[PATCH] build: store buildsystem revision in packages

Paul Spooren mail at aparcar.org
Wed Jul 15 20:56:58 EDT 2020

In the past buildinfo files where added to enable testing for
reproducible builds. The combination of the three buildinfo files
feeds.buildinfo, config.buildinfo and version.buildinfo allow to
recreate the buildsystem and check if compiled binaries are bit for bit
the same as distributed on official servers.

To support the verification efforts of the reproducible-builds.org team
this patch adds the buildsystem revision to the package index. This way
external feeds all external feeds can be rebuild and verified.

Instead of adding a single file to the Packages folder containing the
revision, the per package storage of revisions allow iterative updates.
Even though the buildbots currently rebuild all packages, it would also
be possible to only rebuild upgraded packages in the future.

To keep the `Packages` small, it is ignored when creating the index.

Tested with buildsystem and SDK on ath79/generic.

Signed-off-by: Paul Spooren <mail at aparcar.org>
 include/package-ipkg.mk | 1 +
 package/Makefile        | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/include/package-ipkg.mk b/include/package-ipkg.mk
index 622cbf3223..1dc8dc8f56 100644
--- a/include/package-ipkg.mk
+++ b/include/package-ipkg.mk
@@ -184,6 +184,7 @@ $$(call addfield,Depends,$$(Package/$(1)/DEPENDS)
 )$$(call addfield,License,$(LICENSE)
 )$$(call addfield,LicenseFiles,$(LICENSE_FILES)
 )$$(call addfield,Section,$(SECTION)
+)$$(call addfield,BuildsystemRevision,$(REVISION)
 )$$(call addfield,Require-User,$(USERID)
 )$(if $(PKG_CPE_ID),CPE-ID: $(PKG_CPE_ID)
 )$(if $(filter hold,$(PKG_FLAGS)),Status: unknown hold not-installed
diff --git a/package/Makefile b/package/Makefile
index 58c1ba2bbf..9ab99dadc3 100644
--- a/package/Makefile
+++ b/package/Makefile
@@ -84,7 +84,7 @@ $(curdir)/index: FORCE
 		mkdir -p $$d; \
 		cd $$d || continue; \
 		$(SCRIPT_DIR)/ipkg-make-index.sh . 2>&1 > Packages.manifest; \
-		grep -vE '^(Maintainer|LicenseFiles|Source|SourceName|Require)' Packages.manifest > Packages; \
+		grep -vE '^(Maintainer|LicenseFiles|Source|SourceName|Require|BuildsystemRevision)' Packages.manifest > Packages; \
 		case "$$(((64 + $$(stat -L -c%s Packages)) % 128))" in 110|111) \
 			$(call ERROR_MESSAGE,WARNING: Applying padding in $$d/Packages to workaround usign SHA-512 bug!); \
 			{ echo ""; echo ""; } >> Packages;; \

More information about the openwrt-devel mailing list