makerepropkg: support checking multiple split packages
By specifying multiple package files, we assume they are all from the same PKGBUILD, and try to check them all against the produced artifacts. Since the buildinfo should be comparable for all of them, we simply use the first one passed on the command line. Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Levente Polyak <anthraxx@archlinux.org>
This commit is contained in:
parent
53fe5c67a1
commit
51842a1676
|
@ -7,12 +7,12 @@ makerepropkg - Rebuild a package to see if it is reproducible
|
|||
|
||||
Synopsis
|
||||
--------
|
||||
makerepropkg [OPTIONS] <package_file>
|
||||
makerepropkg [OPTIONS] <package_file>...
|
||||
|
||||
Description
|
||||
-----------
|
||||
|
||||
Given the path to a built pacman package, attempt to rebuild it using the
|
||||
Given the path to a built pacman package(s), attempt to rebuild it using the
|
||||
PKGBUILD in the current directory. The package will be built in an environment
|
||||
as closely matching the environment of the initial package as possible, by
|
||||
building up a chroot to match the information exposed in the package's
|
||||
|
@ -20,6 +20,10 @@ linkman:BUILDINFO[5] manifest. On success, the resulting package will be
|
|||
compared to the input package, and makerepropkg will report whether the
|
||||
artifacts are identical.
|
||||
|
||||
When given multiple packages, additional package files are assumed to be split
|
||||
packages and will be treated as additional artifacts to compare during the
|
||||
verification step.
|
||||
|
||||
This implements a verifier for pacman/libalpm packages in accordance with the
|
||||
link:https://reproducible-builds.org/[Reproducible Builds] project.
|
||||
|
||||
|
|
|
@ -117,10 +117,13 @@ check_root
|
|||
|
||||
if [[ -n $1 ]]; then
|
||||
pkgfile="$1"
|
||||
if ! bsdtar -tqf "${pkgfile}" .BUILDINFO >/dev/null 2>&1; then
|
||||
error "file is not a valid pacman package: '%s'" "${pkgfile}"
|
||||
exit 1
|
||||
fi
|
||||
splitpkgs=("$@")
|
||||
for f in "${splitpkgs[@]}"; do
|
||||
if ! bsdtar -tqf "${f}" .BUILDINFO >/dev/null 2>&1; then
|
||||
error "file is not a valid pacman package: '%s'" "${f}"
|
||||
exit 1
|
||||
fi
|
||||
done
|
||||
else
|
||||
error "no package file specified. Try '${BASH_SOURCE[0]##*/} -h' for more information. "
|
||||
exit 1
|
||||
|
@ -176,23 +179,26 @@ arch-nspawn "${buildroot}/${chroot}" \
|
|||
--bind="${PWD}:/startdir" \
|
||||
--bind="${SRCDEST}:/srcdest" \
|
||||
/chrootbuild -C --noconfirm --log --holdver --skipinteg
|
||||
ret=$?
|
||||
|
||||
if (( $? == 0 )); then
|
||||
if (( ${ret} == 0 )); then
|
||||
msg2 "built succeeded! built packages can be found in ${buildroot}/${chroot}/pkgdest"
|
||||
msg "comparing artifacts..."
|
||||
|
||||
comparefiles=("${pkgfile}" "${buildroot}/${chroot}/pkgdest/${pkgfile##*/}")
|
||||
if cmp -s "${comparefiles[@]}"; then
|
||||
msg2 "Package successfully reproduced!"
|
||||
exit 0
|
||||
else
|
||||
warning "Package is not reproducible. :("
|
||||
sha256sum "${comparefiles[@]}"
|
||||
if (( diffoscope )); then
|
||||
diffoscope "${comparefiles[@]}"
|
||||
for pkgfile in "${splitpkgs[@]}"; do
|
||||
comparefiles=("${pkgfile}" "${buildroot}/${chroot}/pkgdest/${pkgfile##*/}")
|
||||
if cmp -s "${comparefiles[@]}"; then
|
||||
msg2 "Package '%s' successfully reproduced!" "${pkgfile}"
|
||||
else
|
||||
ret=1
|
||||
warning "Package '%s' is not reproducible. :(" "${pkgfile}"
|
||||
sha256sum "${comparefiles[@]}"
|
||||
if (( diffoscope )); then
|
||||
diffoscope "${comparefiles[@]}"
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
done
|
||||
fi
|
||||
|
||||
# the package either failed to build, or was unreproducible
|
||||
exit 1
|
||||
# return failure from chrootbuild, or the reproducibility status
|
||||
exit ${ret}
|
||||
|
|
Loading…
Reference in New Issue