| 1 |
From: "Robin H. Johnson" <robbat2@g.o> |
| 2 |
|
| 3 |
Try to generate reproducible tarballs by excluding anything that might |
| 4 |
be an artifact of the checkout: |
| 5 |
- local ownership of files |
| 6 |
- local mtime of files |
| 7 |
- file ordering in tarball |
| 8 |
|
| 9 |
Signed-off-by: Robin H. Johnson <robbat2@g.o> |
| 10 |
--- |
| 11 |
scripts/gpdorelease | 33 ++++++++++++++++++++++++++------- |
| 12 |
1 file changed, 26 insertions(+), 7 deletions(-) |
| 13 |
|
| 14 |
diff --git a/scripts/gpdorelease b/scripts/gpdorelease |
| 15 |
index bec5650..f8eb374 100755 |
| 16 |
--- a/scripts/gpdorelease |
| 17 |
+++ b/scripts/gpdorelease |
| 18 |
@@ -84,25 +84,44 @@ file_base="/tmp/${TARBALL_BASENAME}-$newfullver.base.tar.xz" |
| 19 |
file_extras="/tmp/${TARBALL_BASENAME}-$newfullver.extras.tar.xz" |
| 20 |
file_experimental="/tmp/${TARBALL_BASENAME}-$newfullver.experimental.tar.xz" |
| 21 |
|
| 22 |
+#tag release |
| 23 |
+echo "Tagging with ${newfullver}" |
| 24 |
+git -C ${LOCAL_PATCHES_TRUNK} tag ${newfullver} || exit 1 |
| 25 |
+ |
| 26 |
# build tarballs |
| 27 |
echo "Creating tarballs in /tmp..." |
| 28 |
|
| 29 |
+# Try very hard to ensure repeated generated of tarballs on different systems |
| 30 |
+# produces the same results. |
| 31 |
+# - the order of files inside the tarball should be alphabetic (rather than |
| 32 |
+# disk or inode) |
| 33 |
+# - the owner/group of files inside the tarball should be root/root |
| 34 |
+# - the mtime of files inside the tarball should match the mtime of the commit |
| 35 |
+# at HEAD of the tag. |
| 36 |
+# -- this might NOT be the mtime of the tag! |
| 37 |
+_mtime=$(git -C "${LOCAL_PATCHES_TRUNK}" log -1 --format=@%ct "${newfullver}") |
| 38 |
+TAR_CMD=( |
| 39 |
+ tar |
| 40 |
+ --group=root:0 |
| 41 |
+ --owner=root:0 |
| 42 |
+ --sort=name |
| 43 |
+ --mtime="$_mtime" |
| 44 |
+ --xz |
| 45 |
+ -cvf |
| 46 |
+) |
| 47 |
+ |
| 48 |
if [[ "${WE_WANT}" == *"base"* ]] ; then |
| 49 |
- [ -n "$(find ./[012]* 2>/dev/null)" ] && tar -cvJf ${file_base} ./[012]* |
| 50 |
+ [ -n "$(find ./[012]* 2>/dev/null)" ] && "${TAR_CMD[@]}" ${file_base} ./[012]* |
| 51 |
fi |
| 52 |
|
| 53 |
if [[ "${WE_WANT}" == *"extras"* ]] ; then |
| 54 |
- [ -n "$(find ./[34]* 2>/dev/null)" ] && tar -cvJf ${file_extras} ./[34]* |
| 55 |
+ [ -n "$(find ./[34]* 2>/dev/null)" ] && "${TAR_CMD[@]}" ${file_extras} ./[34]* |
| 56 |
fi |
| 57 |
|
| 58 |
if [[ "${WE_WANT}" == *"experimental"* ]] ; then |
| 59 |
- [ -n "$(find ./50* 2>/dev/null)" ] && tar -cvJf ${file_experimental} ./50* |
| 60 |
+ [ -n "$(find ./50* 2>/dev/null)" ] && "${TAR_CMD[@]}" ${file_experimental} ./50* |
| 61 |
fi |
| 62 |
|
| 63 |
-#tag release |
| 64 |
-echo "Tagging with ${newfullver}" |
| 65 |
-git -C ${LOCAL_PATCHES_TRUNK} tag ${newfullver} |
| 66 |
- |
| 67 |
#push tag |
| 68 |
echo "Pushing tag ${newfullver}" |
| 69 |
git push --tags -u origin ${BRANCH} |
| 70 |
-- |
| 71 |
2.18.0 |
Archives