From 42acf6657cc0f7a77a174659d070df3e3970ceb6 Mon Sep 17 00:00:00 2001 From: kruskal <99559985+kruskall@users.noreply.github.com> Date: Sat, 16 Jul 2022 01:28:54 +0200 Subject: [PATCH 1/3] feat: add support for reproducible builds Add support for SOURCE_DATE_EPOCH to avoid timestamp and timezones issues. See https://reproducible-builds.org/specs/source-date-epoch/ Make sure zip entries have a consistent mtime and strip extra attributes. See https://reproducible-builds.org/docs/archives/ Zip archives are now reproducible by default. Update script to use the make task and avoid calling zip directly. --- apm-lambda-extension/Makefile | 10 +++++++++- apm-lambda-extension/build.sh | 2 +- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/apm-lambda-extension/Makefile b/apm-lambda-extension/Makefile index 32e13fc3..f447d28c 100644 --- a/apm-lambda-extension/Makefile +++ b/apm-lambda-extension/Makefile @@ -5,6 +5,10 @@ DOCKER_IMAGE_NAME = observability/apm-lambda-extension DOCKER_REGISTRY = docker.elastic.co AGENT_VERSION = $(shell echo $${BRANCH_NAME} | cut -f 2 -d 'v') +# Add support for SOURCE_DATE_EPOCH and reproducble buils +# See https://reproducible-builds.org/specs/source-date-epoch/ +SOURCE_DATE_EPOCH ?= 0 + ifndef GOARCH GOARCH=amd64 endif @@ -57,7 +61,11 @@ endif GOARCH=${GOARCH} make zip $(MAKE) publish zip: - cd bin && rm -f extension.zip || true && zip -r extension.zip extensions NOTICE.txt dependencies.asciidoc && cp extension.zip ${GOARCH}.zip + cd bin \ + && rm -f extension.zip || true \ + && find extensions NOTICE.txt dependencies.asciidoc | xargs touch -d @$(SOURCE_DATE_EPOCH) \ + && zip -X -r extension.zip extensions NOTICE.txt dependencies.asciidoc \ + && cp extension.zip ${GOARCH}.zip test: go test extension/*.go -v env: diff --git a/apm-lambda-extension/build.sh b/apm-lambda-extension/build.sh index 2da77455..a1e43469 100755 --- a/apm-lambda-extension/build.sh +++ b/apm-lambda-extension/build.sh @@ -1,7 +1,7 @@ #!/bin/sh # build the go extension, and then zip up -make all && cd bin && zip -r extension.zip extensions +make all && make zip # then run this command with amazon stuff exported From 5b7b79fefac59c3bb03da06463cfc846f7004276 Mon Sep 17 00:00:00 2001 From: Joseph Kruskal <99559985+kruskall@users.noreply.github.com> Date: Wed, 20 Jul 2022 16:20:29 +0200 Subject: [PATCH 2/3] refactor: remove unused conditional Co-authored-by: Andrew Wilkins --- apm-lambda-extension/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apm-lambda-extension/Makefile b/apm-lambda-extension/Makefile index f447d28c..13422978 100644 --- a/apm-lambda-extension/Makefile +++ b/apm-lambda-extension/Makefile @@ -62,7 +62,7 @@ endif $(MAKE) publish zip: cd bin \ - && rm -f extension.zip || true \ + && rm -f extension.zip \ && find extensions NOTICE.txt dependencies.asciidoc | xargs touch -d @$(SOURCE_DATE_EPOCH) \ && zip -X -r extension.zip extensions NOTICE.txt dependencies.asciidoc \ && cp extension.zip ${GOARCH}.zip From 4e34f4d8f7845a64eb7a3faf28cae75676508ba9 Mon Sep 17 00:00:00 2001 From: kruskal <99559985+kruskall@users.noreply.github.com> Date: Wed, 20 Jul 2022 16:25:15 +0200 Subject: [PATCH 3/3] feat: default SOURCE_DATE_EPOCH to the last commit timestamp --- apm-lambda-extension/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apm-lambda-extension/Makefile b/apm-lambda-extension/Makefile index 13422978..1e5bdc2e 100644 --- a/apm-lambda-extension/Makefile +++ b/apm-lambda-extension/Makefile @@ -7,7 +7,7 @@ AGENT_VERSION = $(shell echo $${BRANCH_NAME} | cut -f 2 -d 'v') # Add support for SOURCE_DATE_EPOCH and reproducble buils # See https://reproducible-builds.org/specs/source-date-epoch/ -SOURCE_DATE_EPOCH ?= 0 +SOURCE_DATE_EPOCH ?= $(shell git log -1 --pretty=%ct) ifndef GOARCH GOARCH=amd64