From aec6bd0169bb855a3ec70f5edec0701d0a66ce9d Mon Sep 17 00:00:00 2001 From: Marius Bakke Date: Thu, 16 Dec 2021 19:06:35 +0100 Subject: chromium-extension: Build .crx files in a deterministic fashion. * gnu/build/chromium-extension.scm (make-crx): Pass #:keep-mtime? #t to COPY-RECURSIVELY. Remove defunct FAKETIME workaround. While at it, pack the extension in the scratch working directory instead of the transient store-mapped /tmp. --- gnu/build/chromium-extension.scm | 17 ++++++----------- 1 file changed, 6 insertions(+), 11 deletions(-) (limited to 'gnu/build') diff --git a/gnu/build/chromium-extension.scm b/gnu/build/chromium-extension.scm index 5bda8f84ce..656034b80f 100644 --- a/gnu/build/chromium-extension.scm +++ b/gnu/build/chromium-extension.scm @@ -19,8 +19,6 @@ (define-module (gnu build chromium-extension) #:use-module (guix gexp) #:use-module (guix packages) - #:use-module (gnu packages base) - #:use-module (gnu packages check) #:use-module (gnu packages chromium) #:use-module (gnu packages gnupg) #:use-module (gnu packages tls) @@ -77,20 +75,17 @@ in PACKAGE-OUTPUT of PACKAGE. The extension will be signed with SIGNING-KEY." (use-modules (guix build utils)) (let ((chromium #$(file-append ungoogled-chromium "/bin/chromium")) (xvfb #$(file-append xorg-server "/bin/Xvfb")) - (packdir "/tmp/extension")) - (mkdir-p (dirname packdir)) - (copy-recursively (ungexp package package-output) packdir) + (packdir (string-append (getcwd) "/extension"))) + (mkdir packdir) + (copy-recursively (ungexp package package-output) packdir + ;; Ensure consistent file modification times. + #:keep-mtime? #t) (system (string-append xvfb " :1 &")) (setenv "DISPLAY" ":1") (sleep 2) ;give Xorg some time to initialize... ;; Chromium stores the current time in the .crx Zip archive. ;; Use a fixed timestamp for deterministic behavior. - ;; FIXME (core-updates): faketime is missing an absolute reference - ;; to 'date', hence the need to set PATH. - (setenv "PATH" #$(file-append coreutils "/bin")) - (invoke #$(file-append libfaketime "/bin/faketime") - "2000-01-01 00:00:00" - chromium + (invoke chromium "--user-data-dir=/tmp/signing-profile" (string-append "--pack-extension=" packdir) (string-append "--pack-extension-key=" #$signing-key)) -- cgit 1.4.1