diff release.sh @ 1812:552bb9b4f16a

Make releases tarballs more deterministic Not fully tested on different systems yet
author Matt Johnston <matt@ucc.asn.au>
date Tue, 30 Mar 2021 22:08:14 +0800
parents e2e4929d057b
children f78e67527731
line wrap: on
line diff
--- a/release.sh	Tue Mar 30 20:42:04 2021 +0800
+++ b/release.sh	Tue Mar 30 22:08:14 2021 +0800
@@ -1,4 +1,7 @@
 #!/bin/sh
+
+set -e
+
 VERSION=$(echo '#include "sysoptions.h"\necho DROPBEAR_VERSION' | cpp - | sh)
 echo Releasing version "$VERSION" ...
 if ! head -n1 CHANGES | grep -q $VERSION ; then
@@ -13,7 +16,11 @@
 
 head -n1 CHANGES
 
-#sleep 3
+if tar --version | grep -q 'GNU tar'; then
+	TAR=tar
+else
+	TAR=gtar
+fi
 
 RELDIR=$PWD/../dropbear-$VERSION
 ARCHIVE=${RELDIR}.tar.bz2
@@ -35,7 +42,11 @@
 
 rm "$RELDIR/.hgtags"
 
-(cd "$RELDIR/.." && tar cjf $ARCHIVE `basename "$RELDIR"`) || exit 2
+RELDATE=$(head -n1 CHANGES | cut -d - -f 2)
+
+# from https://reproducible-builds.org/docs/archives/
+TAROPTS="--sort=name --owner=0 --group=0 --numeric-owner"
+(cd "$RELDIR/.." && $TAR cjf $ARCHIVE $TAROPTS --mtime="$RELDATE" `basename "$RELDIR"`) || exit 2
 
 ls -l $ARCHIVE
 openssl sha256 $ARCHIVE