[pacman-dev] [PATCH v3] makepkg: record build information in .BUILDINFO

Allan McRae Sat, 05 Dec 2015 16:19:14 -0800

This information can be used to reproduce build conditions, which can then be
used to determine if a package builds reproducibly.


Signed-off-by: Allan McRae <[email protected]>
---

v3: Remove recording of environmental variables - that was a failure.

This should not be controversial now. It records:
 - buildpath
 - PKGBUILD hash
 - installed package list

The buildenv and options arrays are moved from .PKGINFO to .BUILDINFO


 scripts/makepkg.sh.in | 42 ++++++++++++++++++++++++++++--------------
 1 file changed, 28 insertions(+), 14 deletions(-)

diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in
index 43584c3..42ec297 100644
--- a/scripts/makepkg.sh.in
+++ b/scripts/makepkg.sh.in
@@ -223,7 +223,7 @@ run_pacman() {
        else
                cmd=("$PACMAN_PATH" "$@")
        fi
-       if [[ $1 != -@(T|Qq) ]]; then
+       if [[ $1 != -@(T|Qq|Q) ]]; then
                if type -p sudo >/dev/null; then
                        cmd=(sudo "${cmd[@]}")
                else
@@ -1147,19 +1147,23 @@ write_pkginfo() {
        [[ $optdepends ]]   && printf "optdepend = %s\n"   
"${optdepends[@]//+([[:space:]])/ }"
        [[ $makedepends ]]  && printf "makedepend = %s\n"  "${makedepends[@]}"
        [[ $checkdepends ]] && printf "checkdepend = %s\n" "${checkdepends[@]}"
+}
 
-       local it
-       for it in "${packaging_options[@]}"; do
-               check_option "$it" "y"
-               case $? in
-                       0)
-                               printf "makepkgopt = %s\n" "$it"
-                               ;;
-                       1)
-                               printf "makepkgopt = %s\n" "!$it"
-                               ;;
-               esac
-       done
+write_buildinfo() {
+       msg2 "$(gettext "Generating %s file...")" ".BUILDINFO"
+
+       printf "builddir = %s\n"  "${BUILDDIR}"
+
+       local sum="$(openssl dgst -sha256 "${BUILDFILE}")"
+       sum=${sum##* }
+
+       printf "pkgbuild_sha256sum = %s\n" $sum
+
+       printf "buildenv = %s\n" "${BUILDENV[@]}"
+       printf "options = %s\n" "${OPTIONS[@]}"
+
+       local pkglist=($(run_pacman -Q | sed "s# #-#"))
+       printf "installed = %s\n" "${pkglist[@]}"
 }
 
 create_package() {
@@ -1176,8 +1180,9 @@ create_package() {
 
        pkgarch=$(get_pkg_arch)
        write_pkginfo > .PKGINFO
+       write_buildinfo > .BUILDINFO
 
-       local comp_files=('.PKGINFO')
+       local comp_files=('.PKGINFO' '.BUILDINFO')
 
        # check for changelog/install files
        for i in 'changelog/.CHANGELOG' 'install/.INSTALL'; do
@@ -1962,6 +1967,15 @@ GPGKEY=${_GPGKEY:-$GPGKEY}
 PACKAGER=${_PACKAGER:-$PACKAGER}
 CARCH=${_CARCH:-$CARCH}
 
+# record initial build environment
+cppflags="$CPPFLAGS"
+cflags="$CFLAGS"
+cxxflags="$CXXFLAGS"
+ldflags="$LDFLAGS"
+debug_cflags="$DEBUG_CFLAGS"
+debug_cxxflags="$DEBUG_CXXFLAGS"
+
+
 if (( ! INFAKEROOT )); then
        if (( EUID == 0 )); then
                error "$(gettext "Running %s as root is not allowed as it can 
cause permanent,\n\
-- 
2.6.3

[pacman-dev] [PATCH v3] makepkg: record build information in .BUILDINFO

Reply via email to