Make tar archives reproducible by setting Pax headers
Needs ReviewPublic

Authored by aaronpuchert on Sat, Nov 23, 6:04 PM.

Details

Reviewers
kfunk
Summary

When POSIXLY_CORRECT is set, GNU tar will add ctime, atime and the PID
of the tar process that created the archive, as pointed out in [1].
To circumvent this, we set the Pax headers manually as recommended, but
we only do this when SOURCE_DATE_EPOCH is set, i.e. reproducible builds
are desired.

[1] https://salsa.debian.org/reproducible-builds/reproducible-website/merge_requests/50/diffs

Test Plan

Repeated builds produce the same files now. Changing the input files'
timestamps seems without effect.

Diff Detail

Repository
R32 KDevelop
Branch
pax-headers-reproducible
Lint
No Linters Available
Unit
No Unit Test Coverage
Build Status
Buildable 19108
Build 19126: arc lint + arc unit
aaronpuchert created this revision.Sat, Nov 23, 6:04 PM
Restricted Application added a project: KDevelop. · View Herald TranscriptSat, Nov 23, 6:04 PM
aaronpuchert requested review of this revision.Sat, Nov 23, 6:04 PM