From 03ae9dc69e993c817e4f01ad49883f1e5fa27426 Mon Sep 17 00:00:00 2001 From: marko-bekhta Date: Wed, 28 Aug 2024 22:12:52 +0200 Subject: [PATCH] [#1929] Enable reproducible archives --- ci/compare-build-results.sh | 53 ++++++++++++++++++++++++++++ hibernate-reactive-core/build.gradle | 9 +++++ 2 files changed, 62 insertions(+) create mode 100644 ci/compare-build-results.sh diff --git a/ci/compare-build-results.sh b/ci/compare-build-results.sh new file mode 100644 index 000000000..6b45022ce --- /dev/null +++ b/ci/compare-build-results.sh @@ -0,0 +1,53 @@ +#!/usr/bin/env bash + +# This is a simple script to check if builds are reproducible. The steps are: +# 1. Build Hibernate Reactive with `./gradlew --no-daemon clean publishToMavenLocal --no-build-cache -Dmaven.repo.local=some-path/out/build1` +# 2. Build Hibernate Reactive with `./gradlew --no-daemon clean publishToMavenLocal --no-build-cache -Dmaven.repo.local=some-path/out/build2` second time pointing to a different local maven repository to publish +# 3. Compare the build results with sh ./ci/compare-build-results.sh some-path/out/build1 some-path/out/build2 +# 4. The generated .buildcompare file will also contain the diffscope commands to see/compare the problematic build artifacts + +outputDir1=$1 +outputDir2=$2 +outputDir1=${outputDir1%/} +outputDir2=${outputDir2%/} + +ok=() +okFiles=() +ko=() +koFiles=() + +for f in `find ${outputDir1} -type f | grep -v "javadoc.jar$" | grep -v "maven-metadata-local.xml$" | sort` +do + flocal=${f#$outputDir1} + # echo "comparing ${flocal}" + sha1=`shasum -a 512 $f | cut -f 1 -d ' '` + sha2=`shasum -a 512 $outputDir2$flocal | cut -f 1 -d ' '` + # echo "$sha1" + # echo "$sha2" + if [ "$sha1" = "$sha2" ]; then + ok+=($flocal) + okFiles+=(${flocal##*/}) + else + ko+=($flocal) + koFiles+=(${flocal##*/}) + fi +done + +# generate .buildcompare +buildcompare=".buildcompare" +echo "ok=${#ok[@]}" >> ${buildcompare} +echo "ko=${#ko[@]}" >> ${buildcompare} +echo "okFiles=\"${okFiles[@]}\"" >> ${buildcompare} +echo "koFiles=\"${koFiles[@]}\"" >> ${buildcompare} +echo "" >> ${buildcompare} +echo "# see what caused the mismatch in the checksum by executing the following diffscope commands" >> ${buildcompare} +for f in ${ko[@]} +do + echo "# diffoscope $outputDir1$f $outputDir2$f" >> ${buildcompare} +done + +if [ ${#ko[@]} -eq 0 ]; then + exit 0 +else + exit 1 +fi diff --git a/hibernate-reactive-core/build.gradle b/hibernate-reactive-core/build.gradle index 36ec04d3d..2276f4009 100644 --- a/hibernate-reactive-core/build.gradle +++ b/hibernate-reactive-core/build.gradle @@ -80,6 +80,15 @@ dependencies { testImplementation "org.testcontainers:oracle-xe:${testcontainersVersion}" } +// Reproducible Builds + +// https://docs.gradle.org/current/userguide/working_with_files.html#sec:reproducible_archives +// Configure archive tasks to produce reproducible archives: +tasks.withType(AbstractArchiveTask).configureEach { + preserveFileTimestamps = false + reproducibleFileOrder = true +} + // Print a summary of the results of the tests (number of failures, successes and skipped) def loggingSummary(db, result, desc) { if ( !desc.parent ) { // will match the outermost suite