Accepting request 631254 from home:cyphar:containers:reproducible

- Add patch to make package reproducible, which is a backport of
  https://github.com/docker/cli/pull/1306. boo#1047218
  + bsc1047218-0001-man-obey-SOURCE_DATE_EPOCH-when-generating-man-pages.patch

OBS-URL: https://build.opensuse.org/request/show/631254
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=263

bsc1047218-0001-man-obey-SOURCE_DATE_EPOCH-when-generating-man-pages.patch

@@ -0,0 +1,58 @@
+From d84d2f13c475bf5ff0ce7b080b759b0239d5d345 Mon Sep 17 00:00:00 2001
+From: Aleksa Sarai <asarai@suse.de>
+Date: Thu, 23 Aug 2018 19:53:55 +1000
+Subject: [PATCH] man: obey SOURCE_DATE_EPOCH when generating man pages
+
+Previously our man pages included the current time each time they were
+generated. This causes an issue for reproducible builds, since each
+re-build of a package that includes the man pages will have different
+times listed in the man pages.
+
+To fix this, add support for SOURCE_DATE_EPOCH (which is a standardised
+packaging environment variable, designed to be used specifically for
+this purpose[1]). spf13/cobra doesn't support this natively yet (though
+I will push a patch for that as well), but it's simpler to fix it
+directly in docker/cli.
+
+[1]: https://reproducible-builds.org/specs/source-date-epoch/
+
+SUSE-Bugs: boo#1047218
+Signed-off-by: Aleksa Sarai <asarai@suse.de>
+---
+ components/cli/man/generate.go | 13 +++++++++++++
+ 1 file changed, 13 insertions(+)
+
+diff --git a/components/cli/man/generate.go b/components/cli/man/generate.go
+index 4197558a2225..4a3e98fb22c1 100644
+--- a/components/cli/man/generate.go
++++ b/components/cli/man/generate.go
+@@ -6,6 +6,8 @@ import (
+ 	"log"
+ 	"os"
+ 	"path/filepath"
++	"strconv"
++	"time"
+ 
+ 	"github.com/docker/cli/cli/command"
+ 	"github.com/docker/cli/cli/command/commands"
+@@ -24,6 +26,17 @@ func generateManPages(opts *options) error {
+ 		Source:  "Docker Community",
+ 	}
+ 
++	// If SOURCE_DATE_EPOCH is set, in order to allow reproducible package
++	// builds, we explicitly set the build time to SOURCE_DATE_EPOCH.
++	if epoch := os.Getenv("SOURCE_DATE_EPOCH"); epoch != "" {
++		unixEpoch, err := strconv.ParseInt(epoch, 10, 64)
++		if err != nil {
++			return fmt.Errorf("invalid SOURCE_DATE_EPOCH: %v", err)
++		}
++		now := time.Unix(unixEpoch, 0)
++		header.Date = &now
++	}
++
+ 	stdin, stdout, stderr := term.StdStreams()
+ 	dockerCli := command.NewDockerCli(stdin, stdout, stderr, false)
+ 	cmd := &cobra.Command{Use: "docker"}
+-- 
+2.18.0
+

docker.changes

@@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Fri Aug 24 08:17:41 UTC 2018 - asarai@suse.com
+
+- Add patch to make package reproducible, which is a backport of
+  https://github.com/docker/cli/pull/1306. boo#1047218
+  + bsc1047218-0001-man-obey-SOURCE_DATE_EPOCH-when-generating-man-pages.patch
+
 -------------------------------------------------------------------
 Wed Aug 22 09:54:57 UTC 2018 - asarai@suse.com
 

docker.spec

@@ -82,6 +82,8 @@ Patch400:       bsc1073877-0001-apparmor-allow-receiving-of-signals-from-docker-
 Patch401:       bsc1073877-0002-apparmor-clobber-docker-default-profile-on-start.patch
 # SUSE-BACKPORT: Backport of https://github.com/docker/cli/pull/1242. bsc#1100727
 Patch402:       bsc1100727-0001-build-add-buildmode-pie.patch
+# SUSE-BACKPORT: Backport of https://github.com/docker/cli/pull/1306. boo#1047218
+Patch403:       bsc1047218-0001-man-obey-SOURCE_DATE_EPOCH-when-generating-man-pages.patch
 # SUSE-FEATURE: Add support to mirror inofficial/private registries
 #               (https://github.com/moby/moby/pull/34319)
 Patch500:       private-registry-0001-Add-private-registry-mirror-support.patch
@@ -261,6 +263,8 @@ docker container runtime configuration for kubeadm
 %patch401 -p1
 # bsc#1100727
 %patch402 -p1
+# boo#1047218
+%patch403 -p1
 %if "%flavour" == "kubic"
 # PATCH-SUSE: Mirror patch.
 %patch500 -p1