Source: debhelper Version: 9.20150628 Severity: wishlist Tags: patch User: reproducible-bui...@lists.alioth.debian.org Usertags: toolchain timestamps
Hi! While working on the “reproducible builds” effort [1] we have a proposal of using deterministic timestamps [2] (based on the latest debian/changelog entry) which is to be set in the environment variable SOURCE_DATE_EPOCH. The attached patch makes debhelper export the SOURCE_DATE_EPOCH env variable during the execution with the latest debian/changelog entry timestamp, so that packages running during the build process can read it and replace localtime date/times calls with the exported timestamp in order to have reproducible builds. Also, in order to help reproducible builds, a fixed timezone is exported (TZ=UTC). [1]: https://wiki.debian.org/ReproducibleBuilds [2]: https://wiki.debian.org/ReproducibleBuilds/TimestampsProposal Regards, -- Dhole
diff -Nru debhelper-9.20150628/debian/changelog
debhelper-9.20150628+nmu1/debian/changelog
--- debhelper-9.20150628/debian/changelog 2015-06-28 13:56:15.000000000
+0200
+++ debhelper-9.20150628+nmu1/debian/changelog 2015-07-08 19:35:19.000000000
+0200
@@ -1,3 +1,12 @@
+debhelper (9.20150628+nmu1) UNRELEASED; urgency=medium
+
+ * Non-maintainer upload.
+ * export the env var SOURCE_DATE_EPOCH with the last debian/changelog
+ timestamp.
+ * set env TZ=UTC
+
+ -- Dhole <dh...@openmailbox.org> Wed, 08 Jul 2015 19:34:46 +0200
+
debhelper (9.20150628) unstable; urgency=medium
* Upload to unstable with ddebs support disabled by default.
diff -Nru debhelper-9.20150628/Debian/Debhelper/Dh_Lib.pm
debhelper-9.20150628+nmu1/Debian/Debhelper/Dh_Lib.pm
--- debhelper-9.20150628/Debian/Debhelper/Dh_Lib.pm 2015-06-28
13:24:32.000000000 +0200
+++ debhelper-9.20150628+nmu1/Debian/Debhelper/Dh_Lib.pm 2015-07-08
19:34:25.000000000 +0200
@@ -1144,12 +1144,44 @@
}
}
+# Read latest debian/changelog timestamp and export the environment variable
+# SOURCE_DATE_EPOCH with its value, so that any package can read it and
replace
+# calls to localtime (or other undeterministic timestamps) with the exported
+# timestamp to get reproducible builds.
+sub set_source_date_epoch {
+ eval "use Dpkg::Changelog::Debian";
+ if ($@) {
+ warning "unable to set SOURCE_DATE_EPOCH: $@";
+ return;
+ }
+ eval "use Time::Piece";
+ if ($@) {
+ warning "unable to set SOURCE_DATE_EPOCH: $@";
+ return;
+ }
+
+ my $changelog = Dpkg::Changelog::Debian->new();
+ $changelog->load("debian/changelog");
+
+ my $tt = @{$changelog}[0]->get_timestamp();
+ $tt =~ s/\s*\([^\)]+\)\s*$//; # Remove the optional timezone codename
+ my $timestamp = Time::Piece->strptime($tt, "%a, %d %b %Y %T %z");
+
+ $ENV{SOURCE_DATE_EPOCH} = $timestamp->epoch();
+}
+
# Sets environment variables from dpkg-buildflags. Avoids changing
# any existing environment variables.
sub set_buildflags {
- return if $ENV{DH_INTERNAL_BUILDFLAGS} || compat(8);
+ return if $ENV{DH_INTERNAL_BUILDFLAGS};
$ENV{DH_INTERNAL_BUILDFLAGS}=1;
+ set_source_date_epoch();
+ # Set env timezone to UTC to help packages build reproducibly
+ $ENV{TZ} = "UTC";
+
+ return if compat(8);
+
eval "use Dpkg::BuildFlags";
if ($@) {
warning "unable to load build flags: $@";
signature.asc
Description: OpenPGP digital signature
