From 47e50988b54b84142095b4776f654b9af25e07fb Mon Sep 17 00:00:00 2001 From: AsamK Date: Wed, 22 Apr 2026 22:22:32 +0200 Subject: [PATCH] Make SOURCE_DATE_EPOCH configurable --- reproducible-builds/build.Containerfile | 9 ++++----- reproducible-builds/client.Containerfile | 3 ++- reproducible-builds/native.Containerfile | 3 ++- .../update-pinned-container-versions.sh | 12 ++++++++++++ 4 files changed, 20 insertions(+), 7 deletions(-) diff --git a/reproducible-builds/build.Containerfile b/reproducible-builds/build.Containerfile index 0e73ddc5..f65f9639 100644 --- a/reproducible-builds/build.Containerfile +++ b/reproducible-builds/build.Containerfile @@ -1,13 +1,12 @@ ARG ZULU_TAG="25.0.2-jdk@sha256:9582df6c4415d9c770eb5ff8fce426ebba53631149c9eb083ee126568d32fab3" +ARG SOURCE_DATE_EPOCH="1767225600" FROM docker.io/azul/zulu-openjdk:$ZULU_TAG -ENV SOURCE_DATE_EPOCH=1767225600 +ENV SOURCE_DATE_EPOCH=$SOURCE_DATE_EPOCH ENV LANG=C.UTF-8 ENV LC_CTYPE=en_US.UTF-8 -ARG SNAPSHOT=20260101T000000Z -RUN echo "deb http://snapshot.ubuntu.com/ubuntu/${SNAPSHOT}/ jammy main" > /etc/apt/sources.list \ - && echo "deb http://snapshot.ubuntu.com/ubuntu/${SNAPSHOT}/ jammy universe" >> /etc/apt/sources.list -RUN apt update && apt install -y make asciidoc-base +RUN SNAPSHOT="$(date -u -d "@$SOURCE_DATE_EPOCH" +%Y%m%dT%H%M%SZ)" \ + && apt install -y make asciidoc-base --update --snapshot "$SNAPSHOT" COPY --chmod=0700 reproducible-builds/entrypoint.sh /usr/local/bin/entrypoint.sh WORKDIR /signal-cli ENTRYPOINT [ "/usr/local/bin/entrypoint.sh", "build" ] diff --git a/reproducible-builds/client.Containerfile b/reproducible-builds/client.Containerfile index c65f1678..521a9181 100644 --- a/reproducible-builds/client.Containerfile +++ b/reproducible-builds/client.Containerfile @@ -1,7 +1,8 @@ ARG RUST_TAG="1.94.1-slim-trixie@sha256:c6a474d7164ea2455e09b60a759b1edca38db7373c5689c1dae31780de4e71ac" +ARG SOURCE_DATE_EPOCH="1767225600" FROM docker.io/rust:$RUST_TAG -ENV SOURCE_DATE_EPOCH=1767225600 +ENV SOURCE_DATE_EPOCH=$SOURCE_DATE_EPOCH ENV LANG=C.UTF-8 ENV LC_CTYPE=en_US.UTF-8 COPY --chmod=0700 reproducible-builds/entrypoint.sh /usr/local/bin/entrypoint.sh diff --git a/reproducible-builds/native.Containerfile b/reproducible-builds/native.Containerfile index 326bb52b..4cae2bcd 100644 --- a/reproducible-builds/native.Containerfile +++ b/reproducible-builds/native.Containerfile @@ -1,7 +1,8 @@ ARG GRAALVM_TAG="25.0.2@sha256:4c0d5919f6840d89721274eb8cf81962faa2f870b816967e6732e2a151b150d8" +ARG SOURCE_DATE_EPOCH="1767225600" FROM container-registry.oracle.com/graalvm/native-image:$GRAALVM_TAG -ENV SOURCE_DATE_EPOCH=1767225600 +ENV SOURCE_DATE_EPOCH=$SOURCE_DATE_EPOCH ENV LANG=C.UTF-8 ENV LC_CTYPE=en_US.UTF-8 COPY --chmod=0700 reproducible-builds/entrypoint.sh /usr/local/bin/entrypoint.sh diff --git a/reproducible-builds/update-pinned-container-versions.sh b/reproducible-builds/update-pinned-container-versions.sh index 46b903a7..f03c4333 100755 --- a/reproducible-builds/update-pinned-container-versions.sh +++ b/reproducible-builds/update-pinned-container-versions.sh @@ -40,6 +40,18 @@ update_arg_tag() { echo "updated $file -> ${tag}${digest}" } +update_source_date_epoch() { + local file="$1" + local current_timestamp + current_timestamp="$(date +%s)" + sed -i -E "s|^ARG SOURCE_DATE_EPOCH=\"[^\"]+\"$|ARG SOURCE_DATE_EPOCH=\"${current_timestamp}\"|" "$file" + echo "updated $file SOURCE_DATE_EPOCH -> ${current_timestamp}" +} + update_arg_tag reproducible-builds/build.Containerfile ZULU_TAG docker.io/azul/zulu-openjdk: update_arg_tag reproducible-builds/native.Containerfile GRAALVM_TAG container-registry.oracle.com/graalvm/native-image: update_arg_tag reproducible-builds/client.Containerfile RUST_TAG docker.io/rust: + +update_source_date_epoch reproducible-builds/build.Containerfile +update_source_date_epoch reproducible-builds/native.Containerfile +update_source_date_epoch reproducible-builds/client.Containerfile