From mboxrd@z Thu Jan 1 00:00:00 1970 X-GM-THRID: 7187242631035879424 X-Received: by 2002:a2e:bc85:0:b0:287:36e0:9a2f with SMTP id h5-20020a2ebc85000000b0028736e09a2fmr237362ljf.269.1673410333342; Tue, 10 Jan 2023 20:12:13 -0800 (PST) X-BeenThere: isar-users@googlegroups.com Received: by 2002:a05:6512:1182:b0:4b5:3cdf:5a65 with SMTP id g2-20020a056512118200b004b53cdf5a65ls5013057lfr.2.-pod-prod-gmail; Tue, 10 Jan 2023 20:12:11 -0800 (PST) X-Google-Smtp-Source: AMrXdXuLKqazzLAWAri2Jk9EeY0aUsDnDDWpSPxtLvq1qQKdaYUbpPI/T5D+8c0OoleNub1O3JDP X-Received: by 2002:a05:6512:2526:b0:4a4:68b9:66e1 with SMTP id be38-20020a056512252600b004a468b966e1mr17596948lfb.44.1673410331723; Tue, 10 Jan 2023 20:12:11 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1673410331; cv=none; d=google.com; s=arc-20160816; b=TMdbEUWwRMdIZ7abq90BF/Kr9qr8QPOpT22mrrCBwxXEAJjdcQsHWMPX1I8G7AlEKf 6CqFixNVP3naEyB2lamamDboTQZLMHXou8j+lbanBb9bKexLEwpoTYToYp+xBjG5Itza K6r8X8n1z3BWYZTtq9pLVK54GkqRWJSTs3PM6pWetYWuvI6vWMUWOHohTjPhbcWqXlnH iS2kz9R2Imd8NTTJCsQrUPiKgoLPTJFBkmDiZuBJKHdTxopRLhPniLcwyzfFD08hpWcA CbWLlnw4GQD1wRUiDswrsh5P2P5Je3/41JNvoEG9QYV5wayccWVAGF53tC77FgBEYesL 5DVQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=feedback-id:content-transfer-encoding:mime-version:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature; bh=fALXE/e2B891I3p8hDWcmJa/hJtmqFMPP53JmD1F6dc=; b=lfC1lqEqXN6jegPZCIla0NGVA5o7sVrL5ZaTDHjJsIk8HApAaZgMHC7yINEZQqfFYE nKUlWzNU3QY1WK45SQTsVSUA5Dl/jdVRrtaTPzTa2p5ejx8nDZ0cZ9d9b0Yg6QQIetMy 49amsovuXZr71m3dtcSwrNHqGUCVL+ZjC42tjd8BBSJrLRamhYuykk/5l792U0mibYwq rUSZhX9ikjLvF23Be4KM8z1FQYiV8xg7XuyUSfZCSazi+zHvhE/c4riHVUutpOH0m9mB BvIKGfD9tbJQj5YNyhGc+8bsIYTkf3jMuKqjnNzZ8nJdeX/cFITuv3ozOl/UPEqYmdQO bheA== ARC-Authentication-Results: i=1; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=fm1 header.b=A7+FnnH+; spf=pass (google.com: domain of fm-72506-2023011104121048cdaf8aceebec5953-_occhv@rts-flowmailer.siemens.com designates 185.136.65.226 as permitted sender) smtp.mailfrom=fm-72506-2023011104121048cdaf8aceebec5953-_OCcHv@rts-flowmailer.siemens.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com Return-Path: Received: from mta-65-226.siemens.flowmailer.net (mta-65-226.siemens.flowmailer.net. [185.136.65.226]) by gmr-mx.google.com with ESMTPS id s4-20020a056512202400b004abdb5d1128si475982lfs.2.2023.01.10.20.12.11 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 10 Jan 2023 20:12:11 -0800 (PST) Received-SPF: pass (google.com: domain of fm-72506-2023011104121048cdaf8aceebec5953-_occhv@rts-flowmailer.siemens.com designates 185.136.65.226 as permitted sender) client-ip=185.136.65.226; Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=fm1 header.b=A7+FnnH+; spf=pass (google.com: domain of fm-72506-2023011104121048cdaf8aceebec5953-_occhv@rts-flowmailer.siemens.com designates 185.136.65.226 as permitted sender) smtp.mailfrom=fm-72506-2023011104121048cdaf8aceebec5953-_OCcHv@rts-flowmailer.siemens.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com Received: by mta-65-226.siemens.flowmailer.net with ESMTPSA id 2023011104121048cdaf8aceebec5953 for ; Wed, 11 Jan 2023 05:12:10 +0100 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; s=fm1; d=siemens.com; i=felix.moessbauer@siemens.com; h=Date:From:Subject:To:Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding:Cc:References:In-Reply-To; bh=fALXE/e2B891I3p8hDWcmJa/hJtmqFMPP53JmD1F6dc=; b=A7+FnnH+0zmUxdvfoPiDB9OB4bh0j4uy6F44Rg+VB6y6AY8bHbBRjUYqrbuciXkHQcRbxT xyUqZuBxotQJG9i6vJvyMLfDUQKpAx4jNBIKobGGtCu6cjfU4rhAD8tuSepq1i6T3PRISDC6 ZEXjdd0rS1yyTDepHy2jFLfglGY34=; From: Felix Moessbauer To: isar-users@googlegroups.com Cc: jan.kiszka@siemens.com, daniel.bovensiepen@siemens.com, henning.schild@siemens.com, venkata.pyla@toshiba-tsip.com, Felix Moessbauer Subject: [PATCH 02/11] image.bbclass: fix non-reproducible file time-stamps inside rootfs Date: Wed, 11 Jan 2023 04:11:31 +0000 Message-Id: <20230111041140.3460393-3-felix.moessbauer@siemens.com> In-Reply-To: <20230111041140.3460393-1-felix.moessbauer@siemens.com> References: <20230111041140.3460393-1-felix.moessbauer@siemens.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Flowmailer-Platform: Siemens Feedback-ID: 519:519-72506:519-21489:flowmailer X-TUID: WgiYggd62B8v From: venkata pyla As part of reproducible-build work, the rootfs images generated on same source should be identical between two builds. In this commit it tries to solve one of the non-reproducible problem i.e. the rootfs file time-stamps generated during build time are not reproducible, it uses one of the solution provided in the debian live-build image project (refer [1]), it fixes by finding all the files/folders that are gernerated newly and set the time-stamp provided by `SOURCE_DATE_EPOCH` environment variable. [1] https://salsa.debian.org/live-team/live-build/-/merge_requests/218 Acked-by: Felix Moessbauer Signed-off-by: venkata pyla --- meta-isar/conf/local.conf.sample | 10 ++++++++++ meta/classes/image.bbclass | 10 ++++++++++ 2 files changed, 20 insertions(+) diff --git a/meta-isar/conf/local.conf.sample b/meta-isar/conf/local.conf.sample index e1cd66e..6208623 100644 --- a/meta-isar/conf/local.conf.sample +++ b/meta-isar/conf/local.conf.sample @@ -248,3 +248,13 @@ USER_isar[flags] += "clear-text-password" #CCACHE_TOP_DIR ?= "${TMPDIR}/ccache" # Enable ccache debug mode #CCACHE_DEBUG = "1" + +# Uncommnet and add value to it to build images reproducibly +# +# The value for `SOURCE_DATE_EPOCH` should be latest source change time in +# seconds since the Epoch. +# Git repository users can use value from 'git log -1 --pretty=%ct' +# Non git repository users can use value from 'stat -c%Y ChangeLog' +# To know more details about this variable and how to set the value refer below +# https://reproducible-builds.org/docs/source-date-epoch/ +#SOURCE_DATE_EPOCH = diff --git a/meta/classes/image.bbclass b/meta/classes/image.bbclass index 6f0607e..519a2e5 100644 --- a/meta/classes/image.bbclass +++ b/meta/classes/image.bbclass @@ -429,6 +429,16 @@ do_rootfs_finalize() { rm -f "${ROOTFSDIR}/etc/apt/sources-list" EOSUDO + + # Set same time-stamps to the newly generated file/folders in the + # rootfs image for the purpose of reproducible builds. + test ! -z "${SOURCE_DATE_EPOCH}" && \ + sudo find ${ROOTFSDIR} -newermt \ + "$(date -d@${SOURCE_DATE_EPOCH} '+%Y-%m-%d %H:%M:%S')" \ + -printf "%y %p\n" \ + -exec touch '{}' -h -d@${SOURCE_DATE_EPOCH} ';' > ${DEPLOY_DIR_IMAGE}/files.modified_timestamps && \ + bbwarn "$(grep ^f ${DEPLOY_DIR_IMAGE}/files.modified_timestamps) \nModified above file timestamps to build image reproducibly" + } addtask rootfs_finalize before do_rootfs after do_rootfs_postprocess -- 2.34.1