splatink/lbmk
1
0
Fork 0
mirror of https://codeberg.org/libreboot/lbmk.git synced 2026-03-26 05:49:03 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
testxz
lbmk/script/update/project/release
Leah Rowe 9acb6a5339 update/release: reproducibility test without xz 
in testing, between two linux distros, i got different src
tarball hashes, but same hashes when run twice on each

i'm using pretty solid options in tar, and riku came up
with the idea that maybe xz might be causing issue.

i'm ruling this out by running the release script with
this patch, on the same two systems, which will create
a .tar file instead, and i'll compare hashes.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-10-17 16:24:41 +01:00

248 lines
6.5 KiB
Bash
Executable File
Raw Permalink Blame History

#!/usr/bin/env sh
# SPDX-License-Identifier: MIT
# SPDX-FileCopyrightText: 2020-2023 Leah Rowe <leah@libreboot.org>
[ "x${DEBUG+set}" = 'xset' ] && set -v
set -u -e
. "include/err.sh"
. "include/option.sh"
eval "$(setvars "" vdir relname src_dirname srcdir _nogit _xm target romdir \
microcode_required mode)"
_f="coreboot u-boot seabios flashrom grub memtest86plus uefitool"
_f="${_f} bios_extract biosutilities pico-serprog stm32-vserprog"
_f="${_f} rpi-pico-serprog"
main()
{
vdir="release"
while getopts d:m: option; do
[ -z "${OPTARG}" ] && err "Empty argument not allowed"
case "${option}" in
d) vdir="${OPTARG}" ;;
m) mode="${OPTARG}" ;;
*) err "Invalid option" ;;
esac
done
vdir="${vdir}/${version}"
relname="${projectname}-${version}"
src_dirname="${relname}_src"
srcdir="${vdir}/${src_dirname}"
[ -e "${vdir}" ] && err "already exists: \"${vdir}\""
mkvdir
build_release
}
mkvdir()
{
mkdir -p "${vdir}" || err "mkvdir: !mkdir -p \"${vdir}\""
git_init || err "mkvdir: !git_init \"${vdir}\""
git clone . "${srcdir}" || err "mkdir: !gitclone \"${srcdir}\""
[ -z "${_nogit}" ] || x_ rm -Rf ".git"
rm -Rf "${srcdir}/.git"
insert_version_files "${srcdir}" || err "mkvdir ${srcdir}: versionfile"
}
# release archives contain .gitignore, but not .git.
# this script can be run from lbmk.git, or an archive.
git_init()
{
[ -L ".git" ] && err "Reference .git is a symlink"
[ -e ".git" ] && return 0
eval "$(setvars "$(date -Rd @${versiondate})" cdate _nogit)"
git init || return 1
git add -A . || return 1
git commit -m "${projectname} ${version}" --date "${cdate}" || return 1
git tag -a "${version}" -m "${projectname} ${version}" || return 1
}
build_release()
{
_xm="build_release ${vdir}"
(
cd "${srcdir}" || err "${_xm}: !cd \"${srcdir}\""
fetch_trees
)
(
cd "${srcdir%/*}" || err "${_xm}: mktarball \"${srcdir}\""
mktarball "${srcdir##*/}" "${srcdir##*/}.tar.xz" || err "${_xm}: mksrc"
)
if [ "${mode}" != "src" ]; then
(
cd "${srcdir}" || err "${_xm}: 2 !cd \"${srcdir}\""
mkrom_images
)
fi
rm -Rf "${srcdir}" || err "${_xm}: !rm -Rf \"${srcdir}\""
}
fetch_trees()
{
for x in ${_f}; do
./update project trees -f "${x}" || err "${_xm}: fetch ${x}"
done
for x in config/*/build.list; do
[ -f "${x}" ] || continue
xp="${x#*/}"; xp="${xp%/*}"
[ -L "${xp}" ] || x_ rm -Rf "src/${xp}/${xp}"
done
rm -Rf */.git* */*/.git* */*/*/.git* */*/*/*/.git* */*/*/*/*/.git* \
*/*/*/*/*/*/.git* */*/*/*/*/*/*/.git* */*/*/*/*/*/*/*/.git* \
.git tmp || err "${_xm}: rm-dotgit"
}
mkrom_images()
{
./build fw coreboot all || err "${_xm}: roms-all"
./build fw serprog rp2040 || err "${_xm}: rp2040"
./build fw serprog stm32 || err "${_xm}: stm32"
for rombuild in bin/*; do
[ -d "${rombuild}" ] || continue
handle_rom_archive "${rombuild}"
done
mv "release/${version}/roms/" ../roms || err "${_xm}: copy roms/"
}
handle_rom_archive()
{
builddir="${1}"
romdir="tmp/romdir"
x_ rm -Rf "${romdir}"
target="${builddir##*/}"
if [ ! -f "config/coreboot/${target}/target.cfg" ]; then
# No config, just make a tarball
tarball="release/${version}/roms/${relname}_${target}.tar.xz"
insert_copying_files "${builddir}"
mktarball "${builddir}" "${tarball}"
return 0
fi
romdir="${romdir}/bin/${target}"
x_ mkdir -p "${romdir}"
x_ cp "${builddir}/"* "${romdir}"
nukerom
printf "Generating release/%s/roms/%s-%s_%s.tar.xz\n" \
"${version}" "${projectname}" "${version}" "${target##*/}"
insert_version_files "${romdir}" || \
err "mkrom_tarball ${romdir}: versionfile"
insert_copying_files "${romdir}"
mkrom_tarball
}
nukerom()
{
microcode_required="y"
. "config/coreboot/${target}/target.cfg"
if [ "${microcode_required}" != "y" ] && \
[ "${microcode_required}" != "n" ]; then microcode_required="y"; fi
if [ "${microcode_required}" = "n" ]; then
for romfile in "${romdir}"/*.rom; do
[ -f "${romfile}" ] || continue
strip_ucode "${romfile}"
done
for romfile in "${romdir}"/*.tmprom; do
[ -f "${romfile}" ] || continue
x_ mv "${romfile}" "${romfile%.tmprom}.rom"
done
fi
# Hash the images before removing vendor files
# which ./update vendor inject uses for verification
x_ rm -f "${romdir}/vendorhashes"
x_ touch "${romdir}/vendorhashes"
(
x_ cd "${romdir}"
x_ sha512sum *.rom >> vendorhashes
)
for romfile in "${romdir}"/*.rom; do
[ -f "${romfile}" ] || continue
x_ ./update vendor inject -r "${romfile}" -b ${target} -n nuke
done
}
strip_ucode()
{
romfile=${1}
_newrom_b="${romfile%.rom}_nomicrocode.tmprom"
x_ cp "${romfile}" "${_newrom_b}"
microcode_present="y"
"${cbfstool}" "${_newrom_b}" remove -n \
cpu_microcode_blob.bin 2>/dev/null || microcode_present="n"
[ "${microcode_present}" = "n" ] || return 0
printf "REMARK: '%s' already lacks microcode\n" "${romfile}" 1>&2
printf "Renaming default ROM file instead.\n" 1>&2
x_ mv "${romfile}" "${_newrom_b}"
}
insert_copying_files()
{
x_ rm -Rf "${1}/licenses"
x_ mkdir -p "${1}/licenses"
l="${1}/licenses"
# copy licenses to rom image archive, for completion
x_ cp "src/grub/COPYING" "${l}/COPYING.grub"
x_ cp "src/coreboot/default/COPYING" "${l}/COPYING.coreboot"
x_ cp -R "src/coreboot/default/LICENSES" "${l}/LICENSES.coreboot"
x_ cp "src/seabios/default/COPYING" "${l}/COPYING.coreboot"
x_ cp "src/seabios/default/COPYING.LESSER" "${l}/COPYING.LESSER.seabios"
x_ cp -R "src/u-boot/default/Licenses" "${l}/COPYING.u-boot"
}
mkrom_tarball()
{
archivename="${relname}_${target##*/}"
f="release/${version}/roms/${archivename}"
x_ mkdir -p "${f%/*}"
(
x_ cd "${romdir%/bin/${target}}"
mktarball "bin/${target}" "${archivename}.tar.xz"
)
x_ mv "${romdir%/bin/${target}}/${archivename}.tar.xz"* "${f%/*}"
printf "Created ROM archive: ${f%/*}/${archivename}.tar.xz"
}
insert_version_files()
{
printf "%s\n" "${version}" > "${1}/version" || return 1
printf "%s\n" "${versiondate}" > "${1}/versiondate" || return 1
printf "%s\n" "${projectname}" > "${1}/projectname" || return 1
}
mktarball()
{
# preserve timestamps for reproducible tarballs
tar_implementation=$(tar --version | head -n1) || :
[ "${2%/*}" = "${2}" ] || x_ mkdir -p "${2%/*}"
if [ "${tar_implementation% *}" = "tar (GNU tar)" ]; then
tar --sort=name --owner=root:0 --group=root:0 \
--mtime="UTC 2023-10-14" -c "${1}" > "${2}" || \
err "mktarball 1, ${1}"
else
# TODO: reproducible tarballs on non-GNU systems
tar -c "${1}" > "${2}" || err "mktarball 2, ${1}"
fi
(
[ "${2%/*}" != "${2}" ] && x_ cd "${2%/*}"
x_ sha512sum "${2##*/}" > "${2##*/}.sha512"
)
}
main $@
Reference in New Issue View Git Blame Copy Permalink