Improve tar packaging #394
Conversation
There was a problem hiding this comment.
Thanks, this is much appreciated! A couple minor detail points and questions.
For the general tar cleanup, it'd be nice to apply that on the older release build packaging as well, see release.sh and release-macos.sh. There's probably no need to go all the way with fetching the source dates and all that, but it would at least be nice to apply at least the --numeric-owner --owner=0 --group=0 parts.
Secondly, as a feature request, is it possible to do something similar for the zip files?
| steps: | ||
| - uses: actions/checkout@v3 | ||
| with: | ||
| sparse-checkout: . |
There was a problem hiding this comment.
Why is sparse-checkout needed here? I guess it's nice for getting a smaller checkout if just wanting to inspect the git history, but the actual files within the llvm-mingw repo are quite minimal anyway?
There was a problem hiding this comment.
It explicitly states that the files arent needed
The generated tar archives contain the uid/gid of the builder, if unpacked as root on another system those will denote nothing or an unexpected user/group. The expectation would be uid/gid = 0. Use a simple enough tar format as well. The Mac version of tar (bsdtar?) does not support those flags, for CI the separate gnu-tar is installed.
nolange
force-pushed
the
improve_tar_packaging
branch
2 times, most recently
from
2047e8f to
3d6c817
Compare
This sets SOURCE_DATE_EPOCH to the commit timestamp, toolchains should pick up timestamps from this variable. The same sources ideally would produce the same binary, see https://reproducible-builds.org. Set the timestamps within the tar archives to the start of the CI pipeline. Sort the archive contents.
mstorsjo
force-pushed
the
improve_tar_packaging
branch
from
3d6c817 to
f4aadbf
Compare
|
Thanks; I think this looks good now. I've amended your branch (changing an instance of FWIW, when linking a DLL/EXE, those files get the current time stored in a timestamp field as well. I've implemented using For those purposes, it would kinda be nice to have a more stable source of data for LLD does have another flag, |
I try to clean up these sources of random noise, but fully reproducible builds are still really hard in general (if you use debinfo you need to build in the same directories, even then it sometimes fails). For no "productive" change your best case is ending up with identical build-ids. |
Yeah - in this case I haven't tried how it behaves if built separately elsewhere (there's a million other things that affects the output there), but having two consecutive runs of the github actions pipeline produce identical output would at least be nice. Before these patches, there were differences only in the |
| @@ -36,6 +42,9 @@ jobs: | |||
| TAG=$(TZ=UTC date +%Y%m%d) | |||
| fi | |||
| echo TAG=$TAG >> $GITHUB_OUTPUT | |||
| echo COMMIT_DATE_UNIX=$(git log -1 --pretty=%ct $GITHUB_SHA) >> $GITHUB_OUTPUT | |||
| echo BUILD_DATE=$(date -u '+%FT%TZ') >> $GITHUB_OUTPUT | |||
| echo BUILD_DATE_UNIX=$(date -d "${BUILD_DATE}" +%s) >> $GITHUB_OUTPUT | |||
There was a problem hiding this comment.
Btw, I just realized, this doesn't work as intended. At this point, ${BUILD_DATE} is still not set - we've only written it into $GITHUB_OUTPUT, which is a plain file that gets added to the environment starting with the next step in the job - but does not take effect immediately within the same script. So effectively, this executes date -d "" +%s, which produces a timestamp corresponding to the start of the current day, it seems.
There was a problem hiding this comment.
See fix-build-date for a fix for this - if this seems reasonable to you, I'll push that to master.
There was a problem hiding this comment.
Good catch, fix seems sensible
There was a problem hiding this comment.
Thanks, I'll push that then.
The failure mode here, in producing a timestamp which is quite near to the intended one, but still not quite the same, was quite surprising too :-)
This introduces the normal practise of not storing personal uid/gid in the archives. tar does a different thing with them whether you unpack as root or another user.
Further the timestamp variations are useless noise, the second commit will normalize timestamps used by compiler/toolchain as well as the tar archive.