Alexander Couzens (lynxis@fe80.eu) just uploaded a new patch set to gerrit, which you can find at https://review.coreboot.org/16556
-gerrit
commit 13657a0534bffec1ebc60b6007b4045a51e969cf Author: Alexander Couzens lynxis@fe80.eu Date: Fri Sep 9 00:05:54 2016 +0200
util/release: make release archives reproducible
tar doesn't sort by default and take the order of the OS which is in most cases the order of creation. Sort by name and set influencing environment TZ and language to be reproducible.
Change-Id: I3d043952417000d12e81353677f1ea4aa2da4fc1 Signed-off-by: Alexander Couzens lynxis@fe80.eu --- util/release/build-release | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/util/release/build-release b/util/release/build-release index d13e038..11e7177 100755 --- a/util/release/build-release +++ b/util/release/build-release @@ -9,6 +9,13 @@ USERNAME=${3} GPG_KEY_ID=${4}
set -e + +# set local + tz to be reproducible +LC_ALL=C +LANG=C +TZ=UTC +export LC_ALL LANG TZ + if [ -z "${VERSION_NAME}" ] || [ "${VERSION_NAME}" = "--help" ]; then echo "usage: $0 <version> [commit id] [gpg key id] [username]" echo "tags a new coreboot version and creates a tar archive" @@ -32,8 +39,8 @@ fi printf "${VERSION_NAME}-$(git log --pretty=%H|head -1)\n" > .coreboot-version tstamp=$(git log --pretty=format:%ci -1) cd .. -tar --mtime="$tstamp" --owner=coreboot:1000 --group=coreboot:1000 --exclude-vcs --exclude=coreboot-${VERSION_NAME}/3rdparty/blobs -cvf - coreboot-${VERSION_NAME} |xz -9 > coreboot-${VERSION_NAME}.tar.xz -tar --mtime="$tstamp" --owner=coreboot:1000 --group=coreboot:1000 --exclude-vcs -cvf - coreboot-${VERSION_NAME}/3rdparty/blobs |xz -9 > coreboot-blobs-${VERSION_NAME}.tar.xz +tar --sort=name --mtime="$tstamp" --owner=coreboot:1000 --group=coreboot:1000 --exclude-vcs --exclude=coreboot-${VERSION_NAME}/3rdparty/blobs -cvf - coreboot-${VERSION_NAME} |xz -9 > coreboot-${VERSION_NAME}.tar.xz +tar --sort=name --mtime="$tstamp" --owner=coreboot:1000 --group=coreboot:1000 --exclude-vcs -cvf - coreboot-${VERSION_NAME}/3rdparty/blobs |xz -9 > coreboot-blobs-${VERSION_NAME}.tar.xz if [ -n "${GPG_KEY_ID}" ]; then gpg2 --armor --local-user ${GPG_KEY_ID} --output coreboot-${VERSION_NAME}.tar.xz.sig --detach-sig coreboot-${VERSION_NAME}.tar.xz gpg2 --armor --local-user ${GPG_KEY_ID} --output coreboot-blobs-${VERSION_NAME}.tar.xz.sig --detach-sig coreboot-blobs-${VERSION_NAME}.tar.xz