Unverified Commit 51842a16 authored by Eli Schwartz's avatar Eli Schwartz Committed by Levente Polyak
Browse files

makerepropkg: support checking multiple split packages



By specifying multiple package files, we assume they are all from the
same PKGBUILD, and try to check them all against the produced artifacts.
Since the buildinfo should be comparable for all of them, we simply use
the first one passed on the command line.
Signed-off-by: default avatarEli Schwartz <eschwartz@archlinux.org>
Signed-off-by: default avatarLevente Polyak <anthraxx@archlinux.org>
parent 53fe5c67
......@@ -7,12 +7,12 @@ makerepropkg - Rebuild a package to see if it is reproducible
Synopsis
--------
makerepropkg [OPTIONS] <package_file>
makerepropkg [OPTIONS] <package_file>...
Description
-----------
Given the path to a built pacman package, attempt to rebuild it using the
Given the path to a built pacman package(s), attempt to rebuild it using the
PKGBUILD in the current directory. The package will be built in an environment
as closely matching the environment of the initial package as possible, by
building up a chroot to match the information exposed in the package's
......@@ -20,6 +20,10 @@ linkman:BUILDINFO[5] manifest. On success, the resulting package will be
compared to the input package, and makerepropkg will report whether the
artifacts are identical.
When given multiple packages, additional package files are assumed to be split
packages and will be treated as additional artifacts to compare during the
verification step.
This implements a verifier for pacman/libalpm packages in accordance with the
link:https://reproducible-builds.org/[Reproducible Builds] project.
......
......@@ -117,10 +117,13 @@ check_root
if [[ -n $1 ]]; then
pkgfile="$1"
if ! bsdtar -tqf "${pkgfile}" .BUILDINFO >/dev/null 2>&1; then
error "file is not a valid pacman package: '%s'" "${pkgfile}"
exit 1
fi
splitpkgs=("$@")
for f in "${splitpkgs[@]}"; do
if ! bsdtar -tqf "${f}" .BUILDINFO >/dev/null 2>&1; then
error "file is not a valid pacman package: '%s'" "${f}"
exit 1
fi
done
else
error "no package file specified. Try '${BASH_SOURCE[0]##*/} -h' for more information. "
exit 1
......@@ -176,23 +179,26 @@ arch-nspawn "${buildroot}/${chroot}" \
--bind="${PWD}:/startdir" \
--bind="${SRCDEST}:/srcdest" \
/chrootbuild -C --noconfirm --log --holdver --skipinteg
ret=$?
if (( $? == 0 )); then
if (( ${ret} == 0 )); then
msg2 "built succeeded! built packages can be found in ${buildroot}/${chroot}/pkgdest"
msg "comparing artifacts..."
comparefiles=("${pkgfile}" "${buildroot}/${chroot}/pkgdest/${pkgfile##*/}")
if cmp -s "${comparefiles[@]}"; then
msg2 "Package successfully reproduced!"
exit 0
else
warning "Package is not reproducible. :("
sha256sum "${comparefiles[@]}"
if (( diffoscope )); then
diffoscope "${comparefiles[@]}"
for pkgfile in "${splitpkgs[@]}"; do
comparefiles=("${pkgfile}" "${buildroot}/${chroot}/pkgdest/${pkgfile##*/}")
if cmp -s "${comparefiles[@]}"; then
msg2 "Package '%s' successfully reproduced!" "${pkgfile}"
else
ret=1
warning "Package '%s' is not reproducible. :(" "${pkgfile}"
sha256sum "${comparefiles[@]}"
if (( diffoscope )); then
diffoscope "${comparefiles[@]}"
fi
fi
fi
done
fi
# the package either failed to build, or was unreproducible
exit 1
# return failure from chrootbuild, or the reproducibility status
exit ${ret}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment