From ea451dc16f33b0d9ce7d25aca0d8956bd69feef0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ra=C3=BAl=20Cumplido?= Date: Wed, 5 Nov 2025 10:21:48 +0100 Subject: [PATCH] Try reproducible builds on local host --- .../apache-arrow-apt-source/debian/rules | 2 ++ .../apache-arrow/apt/debian-trixie/Dockerfile | 1 + dev/tasks/linux-packages/apt/build.sh | 21 ++++++++++++++----- dev/tasks/linux-packages/package-task.rb | 4 +++- 4 files changed, 22 insertions(+), 6 deletions(-) diff --git a/dev/tasks/linux-packages/apache-arrow-apt-source/debian/rules b/dev/tasks/linux-packages/apache-arrow-apt-source/debian/rules index 1e3be48c315..2a3c14c558f 100755 --- a/dev/tasks/linux-packages/apache-arrow-apt-source/debian/rules +++ b/dev/tasks/linux-packages/apache-arrow-apt-source/debian/rules @@ -12,10 +12,12 @@ export DH_OPTIONS override_dh_auto_build: gpg \ --no-default-keyring \ + --homedir /tmp \ --keyring ./apache-arrow-apt-source.kbx \ --import KEYS gpg \ --no-default-keyring \ + --homedir /tmp \ --keyring ./apache-arrow-apt-source.kbx \ --armor \ --export > apache-arrow-apt-source.asc diff --git a/dev/tasks/linux-packages/apache-arrow/apt/debian-trixie/Dockerfile b/dev/tasks/linux-packages/apache-arrow/apt/debian-trixie/Dockerfile index 257d0056566..3c3c3a3ad9d 100644 --- a/dev/tasks/linux-packages/apache-arrow/apt/debian-trixie/Dockerfile +++ b/dev/tasks/linux-packages/apache-arrow/apt/debian-trixie/Dockerfile @@ -39,6 +39,7 @@ RUN \ apt install -y -V ${quiet} \ base-files \ build-essential \ + ccache \ clang \ cmake \ debhelper \ diff --git a/dev/tasks/linux-packages/apt/build.sh b/dev/tasks/linux-packages/apt/build.sh index bc4c61e6221..d842efa9618 100755 --- a/dev/tasks/linux-packages/apt/build.sh +++ b/dev/tasks/linux-packages/apt/build.sh @@ -20,7 +20,10 @@ LANG=C -set -u +set -ux + +# Set consistent umask for reproducible file permissions +umask 0022 run() { @@ -48,8 +51,9 @@ architecture=$(dpkg-architecture -q DEB_BUILD_ARCH) debuild_options=() dpkg_buildpackage_options=(-us -uc) -run mkdir -p /build -run cd /build +build_root_dir="/build" +run mkdir -p "${build_root_dir}" +run pushd "${build_root_dir}" find . -not -path ./ccache -a -not -path "./ccache/*" -delete if which ccache > /dev/null 2>&1; then export CCACHE_COMPILERCHECK=content @@ -67,6 +71,9 @@ if which ccache > /dev/null 2>&1; then debuild_options+=(--prepend-path=/usr/lib/ccache) fi fi +build_dir="${build_root_dir}/build-${PACKAGE}-${VERSION}" +run mkdir -p "${build_dir}" +run pushd "${build_dir}" run cp /host/tmp/${PACKAGE}-${VERSION}.tar.gz \ ${PACKAGE}_${VERSION}.orig.tar.gz run tar xfz ${PACKAGE}_${VERSION}.orig.tar.gz @@ -80,7 +87,7 @@ case "${VERSION}" in ${PACKAGE}-${VERSION} ;; esac -run cd ${PACKAGE}-${VERSION}/ +run pushd ${PACKAGE}-${VERSION}/ platform="${distribution}-${code_name}" if [ -d "/host/tmp/debian.${platform}-${architecture}" ]; then run cp -rp "/host/tmp/debian.${platform}-${architecture}" debian @@ -102,7 +109,7 @@ df -h if which ccache > /dev/null 2>&1; then ccache --show-stats --verbose || : fi -run cd - +run popd repositories="/host/repositories" package_initial=$(echo "${PACKAGE}" | sed -e 's/\(.\).*/\1/') @@ -116,3 +123,7 @@ run \ -exec cp '{}' "${pool_dir}/" ';' run chown -R "$(stat --format "%u:%g" "${repositories}")" "${repositories}" +run find "${repositories}" + +run popd +rm -rf "${build_dir}" diff --git a/dev/tasks/linux-packages/package-task.rb b/dev/tasks/linux-packages/package-task.rb index 4096c89463e..d964a52dd37 100644 --- a/dev/tasks/linux-packages/package-task.rb +++ b/dev/tasks/linux-packages/package-task.rb @@ -150,7 +150,9 @@ def docker_run(os, architecture, console: false) end pass_through_env_names = [ "DEB_BUILD_OPTIONS", + "HOME", "RPM_BUILD_NCPUS", + "TZ", ] pass_through_env_names.each do |name| value = ENV[name] @@ -188,7 +190,7 @@ def docker_run(os, architecture, console: false) run_command_line << image run_command_line << "/host/build.sh" unless console - sh(*build_command_line) + sh(*build_command_line) if Dir.exist?(ENV["HOME"]) sh(*run_command_line) end