DEB build scripts: added support for reproducible builds.

Signed-off-by: Michele Calgaro <michele.calgaro@yahoo.it>
pull/65/head
Michele Calgaro 5 years ago
parent 403333c731
commit 8d146a12a7
Signed by: MicheleC
GPG Key ID: 2A75B7CA8ADED5CF

@ -163,7 +163,7 @@ export bool_INTERNAL_PBUILDER
# Local option variables
# - sign packages
OPT_SIGN_PKG_LOCAL="-uc -us"
OPT_SIGN_PKG_LOCAL="--no-sign"
# - show logs
OPT_SHOW_LOGS="&>"
if [ "$bool_SHOW_BUILD_LOGS" = "y" ]; then
@ -271,16 +271,14 @@ if [ "$bool_COPY_MOD_SRC" = "y" ]; then
if [ "$bool_EXTRADEP_MOD" != "y" ]; then
# Normal module
cp -R "$MOD_GIT_PATH" "$MOD_BUILD_PATH/.."
# Add SCM information for crash test report
[ -f "$MOD_BUILD_PATH/.tdescmmodule" ] && rm "$MOD_BUILD_PATH/.tdescmmodule"
[ -f "$MOD_BUILD_PATH/.tdescmrevision" ] && rm "$MOD_BUILD_PATH/.tdescmrevision"
# --> Module name
echo "$MOD_NAME" >"$MOD_BUILD_PATH/.tdescmmodule"
# --> SCM info
# Add GIT information
echo "# TDE SCM module information" > "$MOD_BUILD_PATH/.tdescminfo"
echo "Name: $MOD_NAME" >> "$MOD_BUILD_PATH/.tdescminfo"
cd "$MOD_GIT_PATH"
MOD_BRANCH=`git branch --contains HEAD | grep -v "no branch" | head -n1 | cut -c 3-`
COMMIT_HASH=`git rev-parse HEAD`
echo "$MOD_BRANCH-$COMMIT_HASH" >"$MOD_BUILD_PATH/.tdescmrevision"
echo "Revision: $MOD_BRANCH-$COMMIT_HASH" >> "$MOD_BUILD_PATH/.tdescminfo"
git log -1 --pretty=format:"DateTime: %cd%n" --date=format:"%m/%d/%Y %H:%M" >> "$MOD_BUILD_PATH/.tdescminfo"
else
# Extra dependency module
if [ `find "$MOD_GIT_PATH" -name '*.dsc' | wc -l` == 1 ]; then
@ -309,7 +307,7 @@ if [ "$bool_EXTRADEP_MOD" != "y" -a "$bool_COPY_PKGING_FILES" = "y" ]; then
# TODO metapackage support
# Default package name (Slavek's repo style)
# Default package name
# Calculate package version
cd $MOD_GIT_PATH
branch=`git branch --contains HEAD | egrep -v "no branch|detached" | head -n1 | cut -c 3-`
@ -346,11 +344,13 @@ if [ "$bool_EXTRADEP_MOD" != "y" -a "$bool_COPY_PKGING_FILES" = "y" ]; then
# TODO add relative patch count
ADD_REL=0
DATE=$(date -R)
# Update changelog
REPO_DATE=`git log -1 --pretty=format:"%cd%n" --date=rfc`
GITUSER="$(git config --get user.name) <$(git config --get user.email)>"
echo "$PKG_NAME ($REL-0$DISTRO$DISTRO_VERSION.$ADD_REL+$PKG_REL) $DISTRO_NAME; urgency=low" > "$MOD_BUILD_PKGING_PATH/changelog"
echo -e "\n * Automated git build\n\n -- $GITUSER $DATE\n" >> "$MOD_BUILD_PKGING_PATH/changelog"
echo -e "\n * Automated git build\n\n -- $GITUSER $REPO_DATE\n" >> "$MOD_BUILD_PKGING_PATH/changelog"
cat "$REPO_TDE_PACKAGING/$MOD_NAME/debian/changelog" >> "$MOD_BUILD_PKGING_PATH/changelog"
touch -d "$REPO_DATE" "$MOD_BUILD_PKGING_PATH/changelog"
fi
# prepare destination directory for building
@ -373,7 +373,6 @@ if [ -x "$HOOK_DIR/$MOD_NAME/pre_build.sh" ]; then
fi
fi
#----------------------------
# Switch to 3.0(quilt) format
#----------------------------
@ -384,7 +383,10 @@ MOD_MAJOR_VER=`head -n 1 "$MOD_BUILD_PKGING_PATH/changelog" | sed -r "s/^[^ ]+ \
MOD_UP_VER=`head -n 1 "$MOD_BUILD_PKGING_PATH/changelog" | sed -r "s/^[^ ]+ \(([^:]+:)?([^-]+).*/\2/"`
MOD_DEB_VER=`head -n 1 "$MOD_BUILD_PKGING_PATH/changelog" | sed -r "s/^[^ ]+ \([^-]+-([^\)]+).*/\1/"`
tar cJf "../${MOD_BASENAME}_${MOD_UP_VER}.orig.tar.xz" --exclude="debian" --exclude=".git*" .
REPO_DATE=`dpkg-parsechangelog -l "$MOD_BUILD_PATH/debian/changelog" | sed -n -e 's|^Date: ||p'`
tar cJf "../${MOD_BASENAME}_${MOD_UP_VER}.orig.tar.xz" --exclude="debian" --exclude=".git*" \
--mtime "$REPO_DATE" --pax-option=exthdr.name=%d/PaxHeaders/%f,delete=atime,delete=ctime .
touch -d "$REPO_DATE" "../${MOD_BASENAME}_${MOD_UP_VER}.orig.tar.xz"
# switch to quilt format
if [ -f "$MOD_BUILD_PKGING_PATH/source/format" ]; then
@ -426,7 +428,11 @@ cd "$MOD_BUILD_PATH"
if [ "$bool_BUILD_LOCALLY" = "y" ]; then
## Build module locally
echo -e "${CYellow}> Building locally${CNone}"
eval dpkg-buildpackage $OPT_SIGN_PKG_LOCAL $OPT_SHOW_LOGS\"$BUILDING_LOG_FILE\"
eval dpkg-buildpackage -S $OPT_SIGN_PKG_LOCAL $OPT_SHOW_LOGS\"$BUILDING_LOG_FILE\"
build_retval=$?
if [ $build_retval -eq 0 ]; then
eval dpkg-buildpackage -b $OPT_SIGN_PKG_LOCAL $OPT_SHOW_LOGS\"$BUILDING_LOG_FILE\"
fi
build_retval=$?
else
## Build module in a clean chroot environment using pbuilder

@ -44,9 +44,9 @@ function run_pdebuild()
echo "deb [trusted=yes] file:$TDE_DEBS_DIR ./" >> /etc/apt/sources.list
END_D05_01
if [[ "$USE_PREBUILD_EXTRA_DEPS" = "y" ]]; then
# Get building branch from .tdescmrevision file
if [[ -f "$MOD_BUILD_PATH/.tdescmrevision" ]]; then
BUILD_BRANCH=`sed -r "s/([^-]+)-.*/\1/" "$MOD_BUILD_PATH/.tdescmrevision"`
# Get building branch from .tdescminfo file
if [[ -f "$MOD_BUILD_PATH/.tdescminfo" ]]; then
BUILD_BRANCH=`sed -n -r "s/^Revision: ([^-]+)-.*/\1/p" "$MOD_BUILD_PATH/.tdescminfo"`
OLD_IFS=$IFS && IFS=$' \t'
while read l_branch l_repo l_component; do
if [ "$l_branch" = "$BUILD_BRANCH" ]; then

Loading…
Cancel
Save