diff --git a/Makefile-tests.am b/Makefile-tests.am index c99a7ede..295c734e 100644 --- a/Makefile-tests.am +++ b/Makefile-tests.am @@ -69,6 +69,7 @@ _installed_or_uninstalled_test_scripts = \ tests/test-remote-add.sh \ tests/test-remote-headers.sh \ tests/test-commit-sign.sh \ + tests/test-commit-timestamp.sh \ tests/test-export.sh \ tests/test-help.sh \ tests/test-libarchive.sh \ diff --git a/src/libostree/ostree-repo-commit.c b/src/libostree/ostree-repo-commit.c index ffd8319f..c07526fc 100644 --- a/src/libostree/ostree-repo-commit.c +++ b/src/libostree/ostree-repo-commit.c @@ -3020,6 +3020,10 @@ create_empty_gvariant_dict (void) * * Write a commit metadata object, referencing @root_contents_checksum * and @root_metadata_checksum. + * This uses the current time as the commit timestamp, but it can be + * overridden with an explicit timestamp via the + * [standard](https://reproducible-builds.org/specs/source-date-epoch/) + * `SOURCE_DATE_EPOCH` environment flag. */ gboolean ostree_repo_write_commit (OstreeRepo *self, @@ -3032,9 +3036,26 @@ ostree_repo_write_commit (OstreeRepo *self, GCancellable *cancellable, GError **error) { - g_autoptr(GDateTime) now = g_date_time_new_now_utc (); + gint64 timestamp = 0; + const gchar *env_timestamp = g_getenv ("SOURCE_DATE_EPOCH"); + if (env_timestamp == NULL) + { + g_autoptr(GDateTime) now = g_date_time_new_now_utc (); + timestamp = g_date_time_to_unix (now); + } + else + { + gchar *ret = NULL; + errno = 0; + timestamp = g_ascii_strtoll (env_timestamp, &ret, 10); + if (errno != 0) + return glnx_throw_errno_prefix (error, "Parsing SOURCE_DATE_EPOCH"); + if (ret == env_timestamp) + return glnx_throw (error, "Failed to convert SOURCE_DATE_EPOCH"); + } + return ostree_repo_write_commit_with_time (self, parent, subject, body, - metadata, root, g_date_time_to_unix (now), + metadata, root, timestamp, out_commit, cancellable, error); } diff --git a/tests/test-commit-timestamp.sh b/tests/test-commit-timestamp.sh new file mode 100755 index 00000000..7dbdbdfc --- /dev/null +++ b/tests/test-commit-timestamp.sh @@ -0,0 +1,45 @@ +#!/usr/bin/env bash +# +# SPDX-License-Identifier: LGPL-2.0+ + +set -euo pipefail + +. $(dirname $0)/libtest.sh +TZ='UTC' +LANG='C' + +echo "1..2" + +# Explicit timestamp via CLI flag. +mkdir testrepo +ostree_repo_init testrepo --mode="archive" +mkdir testrepo-files +cd testrepo-files +echo first > firstfile +cd .. +${CMD_PREFIX} ostree --repo=./testrepo commit -b cli --timestamp='@1234567890' -s "cli timestamp" +${CMD_PREFIX} ostree --repo=./testrepo show cli > show-cli.txt +rm -rf testrepo testrepo-files +assert_file_has_content_literal show-cli.txt 'Date: 2009-02-13 23:31:30 +0000' +echo "ok commit with CLI timestamp" + +# Reproducible timestamp via env flag. +mkdir testrepo +ostree_repo_init testrepo --mode="archive" +mkdir testrepo-files +cd testrepo-files +echo first > firstfile +cd .. +${CMD_PREFIX} SOURCE_DATE_EPOCH='1234567890' ostree --repo=./testrepo commit -b env -s "env timestamp" +if (${CMD_PREFIX} SOURCE_DATE_EPOCH='invalid' ostree --repo=./testrepo commit -b env -s "invalid timestamp") 2> commit-invalid.txt; then + assert_not_reached "commit with invalid timestamp succeeded" +fi +if (${CMD_PREFIX} SOURCE_DATE_EPOCH='12345678901234567890' ostree --repo=./testrepo commit -b env -s "overflowing timestamp") 2> commit-overflowing.txt; then + assert_not_reached "commit with overflowing timestamp succeeded" +fi +${CMD_PREFIX} ostree --repo=./testrepo show env > show-env.txt +rm -rf testrepo testrepo-files +assert_file_has_content_literal commit-invalid.txt 'Failed to convert SOURCE_DATE_EPOCH' +assert_file_has_content_literal commit-overflowing.txt 'Parsing SOURCE_DATE_EPOCH: Numerical result out of range' +assert_file_has_content_literal show-env.txt 'Date: 2009-02-13 23:31:30 +0000' +echo "ok commit with env timestamp"