1 |
From: "Robin H. Johnson" <robbat2@g.o> |
2 |
|
3 |
Try to generate reproducible tarballs by excluding anything that might |
4 |
be an artifact of the checkout: |
5 |
- local ownership of files |
6 |
- local mtime of files |
7 |
- file ordering in tarball |
8 |
|
9 |
Signed-off-by: Robin H. Johnson <robbat2@g.o> |
10 |
--- |
11 |
scripts/gpdorelease | 33 ++++++++++++++++++++++++++------- |
12 |
1 file changed, 26 insertions(+), 7 deletions(-) |
13 |
|
14 |
diff --git a/scripts/gpdorelease b/scripts/gpdorelease |
15 |
index bec5650..f8eb374 100755 |
16 |
--- a/scripts/gpdorelease |
17 |
+++ b/scripts/gpdorelease |
18 |
@@ -84,25 +84,44 @@ file_base="/tmp/${TARBALL_BASENAME}-$newfullver.base.tar.xz" |
19 |
file_extras="/tmp/${TARBALL_BASENAME}-$newfullver.extras.tar.xz" |
20 |
file_experimental="/tmp/${TARBALL_BASENAME}-$newfullver.experimental.tar.xz" |
21 |
|
22 |
+#tag release |
23 |
+echo "Tagging with ${newfullver}" |
24 |
+git -C ${LOCAL_PATCHES_TRUNK} tag ${newfullver} || exit 1 |
25 |
+ |
26 |
# build tarballs |
27 |
echo "Creating tarballs in /tmp..." |
28 |
|
29 |
+# Try very hard to ensure repeated generated of tarballs on different systems |
30 |
+# produces the same results. |
31 |
+# - the order of files inside the tarball should be alphabetic (rather than |
32 |
+# disk or inode) |
33 |
+# - the owner/group of files inside the tarball should be root/root |
34 |
+# - the mtime of files inside the tarball should match the mtime of the commit |
35 |
+# at HEAD of the tag. |
36 |
+# -- this might NOT be the mtime of the tag! |
37 |
+_mtime=$(git -C "${LOCAL_PATCHES_TRUNK}" log -1 --format=@%ct "${newfullver}") |
38 |
+TAR_CMD=( |
39 |
+ tar |
40 |
+ --group=root:0 |
41 |
+ --owner=root:0 |
42 |
+ --sort=name |
43 |
+ --mtime="$_mtime" |
44 |
+ --xz |
45 |
+ -cvf |
46 |
+) |
47 |
+ |
48 |
if [[ "${WE_WANT}" == *"base"* ]] ; then |
49 |
- [ -n "$(find ./[012]* 2>/dev/null)" ] && tar -cvJf ${file_base} ./[012]* |
50 |
+ [ -n "$(find ./[012]* 2>/dev/null)" ] && "${TAR_CMD[@]}" ${file_base} ./[012]* |
51 |
fi |
52 |
|
53 |
if [[ "${WE_WANT}" == *"extras"* ]] ; then |
54 |
- [ -n "$(find ./[34]* 2>/dev/null)" ] && tar -cvJf ${file_extras} ./[34]* |
55 |
+ [ -n "$(find ./[34]* 2>/dev/null)" ] && "${TAR_CMD[@]}" ${file_extras} ./[34]* |
56 |
fi |
57 |
|
58 |
if [[ "${WE_WANT}" == *"experimental"* ]] ; then |
59 |
- [ -n "$(find ./50* 2>/dev/null)" ] && tar -cvJf ${file_experimental} ./50* |
60 |
+ [ -n "$(find ./50* 2>/dev/null)" ] && "${TAR_CMD[@]}" ${file_experimental} ./50* |
61 |
fi |
62 |
|
63 |
-#tag release |
64 |
-echo "Tagging with ${newfullver}" |
65 |
-git -C ${LOCAL_PATCHES_TRUNK} tag ${newfullver} |
66 |
- |
67 |
#push tag |
68 |
echo "Pushing tag ${newfullver}" |
69 |
git push --tags -u origin ${BRANCH} |
70 |
-- |
71 |
2.18.0 |