Create .changes files for reproducible builds

release rpm files currently do not have .changes files, but these are needed to extract SOURCE_DATE_EPOCH for reproducible builds. Using the time stamp of the last commit to any of the input, which is the 000package-groups and 000update-repos source package, as the time for the changes entry would be reproducible, however there is resistance to that. The other date that is related is the time of the last source change for any input to the whole distribution, however AFAIK this date is not cheap enough to compute for OBS-VCS. This hopefully changes once we move to git. However to not delay making progress with reproducible builds in Factory, I propose this change which makes the output of this script non-reproducible, by using the current wall-clock time. But only when this script produced a change to be commited. The release binary rpms will still be reproducible. We can revisit making the generated source reproducible, later. See https://reproducible-builds.org/ for more general information on this topic.
2024-02-20 16:41:36 +01:00 · 2024-02-20 16:41:36 +01:00 · 57110cc66e
commit 57110cc66e
parent 9919e0248e
1 changed files with 18 additions and 0 deletions
--- a/pkglistgen/tool.py
+++ b/pkglistgen/tool.py
@ -8,6 +8,8 @@ import shutil
 import subprocess
 import yaml

+from datetime import datetime, timezone
+
 from typing import Any, Mapping, Optional

 from lxml import etree as ET
@ -743,6 +745,22 @@ class PkgListGen(ToolBase.ToolBase):

        file_utils.multibuild_from_glob(release_dir, '*.spec')
        self.build_stub(release_dir, 'spec')
+
+        todo_spec_files = []
+        package = Package(release_dir)
+        if package.get_status(False, ' '):
+            todo_spec_files = glob.glob(os.path.join(release_dir, '*.spec'))
+        for spec_file in todo_spec_files:
+            changes_file = os.path.splitext(spec_file)[0] + '.changes'
+            with open(changes_file, 'w', encoding="utf-8") as f:
+                date = datetime.now(timezone.utc)
+                date = date.strftime("%a %b %d %H:%M:%S %Z %Y")
+                f.write(
+                    "-------------------------------------------------------------------\n"
+                    + date + " - openSUSE <packaging@lists.opensuse.org>\n\n"
+                    "- automatically generated by openSUSE-release-tools/pkglistgen\n\n"
+                )
+
        self.commit_package(release_dir)

        if only_release_packages: