If SOURCE_DATE_EPOCH is set, `touch` all source files before running
build() to fix the modification times. This works around build systems
and compilers that embed the file modification times into the file
contents of release artifacts.
Signed-off-by: Eli Schwartz <eschwart...@gmail.com>
---
Guarded by checking for the variable, because this stomps all over
incremental builds.
I prefer looking for SOURCE_DATE_EPOCH in the environment because less
bloat IMHO, but perhaps this would be preferable as a makepkg flag or
makepkg.conf option?
Is there anything else that needs to be done to force reproducible
builds, other than merely setting SOURCE_DATE_EPOCH which should be
harmless as a global thing?
scripts/makepkg.sh.in | 15 ++++++++++++++-
1 file changed, 14 insertions(+), 1 deletion(-)
diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in
index 20e9dd7e..fb1d40a9 100644
--- a/scripts/makepkg.sh.in
+++ b/scripts/makepkg.sh.in
@@ -79,15 +79,22 @@ PKGFUNC=0
PKGVERFUNC=0
PREPAREFUNC=0
REPKG=0
+REPRODUCIBLE=0
RMDEPS=0
SKIPCHECKSUMS=0
SKIPPGPCHECK=0
SIGNPKG=''
SPLITPKG=0
SOURCEONLY=0
+
VERIFYSOURCE=0
-export SOURCE_DATE_EPOCH=${SOURCE_DATE_EPOCH:-$(date +%s)}
+if [[ -n $SOURCE_DATE_EPOCH ]]; then
+ REPRODUCIBLE=1
+else
+ SOURCE_DATE_EPOCH=$(date +%s)
+fi
+export SOURCE_DATE_EPOCH
PACMAN_OPTS=()
@@ -475,6 +482,12 @@ run_prepare() {
}
run_build() {
+ if (( REPRODUCIBLE )); then
+ # We have activated reproducible builds, so unify source times
before
+ # building
+ find "$srcdir" -exec touch -h -d @$SOURCE_DATE_EPOCH {} +
+ fi
+
run_function_safe "build"
}
--
2.13.2
