.conf.sample b/meta-isar/conf/local.conf.sample index 57d0620..3c4a473 100644 --- a/meta-isar/conf/local.conf.sample +++ b/meta-isar/conf/local.conf.sample @@ -255,3 +255,13 @@ USER_isar[flags] += "clear-text-password" #CCACHE_TOP_DIR ?= "${TMPDIR}/ccache" # Enable ccache debug mode #CCACHE_DEBUG = "1" + +# Uncommnet and add value to it to build images reproducibly +# +# The value for `SOURCE_DATE_EPOCH` should be latest source change time in +# seconds since the Epoch. +# Git repository users can use value from 'git log -1 --pretty=%ct' +# Non git repository users can use value from 'stat -c%Y ChangeLog' +# To know more details about this variable and how to set the value refer below +# https://reproducible-builds.org/docs/source-date-epoch/ +#SOURCE_DATE_EPOCH = diff --git a/meta/classes/image.bbclass b/meta/classes/image.bbclass index 813e1f3..38a9adf 100644 --- a/meta/classes/image.bbclass +++ b/meta/classes/image.bbclass @@ -430,6 +430,15 @@ do_rootfs_finalize() { "${ROOTFSDIR}/etc/apt/sources.list.d/bootstrap.list" rm -f "${ROOTFSDIR}/etc/apt/sources-list" + + # Set same time-stamps to the newly generated file/folders in the + # rootfs image for the purpose of reproducible builds. + test ! -z "${SOURCE_DATE_EPOCH}" && \ + find ${ROOTFSDIR} -newermt \ + "$(date -d@${SOURCE_DATE_EPOCH} '+%Y-%m-%d %H:%M:%S')" \ + -printf "%y %p\n" \ + -exec touch '{}' -h -d@${SOURCE_DATE_EPOCH} ';' > ${DEPLOY_DIR_IMAGE}/files.modified_timestamps + EOSUDO } addtask rootfs_finalize before do_rootfs after do_rootfs_postprocess -- 2.20.1