From patchwork Thu Jan  5 15:12:41 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: venkata.pyla@toshiba-tsip.com
X-Patchwork-Id: 2406
Return-Path: <isar-users+bncBCSJJMFW3MKRB4OR3OOQMGQELB4GE6A@googlegroups.com>
Received: from shymkent.ilbers.de ([unix socket])
	 by shymkent (Cyrus 2.5.10-Debian-2.5.10-3+deb9u2) with LMTPA;
	 Thu, 05 Jan 2023 16:12:56 +0100
X-Sieve: CMU Sieve 2.4
Received: from mail-vk1-f192.google.com (mail-vk1-f192.google.com
 [209.85.221.192])
	by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id
 305FCtXX008202
	(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT);
	Thu, 5 Jan 2023 16:12:56 +0100
Received: by mail-vk1-f192.google.com with SMTP id
 s202-20020a1fa9d3000000b003d5ddec0bccsf2747534vke.4;
        Thu, 05 Jan 2023 07:12:55 -0800 (PST)
ARC-Seal: i=2; a=rsa-sha256; t=1672931569; cv=pass;
        d=google.com; s=arc-20160816;
        b=uSm0k8cg0NBEBrNbfvhSekz14sP13sM/9FNFL691+GT05svkERxBHSOEzXNdRWEGNf
         Mc/WMH2nWXAvkh1X1xY/hcLhALsHWqc/cw8hmBrNgAj32S4Hi/STM0mKrzJnV8/Q0FWA
         eQCdf6HgsWvpV0Gcz/RH2pf0iFee5U8dz8byFBWH0JKTBnS7VmGhh1ynr1N8hPMlUi/7
         AUudgj9DjKcPFgnnj8uHm8k+XGWxcjYyIaCbU/psmfTnS2k20kvotDOkB/N+ilBmJYCG
         Kjs0EIMO4zEYzTdFsnFJ+p6W285t8L+rGfDWo2z1M2ZiUtk4Slk/gxDmzEwhM2eUR89/
         maCg==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
         :list-id:mailing-list:precedence:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:sender:dkim-signature;
        bh=RtSS14Xg0kak4Ks6JEnVuW6wCTDyviHpc5vx+yY4aFE=;
        b=eDYPpQtaLkk9n1QUMwieeEX42Ti2tP+tacFBEfWvuS2gZdxsJopry5kgmpJtcK7QCS
         7YbYLVG7Q+YTMJvSpkR6vQn2V4vrK0znZpqCkX8bNPlVbzdx4VPGXoY/ytIhyVO+ZoLV
         fIY/4PGoPlJvXozAbrduJSI/97NwDrXSbniO/9BJ17v/Jx+HA6MECRRttUrFlEFAA7fa
         VXX+7cvboomS84fKS8znqtgsbRI21pIkKQMFhmxNnX2eLXQa9mdqzs8IyXsw7WlGyt0W
         5T9cGynqrpXvxXEoVMokKdvtS/YITwpWE0ZHUZLB7KJtTlu2CxlnmJaOPVulQLSRUWty
         Jt0Q==
ARC-Authentication-Results: i=2; gmr-mx.google.com;
       spf=pass (google.com: domain of venkata.pyla@toshiba-tsip.com
 designates 210.130.202.156 as permitted sender)
 smtp.mailfrom=venkata.pyla@toshiba-tsip.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=googlegroups.com; s=20210112;
        h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
         :list-id:mailing-list:precedence:x-original-authentication-results
         :x-original-sender:mime-version:references:in-reply-to:message-id
         :date:subject:cc:to:from:sender:from:to:cc:subject:date:message-id
         :reply-to;
        bh=RtSS14Xg0kak4Ks6JEnVuW6wCTDyviHpc5vx+yY4aFE=;
        b=OG64jz7KDN+6k6+W38fVCuNT4LlCWJ45/RkNrTf3NI6AFFOVLCEpre0+kcF034TnAC
         FPpEz4XVbzDoRhgnieyHTqJpsYV3AlDHPcttJB1xGV19+n4OXkh13LI+pFW6jTh8GemE
         0poOmo63U2a4lhFAI/7H1PtmikmulIPu66UMtqZhvk9fYv2lpxIgnVSYD5N0Re5KVSld
         sxql7G1omvcTqElA9j0n7luVOhpu5raaoFytfXacjOvubX5jKD6cZVsmo30Yl4u2ovFb
         /IUS7wspRzKDNR0/7X/aIgKSvj9TBQK25aoxuyozOtTpc2AItl3YE3p5nQa+fGXOfGC9
         9v6g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
         :x-spam-checked-in-group:list-id:mailing-list:precedence
         :x-original-authentication-results:x-original-sender:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from
         :x-gm-message-state:sender:from:to:cc:subject:date:message-id
         :reply-to;
        bh=RtSS14Xg0kak4Ks6JEnVuW6wCTDyviHpc5vx+yY4aFE=;
        b=2D7k0nB3cl6MccbG2g5usNTtMusoJNlAuC1+nbs3CAIXhNdie3XJaHLGz7DSEZO7z8
         doqH/lnvLjl37EtXgk0/Zvy8NLh9SZVPS8WBrj4cSYbDQegXPQAq5tNHx/Jc9zSXqMvt
         Unu9qAmkwbyrlnJ9LTxdhBxg+78QmuzEAzFovi42nW0dtJJ+ni1A0VrXOmm0hw02DzEb
         Ssf4bVUP4GYmfG1DMIGPQ0f+o+0+v7CpSmDgNFDrkZ1xdzfRX3hUaUfFlsCJLGlN6Xz2
         asK8BWQ8h0vD81FRiDwHrv4mXL86edQYeN1rWw9iVnIM1BJGX9+tTHt0npA3GgXXgkMG
         oILw==
Sender: isar-users@googlegroups.com
X-Gm-Message-State: AFqh2kp94QWfKE7ak2kx0Tw4Wz7KlcO0SjQxao+HyRZikyN2ZDpwDcxF
	heuUy5pSPDwijG2NUdcC2GQ=
X-Google-Smtp-Source: 
 AMrXdXtE6gB2bGraDOu97MxxtkvCY/7KCZ1STYBIF3d9JCIlr//v5EPRUbOc8EN6VRz0hKVGg9Y3RQ==
X-Received: by 2002:a67:f641:0:b0:3a7:8ab1:244e with SMTP id
 u1-20020a67f641000000b003a78ab1244emr6128375vso.57.1672931569744;
        Thu, 05 Jan 2023 07:12:49 -0800 (PST)
X-BeenThere: isar-users@googlegroups.com
Received: by 2002:a05:6102:23cc:b0:3b1:1703:92cb with SMTP id
 x12-20020a05610223cc00b003b1170392cbls9624473vsr.1.-pod-prod-gmail; Thu, 05
 Jan 2023 07:12:49 -0800 (PST)
X-Received: by 2002:a05:6102:1346:b0:3c7:15e7:71af with SMTP id
 j6-20020a056102134600b003c715e771afmr18619215vsl.31.1672931569143;
        Thu, 05 Jan 2023 07:12:49 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1672931569; cv=none;
        d=google.com; s=arc-20160816;
        b=0wW/E979EdbxHus2s6319ftBwh0BMiFuQsM3eBlE5IyUoWkPEeX5WfOpr3JCE1h9um
         10CnmXdVYxfe20MZb0PcFpBGTLCzkfuAMSP3DcAXBInY/ZU0pWT0Oa74/RBIF/INRvaf
         lft3qzdQxGB4jjbUwpbSlfffZRxOKmUPyAcMm21tKXohkAZCvzFV+RKzjzVHadnDgsbH
         UmXeuGAhbRx7dweTMuivjFYTCpSCUQbAMKxjEYDNSxS5hce4hCIPi8pMXl4HLy3gv9CS
         FopWygSzxsV9So9i8laRRA2pLoV3VeOJ/OA/ErvVNUHACyzmkwbACcZVD5h0D2HpprwD
         AiFg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from;
        bh=oWhby2umKji1nNH7BgXRctjFWdA//4rqJKl0uvnZ7D0=;
        b=fHYwtwazOm7CzN0k8LrwQ/N9eHawr+59o03ySIeafsYZcpmjlV1MQThg0probfRWjo
         8I5maQQXlRkllqh+iRVVoNcVhvxU+85R86piZtGh1ehjownmRIzhkqU05KoQftFqWzvY
         hbZj+pMfvrdhu97WVSXRw2oOLcCdNY8jXR7lbTto36nl6fS1pvMkuM6fGnSsA9nZm6c8
         emIiSTjSLCLcJEpZ0eLU53belXFqvlUE+MAl2mrTENXT5YvS+1Uj4j9ztcx1k2GP+33C
         OXVL0ZxRV5QFche9VVDKR3cEWsxCXyxkr1aM18aFyqCIBLMu/p4S8PYgKZWuvq+td/yq
         DfqQ==
ARC-Authentication-Results: i=1; gmr-mx.google.com;
       spf=pass (google.com: domain of venkata.pyla@toshiba-tsip.com
 designates 210.130.202.156 as permitted sender)
 smtp.mailfrom=venkata.pyla@toshiba-tsip.com
Received: from mo-csw.securemx.jp (mo-csw1114.securemx.jp. [210.130.202.156])
        by gmr-mx.google.com with ESMTPS id
 j5-20020a67e305000000b003ce9fcc1ea2si503304vsf.0.2023.01.05.07.12.48
        for <isar-users@googlegroups.com>
        (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);
        Thu, 05 Jan 2023 07:12:48 -0800 (PST)
Received-SPF: pass (google.com: domain of venkata.pyla@toshiba-tsip.com
 designates 210.130.202.156 as permitted sender) client-ip=210.130.202.156;
Received: by mo-csw.securemx.jp (mx-mo-csw1114) id 305FCj2Z010414;
 Fri, 6 Jan 2023 00:12:45 +0900
X-Iguazu-Qid: 2wGqnqi0Hkq1JML5cW
X-Iguazu-QSIG: v=2; s=0; t=1672931565; q=2wGqnqi0Hkq1JML5cW;
 m=zwe+/WlXggHZQEO2CSxonfPCrXmEHpQ3fRNCv4Qwtm8=
Received: from imx2-a.toshiba.co.jp (imx2-a.toshiba.co.jp [106.186.93.35])
	by relay.securemx.jp (mx-mr1111) id 305FCj5B024391
	(version=TLSv1.2 cipher=AES128-GCM-SHA256 bits=128 verify=NOT);
	Fri, 6 Jan 2023 00:12:45 +0900
From: venkata.pyla@toshiba-tsip.com
To: isar-users@googlegroups.com
Cc: venkata pyla <venkata.pyla@toshiba-tsip.com>, amikan@ilbers.de,
        jan.kiszka@siemens.com, henning.schild@siemens.com,
        kazuhiro3.hayashi@toshiba.co.jp, dinesh.kumar@toshiba-tsip.com
Subject: [PATCH v3 1/1] image.bbclass: fix non-reproducible file time-stamps
 inside rootfs
Date: Thu,  5 Jan 2023 20:42:41 +0530
X-TSB-HOP2: ON
Message-Id: <20230105151241.21348-2-venkata.pyla@toshiba-tsip.com>
X-Mailer: git-send-email 2.20.1
In-Reply-To: 
 <OSYPR01MB5542F29EB4BF011A5AA35670A4FA9@OSYPR01MB5542.jpnprd01.prod.outlook.com>
References: 
 <OSYPR01MB5542F29EB4BF011A5AA35670A4FA9@OSYPR01MB5542.jpnprd01.prod.outlook.com>
MIME-Version: 1.0
X-OriginalArrivalTime: 05 Jan 2023 15:12:42.0900 (UTC)
 FILETIME=[28A56540:01D92118]
X-Original-Sender: venkata.pyla@toshiba-tsip.com
X-Original-Authentication-Results: gmr-mx.google.com;       spf=pass
 (google.com: domain of venkata.pyla@toshiba-tsip.com designates
 210.130.202.156 as permitted sender)
 smtp.mailfrom=venkata.pyla@toshiba-tsip.com
Precedence: list
Mailing-list: list isar-users@googlegroups.com;
 contact isar-users+owners@googlegroups.com
List-ID: <isar-users.googlegroups.com>
X-Spam-Checked-In-Group: isar-users@googlegroups.com
X-Google-Group-Id: 914930254986
List-Post: <https://groups.google.com/group/isar-users/post>,
 <mailto:isar-users@googlegroups.com>
List-Help: <https://groups.google.com/support/>,
 <mailto:isar-users+help@googlegroups.com>
List-Archive: <https://groups.google.com/group/isar-users
List-Subscribe: <https://groups.google.com/group/isar-users/subscribe>,
 <mailto:isar-users+subscribe@googlegroups.com>
List-Unsubscribe: 
 <mailto:googlegroups-manage+914930254986+unsubscribe@googlegroups.com>,
 <https://groups.google.com/group/isar-users/subscribe>
X-Spam-Status: No, score=-0.9 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_EF,HEADER_FROM_DIFFERENT_DOMAINS,
	MAILING_LIST_MULTI,RCVD_IN_MSPIKE_H2,SPF_PASS autolearn=unavailable
	autolearn_force=no version=3.4.2
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de
X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?=

From: venkata pyla <venkata.pyla@toshiba-tsip.com>

As part of reproducible-build work, the rootfs images generated on same
source should be identical between two builds.

In this commit it tries to solve one of the non-reproducible problem
i.e. the rootfs file time-stamps generated during build time are not
reproducible, it uses one of the solution provided in the debian
live-build image project (refer [1]), it fixes by finding all the
files/folders that are gernerated newly and set the time-stamp provided
by `SOURCE_DATE_EPOCH` environment variable.

[1] https://salsa.debian.org/live-team/live-build/-/merge_requests/218

Signed-off-by: venkata pyla <venkata.pyla@toshiba-tsip.com>
---
 meta-isar/conf/local.conf.sample | 10 ++++++++++
 meta/classes/image.bbclass       | 10 ++++++++++
 2 files changed, 20 insertions(+)

diff --git a/meta-isar/conf/local.conf.sample b/meta-isar/conf/local.conf.sample
index 57d0620..3c4a473 100644
--- a/meta-isar/conf/local.conf.sample
+++ b/meta-isar/conf/local.conf.sample
@@ -255,3 +255,13 @@ USER_isar[flags] += "clear-text-password"
 #CCACHE_TOP_DIR ?= "${TMPDIR}/ccache"
 # Enable ccache debug mode
 #CCACHE_DEBUG = "1"
+
+# Uncommnet and add value to it to build images reproducibly
+#
+# The value for `SOURCE_DATE_EPOCH` should be latest source change time in
+# seconds since the Epoch.
+# Git repository users can use value from 'git log -1 --pretty=%ct'
+# Non git repository users can use value from 'stat -c%Y ChangeLog'
+# To know more details about this variable and how to set the value refer below
+# https://reproducible-builds.org/docs/source-date-epoch/
+#SOURCE_DATE_EPOCH =
diff --git a/meta/classes/image.bbclass b/meta/classes/image.bbclass
index 813e1f3..8371ecd 100644
--- a/meta/classes/image.bbclass
+++ b/meta/classes/image.bbclass
@@ -431,6 +431,16 @@ do_rootfs_finalize() {
 
         rm -f "${ROOTFSDIR}/etc/apt/sources-list"
 EOSUDO
+
+    # Set same time-stamps to the newly generated file/folders in the
+    # rootfs image for the purpose of reproducible builds.
+    test ! -z "${SOURCE_DATE_EPOCH}" && \
+        sudo find ${ROOTFSDIR} -newermt \
+            "$(date -d@${SOURCE_DATE_EPOCH} '+%Y-%m-%d %H:%M:%S')" \
+            -printf "%y %p\n" \
+            -exec touch '{}' -h -d@${SOURCE_DATE_EPOCH} ';' > ${DEPLOY_DIR_IMAGE}/files.modified_timestamps && \
+            bbwarn "$(cat ${DEPLOY_DIR_IMAGE}/files.modified_timestamps) \nModified above file timestamps to build image reproducibly"
+
 }
 addtask rootfs_finalize before do_rootfs after do_rootfs_postprocess