summaryrefslogtreecommitdiffstats
path: root/scripts/debrepro.pod
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-06 00:39:23 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-06 00:39:23 +0000
commite3b16b3856bdd5c1645f4609d61bf5a16c026930 (patch)
treed9def3b6f6f46b166fc6f516775350fedeefbef6 /scripts/debrepro.pod
parentInitial commit. (diff)
downloaddevscripts-upstream/2.19.5+deb10u1.tar.xz
devscripts-upstream/2.19.5+deb10u1.zip
Adding upstream version 2.19.5+deb10u1.upstream/2.19.5+deb10u1upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'scripts/debrepro.pod')
-rw-r--r--scripts/debrepro.pod152
1 files changed, 152 insertions, 0 deletions
diff --git a/scripts/debrepro.pod b/scripts/debrepro.pod
new file mode 100644
index 0000000..edf8d92
--- /dev/null
+++ b/scripts/debrepro.pod
@@ -0,0 +1,152 @@
+=head1 NAME
+
+debrepro - reproducibility tester for Debian packages
+
+=head1 SYNOPSIS
+
+B<debrepro> [I<OPTIONS>] [I<SOURCEDIR>]
+
+=head1 DESCRIPTION
+
+B<debrepro> will build a given source directory twice, with a set of
+variations between the first and the second build, and compare the
+produced binary packages. If B<diffoscope> is installed, it is used to
+compare non-matching binaries. If B<disorderfs> is installed, it is used
+during the build to inject non-determinism in filesystem listing
+operations.
+
+I<SOURCEDIR> must be a directory containing an unpacked Debian source
+package. If I<SOURCEDIR> is omitted, the current directory is assumed.
+
+=head1 OUTPUT DIRECTORY
+
+At the very end of a build, B<debrepro> will inform the location of the
+output directory where the build artifacts can be found. In that
+directory, you will find:
+
+=over
+
+=item I<$OUTPUTDIR/first>
+
+Contains the results of the first build, including a copy of the source
+tree, and the resulting binary packages.
+
+=item I<$OUTPUTDIR/first/build.sh>
+
+Contains the exact build script that was used in the first build.
+
+=item I<$OUTPUTDIR/second>
+
+Contains the results of the second build, including a copy of the source tree,
+and the resulting binary packages.
+
+=item I<$OUTPUTDIR/second/build.sh>
+
+Contains the exact build script that was used in the second build.
+
+=back
+
+Taking a B<diff(1)> between I<$OUTPUTDIR/first/build.sh> and
+I<$OUTPUTDIR/second/build.sh> is an excellent way of figuring out
+exactly what changed between the two builds.
+
+=head1 SUPPORTED VARIATIONS
+
+=over
+
+=item B<user>
+
+The I<$USER> environment variable will contain different values between the
+first and second builds.
+
+=item B<path>
+
+During the second build, a fake, non-existing directory will be appended to the
+I<$PATH> environment variable.
+
+=item B<umask>
+
+The builds will use different umask settings.
+
+=item B<locale>
+
+Both I<$LC_ALL> and I<$LANG> will be different across the two builds.
+
+=item B<timezone>
+
+I<$TZ> will be different across builds.
+
+=item B<filesystem-ordering>
+
+If B<disorderfs> is installed, both builds will be done under a disorderfs
+overlay directory. This will cause filesystem listing operations to be return
+items in a non-deterministic order.
+
+=item B<time>
+
+The second build will be executed 213 days, 7 hours and 13 minutes in the
+future with regards to the current time (using B<faketime(1)>).
+
+=back
+
+=head1 OPTIONS
+
+=over
+
+=item -s VARIATION, --skip VARIATION
+
+Don't perform the named VARIATION. Variation names are the ones used in
+their description in section B<SUPPORTED VARIATIONS>.
+
+=item -b COMMAND, --before-second-build COMMAND
+
+Run COMMAND before performing the second build. This can be used for
+example to apply a patch to a source tree for the second build, and
+check whether (or how) the resulting binaries are affected.
+
+Examples:
+
+ $ debrepro --before-second-build "git checkout branch-with-changes"
+
+ $ debrepro --before-second-build "patch -p1 < /path/to/patch"
+
+=item -h, --help
+
+Display this help message and exit.
+
+=back
+
+=head1 EXIT STATUS
+
+=over
+
+=item 0Z<>
+
+Package is reproducible.
+
+Reproducible here means that the two builds produced the exactly the
+same binaries, under the set of variations that B<debrepro> tests. Other
+sources of non-determinism in builds that are not yet tested might still
+affect builds in the wild.
+
+=item 1Z<>
+
+Package is not reproducible.
+
+=item 2Z<>
+
+The given input is not a valid Debian source package.
+
+=item 3Z<>
+
+Required programs are missing.
+
+=back
+
+=head1 SEE ALSO
+
+diffoscope (1), disorderfs (1),
+
+=head1 AUTHOR
+
+Antonio Terceiro <terceiro@debian.org>.