build: add CONFIG_APP_REPRODUCIBLE_BUILD menuconfig option to produce reproducible binaries

This commit is contained in:
Fu Hanxi 2021-10-09 15:42:14 +08:00
parent a65de0ab1f
commit 9919b75ec1
8 changed files with 63 additions and 2 deletions

View File

@ -64,6 +64,23 @@ test_ldgen_on_host:
variables: variables:
LC_ALL: C.UTF-8 LC_ALL: C.UTF-8
test_reproducible_build:
extends: .host_test_template
script:
- ./tools/ci/test_reproducible_build.sh
artifacts:
when: on_failure
paths:
- "**/sdkconfig"
- "**/build*/*.bin"
- "**/build*/*.elf"
- "**/build*/*.map"
- "**/build*/flasher_args.json"
- "**/build*/*.bin"
- "**/build*/bootloader/*.bin"
- "**/build*/partition_table/*.bin"
expire_in: 1 week
.host_fuzzer_test_template: .host_fuzzer_test_template:
extends: extends:
- .host_test_template - .host_test_template

View File

@ -131,6 +131,8 @@
- "tools/detect_python.sh" - "tools/detect_python.sh"
- "tools/detect_python.fish" - "tools/detect_python.fish"
- "tools/ci/test_reproducible_build.sh"
.patterns-windows: &patterns-windows .patterns-windows: &patterns-windows
- "tools/windows/**/*" - "tools/windows/**/*"

View File

@ -147,7 +147,13 @@ endif()
if(NOT ${CMAKE_C_COMPILER_VERSION} VERSION_LESS 8.0.0) if(NOT ${CMAKE_C_COMPILER_VERSION} VERSION_LESS 8.0.0)
if(CONFIG_COMPILER_HIDE_PATHS_MACROS) if(CONFIG_COMPILER_HIDE_PATHS_MACROS)
list(APPEND compile_options "-fmacro-prefix-map=${CMAKE_SOURCE_DIR}=.") list(APPEND compile_options "-fmacro-prefix-map=${CMAKE_SOURCE_DIR}=.")
list(APPEND compile_options "-fmacro-prefix-map=${IDF_PATH}=IDF") list(APPEND compile_options "-fmacro-prefix-map=${IDF_PATH}=/IDF")
endif()
if(CONFIG_APP_REPRODUCIBLE_BUILD)
list(APPEND compile_options "-fdebug-prefix-map=${IDF_PATH}=/IDF")
list(APPEND compile_options "-fdebug-prefix-map=${PROJECT_DIR}=/IDF_PROJECT")
list(APPEND compile_options "-fdebug-prefix-map=${BUILD_DIR}=/IDF_BUILD")
endif() endif()
endif() endif()

View File

@ -201,6 +201,13 @@ mainmenu "Espressif IoT Development Framework Configuration"
config APP_BUILD_USE_FLASH_SECTIONS config APP_BUILD_USE_FLASH_SECTIONS
bool # Whether to place code/data into memory-mapped flash sections bool # Whether to place code/data into memory-mapped flash sections
config APP_REPRODUCIBLE_BUILD
bool "Enable reproducible build"
default n
select COMPILER_HIDE_PATHS_MACROS
help
If enabled, all date, time, and path information would be eliminated.
endmenu # Build type endmenu # Build type
source "$COMPONENT_KCONFIGS_PROJBUILD_SOURCE_FILE" source "$COMPONENT_KCONFIGS_PROJBUILD_SOURCE_FILE"

View File

@ -32,7 +32,7 @@ const __attribute__((section(".rodata_desc"))) esp_app_desc_t esp_app_desc = {
.secure_version = 0, .secure_version = 0,
#endif #endif
#ifdef CONFIG_APP_COMPILE_TIME_DATE #if defined(CONFIG_APP_COMPILE_TIME_DATE) && !defined(CONFIG_APP_REPRODUCIBLE_BUILD)
.time = __TIME__, .time = __TIME__,
.date = __DATE__, .date = __DATE__,
#else #else

View File

@ -91,5 +91,7 @@ void bootloader_enable_random(void)
void bootloader_print_banner(void) void bootloader_print_banner(void)
{ {
ESP_LOGI(TAG, "ESP-IDF %s 2nd stage bootloader", IDF_VER); ESP_LOGI(TAG, "ESP-IDF %s 2nd stage bootloader", IDF_VER);
#ifndef CONFIG_APP_REPRODUCIBLE_BUILD
ESP_LOGI(TAG, "compile time " __TIME__); ESP_LOGI(TAG, "compile time " __TIME__);
#endif
} }

View File

@ -67,6 +67,7 @@ tools/ci/test_build_system.sh
tools/ci/test_build_system_cmake.sh tools/ci/test_build_system_cmake.sh
tools/ci/test_check_kconfigs.py tools/ci/test_check_kconfigs.py
tools/ci/test_configure_ci_environment.sh tools/ci/test_configure_ci_environment.sh
tools/ci/test_reproducible_build.sh
tools/cmake/convert_to_cmake.py tools/cmake/convert_to_cmake.py
tools/docker/entrypoint.sh tools/docker/entrypoint.sh
tools/docker/hooks/build tools/docker/hooks/build

View File

@ -0,0 +1,26 @@
#!/usr/bin/env bash
set -euo
for path in \
"examples/get-started/hello_world" \
"examples/bluetooth/nimble/blecent"; do
cd "${IDF_PATH}/${path}"
echo "CONFIG_APP_REPRODUCIBLE_BUILD=y" >>sdkconfig.defaults
rm -f sdkconfig
idf.py -B build_first fullclean build
idf.py -B build_second fullclean build
for item in \
"partition_table/partition-table.bin" \
"bootloader/bootloader.bin" \
"bootloader/bootloader.elf" \
"bootloader/bootloader.map" \
"*.bin" \
"*.elf" \
"*.map"; do
diff -s build_first/${item} build_second/${item} # use glob, don't use double quotes
done
done