From eab5aba9b027a7689acaf2382a04ff69b5b8771e Mon Sep 17 00:00:00 2001
From: Eli Schwartz <eschwartz@archlinux.org>
Date: Mon, 30 Oct 2017 11:17:56 -0400
Subject: Support reproducible builds

Recent development versions of makepkg support reproducible builds
through the environment variable SOURCE_DATE_EPOCH. Pass this variable
through makechrootpkg to makepkg when available.

Also initialize SOURCE_DATE_EPOCH whenever running archbuild to enforce
reproducible builds for repository packages.

Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Levente Polyak <anthraxx@archlinux.org>
---
 makechrootpkg.in | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'makechrootpkg.in')

diff --git a/makechrootpkg.in b/makechrootpkg.in
index d4c293f..9253544 100644
--- a/makechrootpkg.in
+++ b/makechrootpkg.in
@@ -205,6 +205,7 @@ EOF
 	{
 		printf '#!/bin/bash\n'
 		declare -f _chrootbuild
+		declare -p SOURCE_DATE_EPOCH 2>/dev/null
 		printf '_chrootbuild "$@" || exit\n'
 
 		if $run_namcap; then
@@ -231,7 +232,7 @@ _chrootbuild() {
 	# use "$" in arguments to commands with "sudo -i".  ${foo} or
 	# ${1} is OK, but $foo or $1 isn't.
 	# https://bugzilla.sudo.ws/show_bug.cgi?id=765
-	sudo -iu builduser bash -c 'cd /startdir; makepkg "$@"' -bash "$@"
+	sudo --preserve-env=SOURCE_DATE_EPOCH -iu builduser bash -c 'cd /startdir; makepkg "$@"' -bash "$@"
 }
 
 _chrootnamcap() {
@@ -343,7 +344,7 @@ main() {
 	[[ -n $makepkg_user && -z $(id -u "$makepkg_user") ]] && die 'Invalid makepkg user.'
 	makepkg_user=${makepkg_user:-${SUDO_USER:-$USER}}
 
-	check_root
+	check_root SOURCE_DATE_EPOCH
 
 	# Canonicalize chrootdir, getting rid of trailing /
 	chrootdir=$(readlink -e "$passeddir")
-- 
cgit v1.2.3-54-g00ecf