From mboxrd@z Thu Jan 1 00:00:00 1970 X-GM-THRID: 7186684334663794688 X-Received: by 2002:a17:90a:2d89:b0:21c:bc8b:b077 with SMTP id p9-20020a17090a2d8900b0021cbc8bb077mr5597847pjd.113.1673280340401; Mon, 09 Jan 2023 08:05:40 -0800 (PST) X-BeenThere: isar-users@googlegroups.com Received: by 2002:a17:90a:4d0a:b0:219:84d6:9802 with SMTP id c10-20020a17090a4d0a00b0021984d69802ls9578749pjg.3.-pod-canary-gmail; Mon, 09 Jan 2023 08:05:39 -0800 (PST) X-Google-Smtp-Source: AMrXdXvcV6P7OctR5BY0BMxFBdSvKJ4j4T8qybBIZB0Wa2a59dA2RN/aFkSCnAMIZpTkbhiKkwce X-Received: by 2002:a17:902:7c8a:b0:192:835d:c861 with SMTP id y10-20020a1709027c8a00b00192835dc861mr46288407pll.68.1673280339604; Mon, 09 Jan 2023 08:05:39 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1673280339; cv=none; d=google.com; s=arc-20160816; b=BMAh2D9aQZydl6ZfJV3R/hrUA/Hy4sdlhar817LjJNGJxO0gbGzy3+We+z/vGtoHLy i1+bHUa61MxE73HVNUACN8DaMFq6Kmwrj17sUjQpSnHQHASO4cmUkaWjvWVa2L7yf4ek owi4xSEWgOshenrkdtG2QKSCTd2sKfZYZMdZcUp8+IV+7EfKKjESK+XE5kR8bGWJUcmf kNnkQvS4Rbo6MJcuLfrt1vYKgfDyc02NgsOeUHH3lEoqL/L+DvX6w9O5B6pGQhUJyifW xgiLQ9fL6WpEVecE9YRyHhIc+G8U7ilW4C+bMIR8ug4Bx5VFKk7o11R41F8YaJpT+GXA o/zA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from; bh=vTXoYftK/VLF/Yq8s/N2kdcLVbD3mn5qe2lX0D+JQHo=; b=RirV+V6BkkxE0gY0M49su7aXPXTqnL5tBZGVYglHeGrLHYom7jd6DaRCBbqbRx129r K+ouDD1fXZuuzO+P5zz+r2K7RtRrJHG5vbtgF5I6MG/MBD5RGC9EwmaSN6lVamSdscQN FpVSFBF4+q82VzRt0pAiK4yHAp7UT39JBzfynDtAmiuCF7/Aq8VR4kD0rNZQ6jFmU8ee UtOW76kHJP89BFSC9zVFf9r89aYxspKc9YAVvW4Qy0a9zSVcQBUUwWe2ekg6ZZQp3hRU mQD3Ht1eYYgWyHMNO0gQeg2mEx0nMdi6D13ZpjHB7FTzo7J1/VCyIKPSpBYRHZ/qercz wuUg== ARC-Authentication-Results: i=1; gmr-mx.google.com; spf=pass (google.com: domain of venkata.pyla@toshiba-tsip.com designates 210.130.202.158 as permitted sender) smtp.mailfrom=venkata.pyla@toshiba-tsip.com Return-Path: Received: from mo-csw.securemx.jp (mo-csw1116.securemx.jp. [210.130.202.158]) by gmr-mx.google.com with ESMTPS id m3-20020a170902db0300b00188a88cc62fsi600487plx.12.2023.01.09.08.05.39 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 09 Jan 2023 08:05:39 -0800 (PST) Received-SPF: pass (google.com: domain of venkata.pyla@toshiba-tsip.com designates 210.130.202.158 as permitted sender) client-ip=210.130.202.158; Authentication-Results: gmr-mx.google.com; spf=pass (google.com: domain of venkata.pyla@toshiba-tsip.com designates 210.130.202.158 as permitted sender) smtp.mailfrom=venkata.pyla@toshiba-tsip.com Received: by mo-csw.securemx.jp (mx-mo-csw1116) id 309G5bbF021317; Tue, 10 Jan 2023 01:05:37 +0900 X-Iguazu-Qid: 2wGr5g72QFIOA7j8jo X-Iguazu-QSIG: v=2; s=0; t=1673280337; q=2wGr5g72QFIOA7j8jo; m=xYw5E6WH/XyikziDTjp/OmiYwpx5HMGHNHQey3R+u9M= Received: from imx12-a.toshiba.co.jp ([38.106.60.135]) by relay.securemx.jp (mx-mr1112) id 309G5apk017289 (version=TLSv1.2 cipher=AES128-GCM-SHA256 bits=128 verify=NOT); Tue, 10 Jan 2023 01:05:36 +0900 From: venkata.pyla@toshiba-tsip.com To: isar-users@googlegroups.com Cc: venkata pyla , amikan@ilbers.de, jan.kiszka@siemens.com, henning.schild@siemens.com, kazuhiro3.hayashi@toshiba.co.jp, dinesh.kumar@toshiba-tsip.com Subject: [PATCH v4 1/1] image.bbclass: fix non-reproducible file time-stamps inside rootfs Date: Mon, 9 Jan 2023 21:35:46 +0530 X-TSB-HOP2: ON Message-Id: <20230109160546.26339-2-venkata.pyla@toshiba-tsip.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20230109160546.26339-1-venkata.pyla@toshiba-tsip.com> References: <20230109160546.26339-1-venkata.pyla@toshiba-tsip.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-OriginalArrivalTime: 09 Jan 2023 16:05:32.0705 (UTC) FILETIME=[33A64110:01D92444] X-TUID: NoWbXe+N+ZSp From: venkata pyla As part of reproducible-build work, the rootfs images generated on same source should be identical between two builds. In this commit it tries to solve one of the non-reproducible problem i.e. the rootfs file time-stamps generated during build time are not reproducible, it uses one of the solution provided in the debian live-build image project (refer [1]), it fixes by finding all the files/folders that are gernerated newly and set the time-stamp provided by `SOURCE_DATE_EPOCH` environment variable. [1] https://salsa.debian.org/live-team/live-build/-/merge_requests/218 Signed-off-by: venkata pyla image.bbclass Signed-off-by: venkata pyla --- meta-isar/conf/local.conf.sample | 10 ++++++++++ meta/classes/image.bbclass | 10 ++++++++++ 2 files changed, 20 insertions(+) diff --git a/meta-isar/conf/local.conf.sample b/meta-isar/conf/local.conf.sample index 57d0620..3c4a473 100644 --- a/meta-isar/conf/local.conf.sample +++ b/meta-isar/conf/local.conf.sample @@ -255,3 +255,13 @@ USER_isar[flags] += "clear-text-password" #CCACHE_TOP_DIR ?= "${TMPDIR}/ccache" # Enable ccache debug mode #CCACHE_DEBUG = "1" + +# Uncommnet and add value to it to build images reproducibly +# +# The value for `SOURCE_DATE_EPOCH` should be latest source change time in +# seconds since the Epoch. +# Git repository users can use value from 'git log -1 --pretty=%ct' +# Non git repository users can use value from 'stat -c%Y ChangeLog' +# To know more details about this variable and how to set the value refer below +# https://reproducible-builds.org/docs/source-date-epoch/ +#SOURCE_DATE_EPOCH = diff --git a/meta/classes/image.bbclass b/meta/classes/image.bbclass index 813e1f3..38a8609 100644 --- a/meta/classes/image.bbclass +++ b/meta/classes/image.bbclass @@ -431,6 +431,16 @@ do_rootfs_finalize() { rm -f "${ROOTFSDIR}/etc/apt/sources-list" EOSUDO + + # Set same time-stamps to the newly generated file/folders in the + # rootfs image for the purpose of reproducible builds. + test ! -z "${SOURCE_DATE_EPOCH}" && \ + sudo find ${ROOTFSDIR} -newermt \ + "$(date -d@${SOURCE_DATE_EPOCH} '+%Y-%m-%d %H:%M:%S')" \ + -printf "%y %p\n" \ + -exec touch '{}' -h -d@${SOURCE_DATE_EPOCH} ';' > ${DEPLOY_DIR_IMAGE}/files.modified_timestamps && \ + bbwarn "$(grep ^f ${DEPLOY_DIR_IMAGE}/files.modified_timestamps) \nModified above file timestamps to build image reproducibly" + } addtask rootfs_finalize before do_rootfs after do_rootfs_postprocess -- 2.20.1