From mboxrd@z Thu Jan 1 00:00:00 1970 X-GM-THRID: 7187242631035879424 X-Received: by 2002:a17:906:d213:b0:7c0:cf94:4dd6 with SMTP id w19-20020a170906d21300b007c0cf944dd6mr5867837ejz.95.1673503049804; Wed, 11 Jan 2023 21:57:29 -0800 (PST) X-BeenThere: isar-users@googlegroups.com Received: by 2002:a05:6402:520a:b0:43d:b3c4:cd21 with SMTP id s10-20020a056402520a00b0043db3c4cd21ls1044470edd.2.-pod-prod-gmail; Wed, 11 Jan 2023 21:57:28 -0800 (PST) X-Google-Smtp-Source: AMrXdXsNEwq0nCWuoq0azPe69Kh0wzIPNkPGUiAzcbi3TLA387WQe2TZNT2NazfpWlph8/gPCmSF X-Received: by 2002:a05:6402:4150:b0:47e:1b4a:5491 with SMTP id x16-20020a056402415000b0047e1b4a5491mr65069318eda.20.1673503048221; Wed, 11 Jan 2023 21:57:28 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1673503048; cv=none; d=google.com; s=arc-20160816; b=w7Ty1vHTeJIiwsLSeWXONQ12SRXpWkdb3tGStHuW4HlSoDtf9vBUv6vS6A9wpN4mCR au9Gm4G4AZqGe0CvTf99X8sHEgz7ed0lYPYycpBVZ9Y/XG1293ElsHr3XlUf+gg8D0Pk e5TVgztexzeajZ9ILYYqEAuK00fUkWN1e/8S57m1JRUwGkjjdgkOgbqSkJ0WiZaC0K9O pPJjh5pKlYpJJzRYZb9pOscSwLUCXJp44kWLs2+mWGwjI6cj4qJhgjMfH5ITg4XVD8fE ebnvQ0PQMT44NQncu7nLwoAljDuiU7+ojgY8EX7qiYw7D1hOAr/94w5zULM5y0WWOE1x NIVg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=feedback-id:content-transfer-encoding:mime-version:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature; bh=BmE5y3NfOOUq6V9WKA4U8QQNXSM6WbKuoa+l3CwoO0c=; b=sqeAlVe3F5DcG0k4onnX0kawSMkD15zGkpKwRC+lEnSLphnckD2qSo85NxbLMamp/b TZHLwdGHTv+OB/YZ+hD3gZCyK5Eq3BHzIaIt6ClyLucOX9n4dFCWISMUQ2trBUV7TB/4 O4SC2DEFU/yyP98DKyaqPqz/K7ABjFn5BRQ8LKi7TJnWqI9isMHGNaY8QYGf2thgLKoo LmyOp3dJYuNO9SrmYAzdYabWL1x2kiWDMTC8UH+ppxxu4xWVwKYaKLZ+hcm0nL7UHzbj EYlbTIJdRJfMAU3oP1yzbxETz33QzgKiYAgU47rBRJ9OvAxYJqqF8d9yAjBMy6Zv1zwK 9f6Q== ARC-Authentication-Results: i=1; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=fm1 header.b=nxinDjbO; spf=pass (google.com: domain of fm-72506-202301120557276cc474b9ed80ac11b1-skximc@rts-flowmailer.siemens.com designates 185.136.64.228 as permitted sender) smtp.mailfrom=fm-72506-202301120557276cc474b9ed80ac11b1-SKximc@rts-flowmailer.siemens.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com Return-Path: Received: from mta-64-228.siemens.flowmailer.net (mta-64-228.siemens.flowmailer.net. [185.136.64.228]) by gmr-mx.google.com with ESMTPS id u6-20020aa7d0c6000000b0046920d68fe2si743167edo.4.2023.01.11.21.57.28 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 11 Jan 2023 21:57:28 -0800 (PST) Received-SPF: pass (google.com: domain of fm-72506-202301120557276cc474b9ed80ac11b1-skximc@rts-flowmailer.siemens.com designates 185.136.64.228 as permitted sender) client-ip=185.136.64.228; Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=fm1 header.b=nxinDjbO; spf=pass (google.com: domain of fm-72506-202301120557276cc474b9ed80ac11b1-skximc@rts-flowmailer.siemens.com designates 185.136.64.228 as permitted sender) smtp.mailfrom=fm-72506-202301120557276cc474b9ed80ac11b1-SKximc@rts-flowmailer.siemens.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com Received: by mta-64-228.siemens.flowmailer.net with ESMTPSA id 202301120557276cc474b9ed80ac11b1 for ; Thu, 12 Jan 2023 06:57:27 +0100 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; s=fm1; d=siemens.com; i=felix.moessbauer@siemens.com; h=Date:From:Subject:To:Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding:Cc:References:In-Reply-To; bh=BmE5y3NfOOUq6V9WKA4U8QQNXSM6WbKuoa+l3CwoO0c=; b=nxinDjbOcZrUbgf2cKwd48pq4O+6b4LBgYmUYAVfMCA3BU9TvOs6Mh6B6Mg6Wz3RIIW8ZU qQSNVWpbWKHCKaXnPtCvAlDEh+ZMX2jXv6Aa0P8++TrDehftdxGOtAUMArLUa/Jf3vSzeAS2 ksVwCozgucGxfuh2XLGXzUfbeTByc=; From: Felix Moessbauer To: isar-users@googlegroups.com Cc: jan.kiszka@siemens.com, daniel.bovensiepen@siemens.com, henning.schild@siemens.com, venkata.pyla@toshiba-tsip.com, Felix Moessbauer Subject: [PATCH v2 06/10] update debian initramfs in deterministic mode Date: Thu, 12 Jan 2023 05:56:15 +0000 Message-Id: <20230112055619.843445-7-felix.moessbauer@siemens.com> In-Reply-To: <20230112055619.843445-1-felix.moessbauer@siemens.com> References: <20230112055619.843445-1-felix.moessbauer@siemens.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Flowmailer-Platform: Siemens Feedback-ID: 519:519-72506:519-21489:flowmailer X-TUID: vb99SgVNkiX1 This patch exports the SOURCE_DATE_EPOCH variable in the image install task. By that, update-initramfs is switched into reproducible mode. Before this patch, each trigger of update-initramfs created a new non-deterministic version of the initramfs. Signed-off-by: Felix Moessbauer --- meta/classes/image.bbclass | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/meta/classes/image.bbclass b/meta/classes/image.bbclass index b86a428..063b9a3 100644 --- a/meta/classes/image.bbclass +++ b/meta/classes/image.bbclass @@ -304,6 +304,17 @@ python() { } +# make generation of initramfs reproducible +# note: this function is shared across multiple rootfs, but we only want to make the +# image rootfs reproducible. Otherwise changes of SOURCE_DATE_EPOCH would +# invalidate the SSTATE entries for most packages, even if they don't use the +# global SOURCE_DATE_EPOCH variable. +rootfs_install_pkgs_install_prepend() { + if [ ! -z "${SOURCE_DATE_EPOCH}" ]; then + export SOURCE_DATE_EPOCH="${SOURCE_DATE_EPOCH}" + fi +} + # here we call a command that should describe your whole build system, # this could be "git describe" or something similar. # set ISAR_RELEASE_CMD to customize, or override do_mark_rootfs to do something -- 2.34.1