me/guix
Archived
1
0
Fork 0
Code Activity

gnu: icedtea-8: Build "out" reproducibly.

Browse source 
Partially fixes <https://bugs.gnu.org/30730>.

* gnu/packages/java.scm (icedtea-8)[arguments]: Add phases
"patch-keystore" and "strip-jar-timestamps".
[source]: Also patch DIST_ID in "configure" script.
This commit is contained in:
Ricardo Wurmus 2018-03-10 18:35:31 +01:00
parent 387428def1
commit f2785bd657
No known key found for this signature in database
GPG key ID: 197A5888235FACAC
1 changed files with 86 additions and 60 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

32
gnu/packages/java.scm
View file

@ -1591,7 +1591,8 @@ IcedTea build harness.")
(modules '((guix build utils))) (modules '((guix build utils)))
(snippet (snippet
'(begin '(begin
(substitute* "acinclude.m4" (substitute* '("configure"
"acinclude.m4")
;; Do not embed build time ;; Do not embed build time
(("(DIST_ID=\"Custom build).*$" _ prefix) (("(DIST_ID=\"Custom build).*$" _ prefix)
(string-append prefix "\"\n")) (string-append prefix "\"\n"))
@ -1600,7 +1601,19 @@ IcedTea build harness.")
"DIST_NAME=\"guix\"")) "DIST_NAME=\"guix\""))
#t)))) #t))))
(arguments (arguments
(substitute-keyword-arguments (package-arguments icedtea-7) `(#:imported-modules
((guix build ant-build-system)
(guix build syscalls)
,@%gnu-build-system-modules)
,@(substitute-keyword-arguments (package-arguments icedtea-7)
((#:modules modules)
`((guix build utils)
(guix build gnu-build-system)
((guix build ant-build-system) #:prefix ant:)
(ice-9 match)
(ice-9 popen)
(srfi srfi-19)
(srfi srfi-26)))
((#:configure-flags flags) ((#:configure-flags flags)
`(let ((jdk (assoc-ref %build-inputs "jdk"))) `(let ((jdk (assoc-ref %build-inputs "jdk")))
`( ;;"--disable-bootstrap" `( ;;"--disable-bootstrap"
@ -1618,6 +1631,17 @@ IcedTea build harness.")
(delete 'patch-paths) (delete 'patch-paths)
(delete 'set-additional-paths) (delete 'set-additional-paths)
(delete 'patch-patches) (delete 'patch-patches)
;; Prevent the keytool from recording the current time when
;; adding certificates at build time.
(add-after 'unpack 'patch-keystore
(lambda _
(substitute* "openjdk.src/jdk/src/share/classes/sun/security/provider/JavaKeyStore.java"
(("date = new Date\\(\\);")
"\
date = (System.getenv(\"SOURCE_DATE_EPOCH\") != null) ?\
new Date(Long.parseLong(System.getenv(\"SOURCE_DATE_EPOCH\"))) :\
new Date();"))
#t))
(add-after 'unpack 'patch-jni-libs (add-after 'unpack 'patch-jni-libs
;; Hardcode dynamically loaded libraries. ;; Hardcode dynamically loaded libraries.
(lambda _ (lambda _
@ -1658,7 +1682,9 @@ IcedTea build harness.")
;; support via NSS. ;; support via NSS.
(copy-file (string-append jdk "/jre/lib/security/nss.cfg") (copy-file (string-append jdk "/jre/lib/security/nss.cfg")
(string-append jre "/lib/security/nss.cfg")) (string-append jre "/lib/security/nss.cfg"))
#t))))))) #t)))
(add-after 'install 'strip-jar-timestamps
(assoc-ref ant:%standard-phases 'strip-jar-timestamps)))))))
(native-inputs (native-inputs
`(("jdk" ,icedtea-7 "jdk") `(("jdk" ,icedtea-7 "jdk")
("openjdk-src" ("openjdk-src"