From mboxrd@z Thu Jan 1 00:00:00 1970 X-GM-THRID: 7187242631035879424 X-Received: by 2002:a05:600c:c0e:b0:3da:f2b:d797 with SMTP id fm14-20020a05600c0c0e00b003da0f2bd797mr199505wmb.154.1673503017364; Wed, 11 Jan 2023 21:56:57 -0800 (PST) X-BeenThere: isar-users@googlegroups.com Received: by 2002:a05:600c:6007:b0:3d1:be63:3b63 with SMTP id az7-20020a05600c600700b003d1be633b63ls1723956wmb.1.-pod-canary-gmail; Wed, 11 Jan 2023 21:56:56 -0800 (PST) X-Google-Smtp-Source: AMrXdXs5GVemy+3yg6CBMWdVE/QzxTU4FCZrmbJndK5r+1CtvkxDvLIWRUf7vG13/FGeKHF5XN1t X-Received: by 2002:a05:600c:1c11:b0:3d0:a531:5413 with SMTP id j17-20020a05600c1c1100b003d0a5315413mr53296538wms.34.1673503015947; Wed, 11 Jan 2023 21:56:55 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1673503015; cv=none; d=google.com; s=arc-20160816; b=NXVE3/f1tYDk+aLn1xkq/LM7C0R2T6IBEezfV4fMhlj8BPtoyNfi0lvVvdjCm5+an4 zHuDGUuaweSXwDmV8KYMtA3xN0lFZk4BxQcmB54ISZhA4LxxBtiXeBbiVawOUIJ3NRa3 8T8r4mpGeU3lbwSXTqwfA5X7stq0gzPKyASvyQF3cqhszn1ZRk9a34+hHOL5Qen0WJNX OmiEJ+Qp4V6bczIN5IwCRBKiHr3hajQtE9cn1oOZRSwdy4SEdUsLKbVfZzGiv2/OL42X b0NToEAcd7rAPnfrqdYZOhyi1tAjEpi0Rty7dXOocNWRkmZQafXsPnMF2W4TpFg48sbz L78w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=feedback-id:content-transfer-encoding:mime-version:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature; bh=fALXE/e2B891I3p8hDWcmJa/hJtmqFMPP53JmD1F6dc=; b=UWbCCsKbGaqSbYEckRHiaL8APHGE7s0v+OwSbySAaertfFsVBSqn69h8j8wiUjmZ5W TbeHma6/voJUmPIm2qmfWClBUtu3aRsqjmX9f73uiFioOp49sKHlkNhBvOj0odPkWfq4 WfLHTqVnvi14uPaFUWZFwX+MOuL7lirlb7LazeEG05GDZpg0hglnCOiRu0ERL1upCt0W L0DDXiINU3PJpJWwz1jxbLPn1RfLKzJ9MmuK/fmNHOmxI3Y8PsdiSbjZcly794JC8+wJ 3JfGyv1lSkiHx2N3ne6Z4A/BTv3fgrpw3YUk3nroY3Hl0iOpnrRDRY3LSyelQbv4ordS rbwg== ARC-Authentication-Results: i=1; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=fm1 header.b=ZX3LFr8A; spf=pass (google.com: domain of fm-72506-20230112055655eac3e987a5354c06e7-za6wun@rts-flowmailer.siemens.com designates 185.136.65.227 as permitted sender) smtp.mailfrom=fm-72506-20230112055655eac3e987a5354c06e7-zA6WUn@rts-flowmailer.siemens.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com Return-Path: Received: from mta-65-227.siemens.flowmailer.net (mta-65-227.siemens.flowmailer.net. [185.136.65.227]) by gmr-mx.google.com with ESMTPS id i17-20020a05600c355100b003d9c716fa3csi315426wmq.1.2023.01.11.21.56.55 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 11 Jan 2023 21:56:55 -0800 (PST) Received-SPF: pass (google.com: domain of fm-72506-20230112055655eac3e987a5354c06e7-za6wun@rts-flowmailer.siemens.com designates 185.136.65.227 as permitted sender) client-ip=185.136.65.227; Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=fm1 header.b=ZX3LFr8A; spf=pass (google.com: domain of fm-72506-20230112055655eac3e987a5354c06e7-za6wun@rts-flowmailer.siemens.com designates 185.136.65.227 as permitted sender) smtp.mailfrom=fm-72506-20230112055655eac3e987a5354c06e7-zA6WUn@rts-flowmailer.siemens.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com Received: by mta-65-227.siemens.flowmailer.net with ESMTPSA id 20230112055655eac3e987a5354c06e7 for ; Thu, 12 Jan 2023 06:56:55 +0100 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; s=fm1; d=siemens.com; i=felix.moessbauer@siemens.com; h=Date:From:Subject:To:Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding:Cc:References:In-Reply-To; bh=fALXE/e2B891I3p8hDWcmJa/hJtmqFMPP53JmD1F6dc=; b=ZX3LFr8AR8ujTQY9wH+Yund95vjZXOLwMqnTeLygdeIrIT2zTwsvyEOBfPShAqzlkHLOUv LvZOdxsnA93aWx2s8vNjQcebboIhxDy1rJpKUT0BBxRl01nY+ZFAbHfrKIUuj5ve0ADArctH KVg4Mm3vER4UnskMS3oPf3vSaVEGQ=; From: Felix Moessbauer To: isar-users@googlegroups.com Cc: jan.kiszka@siemens.com, daniel.bovensiepen@siemens.com, henning.schild@siemens.com, venkata.pyla@toshiba-tsip.com, Felix Moessbauer Subject: [PATCH v2 02/10] image.bbclass: fix non-reproducible file time-stamps inside rootfs Date: Thu, 12 Jan 2023 05:56:11 +0000 Message-Id: <20230112055619.843445-3-felix.moessbauer@siemens.com> In-Reply-To: <20230112055619.843445-1-felix.moessbauer@siemens.com> References: <20230112055619.843445-1-felix.moessbauer@siemens.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Flowmailer-Platform: Siemens Feedback-ID: 519:519-72506:519-21489:flowmailer X-TUID: V+SC7yuqt9Cg From: venkata pyla As part of reproducible-build work, the rootfs images generated on same source should be identical between two builds. In this commit it tries to solve one of the non-reproducible problem i.e. the rootfs file time-stamps generated during build time are not reproducible, it uses one of the solution provided in the debian live-build image project (refer [1]), it fixes by finding all the files/folders that are gernerated newly and set the time-stamp provided by `SOURCE_DATE_EPOCH` environment variable. [1] https://salsa.debian.org/live-team/live-build/-/merge_requests/218 Acked-by: Felix Moessbauer Signed-off-by: venkata pyla --- meta-isar/conf/local.conf.sample | 10 ++++++++++ meta/classes/image.bbclass | 10 ++++++++++ 2 files changed, 20 insertions(+) diff --git a/meta-isar/conf/local.conf.sample b/meta-isar/conf/local.conf.sample index e1cd66e..6208623 100644 --- a/meta-isar/conf/local.conf.sample +++ b/meta-isar/conf/local.conf.sample @@ -248,3 +248,13 @@ USER_isar[flags] += "clear-text-password" #CCACHE_TOP_DIR ?= "${TMPDIR}/ccache" # Enable ccache debug mode #CCACHE_DEBUG = "1" + +# Uncommnet and add value to it to build images reproducibly +# +# The value for `SOURCE_DATE_EPOCH` should be latest source change time in +# seconds since the Epoch. +# Git repository users can use value from 'git log -1 --pretty=%ct' +# Non git repository users can use value from 'stat -c%Y ChangeLog' +# To know more details about this variable and how to set the value refer below +# https://reproducible-builds.org/docs/source-date-epoch/ +#SOURCE_DATE_EPOCH = diff --git a/meta/classes/image.bbclass b/meta/classes/image.bbclass index 6f0607e..519a2e5 100644 --- a/meta/classes/image.bbclass +++ b/meta/classes/image.bbclass @@ -429,6 +429,16 @@ do_rootfs_finalize() { rm -f "${ROOTFSDIR}/etc/apt/sources-list" EOSUDO + + # Set same time-stamps to the newly generated file/folders in the + # rootfs image for the purpose of reproducible builds. + test ! -z "${SOURCE_DATE_EPOCH}" && \ + sudo find ${ROOTFSDIR} -newermt \ + "$(date -d@${SOURCE_DATE_EPOCH} '+%Y-%m-%d %H:%M:%S')" \ + -printf "%y %p\n" \ + -exec touch '{}' -h -d@${SOURCE_DATE_EPOCH} ';' > ${DEPLOY_DIR_IMAGE}/files.modified_timestamps && \ + bbwarn "$(grep ^f ${DEPLOY_DIR_IMAGE}/files.modified_timestamps) \nModified above file timestamps to build image reproducibly" + } addtask rootfs_finalize before do_rootfs after do_rootfs_postprocess -- 2.34.1