highperfocused/bitcoin
1
0
Fork 0
mirror of https://github.com/bitcoin/bitcoin.git synced 2025-08-27 05:51:16 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge bitcoin/bitcoin#33073: guix: warn SOURCE_DATE_EPOCH set in guix-codesign

Browse Source 
1bed0f734b guix: warn SOURCE_DATE_EPOCH set in guix-codesign (will)

Pull request description:

  #32678 added a sanity check for this environment variable when running `guix-build` but missed that `guix-codesign` also relies on `SOURCE_DATE_EPOCH`, which can result in non-determinism in the codesigning step: https://github.com/bitcoin-core/guix.sigs/pull/1720#issuecomment-3124332676

  To avoid repeating the logic move common functionality into the prelude and call the function in both guix actions.

ACKs for top commit:
  fanquake:
    ACK 1bed0f734b

Tree-SHA512: ad3de8ab06e7f4ffcee5c02e8185b20879d63a02a614a706ea54da5087cca4ba75817ca1aa95301572c34723317fcc44e4478261ac73dd223ee9fa827e6b35b3
This commit is contained in:
merge-script
2025-07-29 16:33:52 +01:00
parent 0bed946e5d 1bed0f734b
commit 932e993b37
3 changed files with 27 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
contrib/guix/guix-build
View File

@@ -73,19 +73,7 @@ mkdir -p "$VERSION_BASE"
# SOURCE_DATE_EPOCH should not unintentionally be set # SOURCE_DATE_EPOCH should not unintentionally be set
################ ################
if [ -n "$SOURCE_DATE_EPOCH" ] && [ -z "$FORCE_SOURCE_DATE_EPOCH" ]; then check_source_date_epoch
cat << EOF
ERR: Environment variable SOURCE_DATE_EPOCH is set which may break reproducibility.
Aborting...
Hint: You may want to:
1. Unset this variable: \`unset SOURCE_DATE_EPOCH\` before rebuilding
2. Set the 'FORCE_SOURCE_DATE_EPOCH' environment variable if you insist on
using your own epoch
EOF
exit 1
fi
################ ################
# Build directories should not exist # Build directories should not exist

6
contrib/guix/guix-codesign
View File

@@ -67,6 +67,12 @@ EOF
exit 1 exit 1
fi fi
################
# SOURCE_DATE_EPOCH should not unintentionally be set
################
check_source_date_epoch
################ ################
# The codesignature git worktree should not be dirty # The codesignature git worktree should not be dirty
################ ################

20
contrib/guix/libexec/prelude.bash
View File

@@ -21,6 +21,26 @@ check_tools() {
done done
} }
################
# SOURCE_DATE_EPOCH should not unintentionally be set
################
check_source_date_epoch() {
if [ -n "$SOURCE_DATE_EPOCH" ] && [ -z "$FORCE_SOURCE_DATE_EPOCH" ]; then
cat << EOF
ERR: Environment variable SOURCE_DATE_EPOCH is set which may break reproducibility.
Aborting...
Hint: You may want to:
1. Unset this variable: \`unset SOURCE_DATE_EPOCH\` before rebuilding
2. Set the 'FORCE_SOURCE_DATE_EPOCH' environment variable if you insist on
using your own epoch
EOF
exit 1
fi
}
check_tools cat env readlink dirname basename git check_tools cat env readlink dirname basename git
################ ################