From 922f670b42ac4fa6812bca17687cb7fa22cd1c38 Mon Sep 17 00:00:00 2001 From: Holger Levsen Date: Fri, 12 Jun 2015 15:14:41 +0200 Subject: reproducible OpenWRT: initial test --- bin/reproducible_openwrt.sh | 149 ++++++++++++++++++++++++++------------------ 1 file changed, 89 insertions(+), 60 deletions(-) (limited to 'bin/reproducible_openwrt.sh') diff --git a/bin/reproducible_openwrt.sh b/bin/reproducible_openwrt.sh index 322c5e39..82e8bc34 100755 --- a/bin/reproducible_openwrt.sh +++ b/bin/reproducible_openwrt.sh @@ -22,6 +22,7 @@ create_results_dirs() { } call_debbindiff() { + mkdir -p $TMPDIR/$1 local TMPLOG=(mktemp --tmpdir=$TMPDIR) local msg="" set +e @@ -29,9 +30,9 @@ call_debbindiff() { --directory $TMPDIR \ -c source:jenkins-reproducible-${DBDSUITE}-debbindiff \ debbindiff -- \ - --html $TMPDIR/$1.html \ - $TMPDIR/b1/$1/openwrt.rom \ - $TMPDIR/b2/$1/openwrt.rom 2>&1 \ + --html $TMPDIR/$1/$2.html \ + $TMPDIR/b1/$1/$2 \ + $TMPDIR/b2/$1/$2 2>&1 \ ) 2>&1 >> $TMPLOG RESULT=$? if ! "$DEBUG" ; then set +x ; fi @@ -39,27 +40,27 @@ call_debbindiff() { cat $TMPLOG # print dbd output rm -f $TMPLOG case $RESULT in - 0) echo "$(date -u) - $1/openwrt.rom is reproducible, yay!" + 0) echo "$(date -u) - $1/$2 is reproducible, yay!" ;; 1) - echo "$(date -u) - $DBDVERSION found issues, please investigate $1/openwrt.rom" + echo "$(date -u) - $DBDVERSION found issues, please investigate $1/$2" ;; 2) - msg="$(date -u) - $DBDVERSION had trouble comparing the two builds. Please investigate $1/openwrt.rom" + msg="$(date -u) - $DBDVERSION had trouble comparing the two builds. Please investigate $1/$2" ;; 124) if [ ! -s $TMPDIR/$1.html ] ; then - msg="$(date -u) - $DBDVERSION produced no output for $1/openwrt.rom and was killed after running into timeout after ${TIMEOUT}..." + msg="$(date -u) - $DBDVERSION produced no output for $1/$2 and was killed after running into timeout after ${TIMEOUT}..." else - msg="$DBDVERSION was killed after running into timeout after $TIMEOUT, but there is still $TMPDIR/$1.html" + msg="$DBDVERSION was killed after running into timeout after $TIMEOUT, but there is still $TMPDIR/$1/$2.html" fi ;; *) - msg="$(date -u) - Something weird happened when running $DBDVERSION on $1/openwrt.rom (which exited with $RESULT) and I don't know how to handle it." + msg="$(date -u) - Something weird happened when running $DBDVERSION on $1/$2 (which exited with $RESULT) and I don't know how to handle it." ;; esac if [ ! -z $msg ] ; then - echo $msg | tee -a $TMPDIR/$1.html + echo $msg | tee -a $TMPDIR/$1/$2.html fi } @@ -96,14 +97,22 @@ make -j $NUM_CPU tools/install # create html about toolchain used # TOOLCHAIN_HTML=$(mktemp) -echo "" > $TOOLCHAIN_HTML +TARGET=$(ls -1d staging_dir/toolchain*|cut -d "-" -f2-) +echo "
Debian $(cat /etc/debian_version) package on $(dpkg --print-architecture)installed version
" > $TOOLCHAIN_HTML +for i in $(ls -1 build_dir/host/) ; do + echo " " >> $TOOLCHAIN_HTML +echo "
Contents of 
build_dir/host/
$i
" >> $TOOLCHAIN_HTML +echo "" >> $TOOLCHAIN_HTML +for i in $(ls -1 dl/) ; do + echo " " >> $TOOLCHAIN_HTML +echo "
Downloaded software built for 
$TARGET
$i
" >> $TOOLCHAIN_HTML +echo "" >> $TOOLCHAIN_HTML for i in gcc binutils bzip2 flex python perl make findutils grep diff unzip gawk util-linux zlib1g-dev libc6-dev git subversion ; do echo " " >> $TOOLCHAIN_HTML done echo "
Debian $(cat /etc/debian_version) package on $(dpkg --print-architecture)installed version
$i" >> $TOOLCHAIN_HTML dpkg -s $i|grep '^Version'|cut -d " " -f2 >> $TOOLCHAIN_HTML echo "
" >> $TOOLCHAIN_HTML -cd ../../.. echo "=============================================================================" echo "$(date -u) - Building openwrt ${OPENWRT_VERSION} images now - first build run." @@ -116,19 +125,30 @@ nice ionice -c 3 \ make -j $NUM_CPU package/cleanup nice ionice -c 3 \ make -j $NUM_CPU package/compile +nice ionice -c 3 \ + make -j $NUM_CPU package/install +nice ionice -c 3 \ + make -j $NUM_CPU target/install +nice ionice -c 3 \ + make -j $NUM_CPU package/index -cd openwrt-builds +cd bin for i in * ; do - # abuild and sharedutils are build results but not the results we are looking for... - if [ "$i" != "abuild" ] && [ "$i" != "sharedutils" ] ; then - mkdir $TMPDIR/b1/$i - if [ -f $i/openwrt.rom ] ; then - cp -p $i/openwrt.rom $TMPDIR/b1/$i/ - fi - fi + cd $i + mkdir $TMPDIR/b1/$i + for j in $(find . -name "*.bin") ; do + cp -p $j $TMPDIR/b1/$i/ + done + cd .. done cd .. -rm openwrt-builds -rf +rm bin -r + +# +# clean up between builds +# +rm staging_dir -r +rm target -r echo "=============================================================================" echo "$(date -u) - Building openwrt images now - second build run." @@ -150,6 +170,15 @@ nice ionice -c 3 \ nice ionice -c 3 \ linux64 --uname-2.6 \ make -j $NEW_NUM_CPU package/compile +nice ionice -c 3 \ + linux64 --uname-2.6 \ + make -j $NEW_NUM_CPU package/install +nice ionice -c 3 \ + linux64 --uname-2.6 \ + make -j $NEW_NUM_CPU target/install +nice ionice -c 3 \ + linux64 --uname-2.6 \ + make -j $NEW_NUM_CPU package/index # reset environment to default values again export LANG="en_GB.UTF-8" @@ -158,15 +187,17 @@ export TZ="/usr/share/zoneinfo/UTC" export PATH="/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:" umask 0022 -cd openwrt-builds +cd bin for i in * ; do - if [ -f $i/openwrt.rom ] ; then - mkdir $TMPDIR/b2/$i - cp -p $i/openwrt.rom $TMPDIR/b2/$i/ - fi + cd $i + mkdir $TMPDIR/b2/$i + for j in $(find . -name "*.bin") ; do + cp -p $j $TMPDIR/b2/$i/ + done + cd .. done cd .. -rm openwrt-builds -r +rm bin -r # run debbindiff on the results TIMEOUT="30m" @@ -175,36 +206,34 @@ DBDVERSION="$(schroot --directory /tmp -c source:jenkins-reproducible-${DBDSUITE echo "=============================================================================" echo "$(date -u) - Running $DBDVERSION on openwrt images now" echo "=============================================================================" -ROMS_HTML=$(mktemp) -echo " " >> $IMAGES_HTML +GOOD_PERCENT=$(echo "scale=1 ; ($GOOD_IMAGES*100/$ALL_IMAGES)" | bc) # # finally create the webpage @@ -218,40 +247,40 @@ cat > $PAGE <<- EOF openwrt - +

 

-

openwrt
+

openwrt logo

- openwrt™: fast, flexible and reproducible Open Source firmware? + OpenWRT: reproducible wireless freedom?

EOF write_page "

Reproducible OpenWRT

" write_page "

Reproducible builds enable anyone to reproduce bit by bit identical binary packages from a given source, so that anyone can verify that a given binary derived from the source it was said to be derived. There is a lot more information about reproducible builds on the Debian wiki and on https://reproducible.debian.net. The wiki has a lot more information, eg. why this is useful, what common issues exist and which workarounds and solutions are known.
" -write_page " Reproducible OpenWRT is an effort to apply this to openwrt. Thus each openwrt.rom is build twice (without payloads), with a few varitations added and then those two ROMs are compared using debbindiff. Please note that the toolchain is not varied at all as the rebuild happens on exactly the same system. More variations are expected to be seen in the wild.

" -write_page "

There is a monthly run jenkins job to test the master branch of openwrt.git. Currently this job is triggered more often though, because this is still under development and brand new. The jenkins job is simply running reproducible_openwrt.sh in a Debian environemnt and this script is solely responsible for creating this page. Feel invited to join #debian-reproducible (on irc.oftc.net) to request job runs whenever sensible. Patches and other feedback are very much appreciated!

" -write_page "

$GOOD_ROMS ($GOOD_PERCENT%) out of $ALL_ROMS built openwrt images were reproducible in our test setup, while $BAD_ROMS ($BAD_PERCENT%) failed to build from source." +write_page " Reproducible OpenWRT is an effort to apply this to OpenWRT. Thus each OpenWR target is build twice, with a few varitations added and then the resulting images from the two builds are compared using debbindiff. Please note that the toolchain is not varied at all as the rebuild happens on exactly the same system. More variations are expected to be seen in the wild.

" +write_page "

There is a monthly run jenkins job to test the master branch of openwrt.git. Currently this job is triggered more often though, because this is still under development and brand new. The jenkins job is simply running reproducible_openwrt.sh in a Debian environemnt and this script is solely responsible for creating this page. Feel invited to join #debian-reproducible (on irc.oftc.net) to request job runs whenever sensible. Patches and other feedback are very much appreciated!

" +write_page "

$GOOD_IMAGES ($GOOD_PERCENT%) out of $ALL_IMAGES built openwrt images were reproducible in our test setup." write_page " These tests were last run on $DATE for version ${OPENWRT_VERSION}.

" write_explaination_table openwrt -cat $ROMS_HTML >> $PAGE +cat $IMAGES_HTML >> $PAGE write_page " 

"
 echo -n "$OPENWRT" >> $PAGE
 write_page "

" cat $TOOLCHAIN_HTML >> $PAGE write_page "
" -write_page_footer openwrt +write_page_footer OpenWRT publish_page -rm -f $ROMS_HTML $TOOLCHAIN_HTML +rm -f $IMAGES_HTML $TOOLCHAIN_HTML # the end calculate_build_duration print_out_duration -irc_message "$REPRODUCIBLE_URL/openwrt/ has been updated." +irc_message "$REPRODUCIBLE_URL/openwrt/ has been updated. ($GOOD_PERCENT% reproducible)" echo "=============================================================================" # remove everything, we don't need it anymore... -- cgit v1.2.3-54-g00ecf