jlengrand/error-prone-support
1
0
Fork 0
mirror of https://github.com/jlengrand/error-prone-support.git synced 2026-03-10 08:11:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Generate reproducible build output (#243)

Browse Source 
By deriving `project.build.outputTimestamp` from the timestamp of the 
most recent commit, the timestamp embedded in generated JARs no longer
depends on the exact time at which the artifacts are built. As such
repeated executions of `mvn clean install` yield byte-for-byte identical
results.

This change requires replacing `buildnumber-maven-plugin` with
`git-commit-id-maven-plugin`.

See https://maven.apache.org/guides/mini/guide-reproducible-builds.html
This commit is contained in:
Stephan Schroevers
2022-09-21 13:23:02 +02:00
committed by GitHub
parent 43bcbeaa98
commit 564bc7e1d1
1 changed files with 28 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

52
pom.xml
View File

@@ -137,6 +137,9 @@
property allows the `error-prone-fork` profile below to build the
project using Picnic's Error Prone fork instead. -->
<groupId.error-prone>com.google.errorprone</groupId.error-prone>
<!-- The build timestamp is derived from the most recent commit
timestamp in support of reproducible builds. -->
<project.build.outputTimestamp>${git.commit.time}</project.build.outputTimestamp>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<!-- Dependency and plugin versions that are referenced in more than
one place. We use these to keep dependencies in sync. Version numbers
@@ -511,6 +514,25 @@
</execution>
</executions>
</plugin>
<plugin>
<groupId>io.github.git-commit-id</groupId>
<artifactId>git-commit-id-maven-plugin</artifactId>
<version>5.0.0</version>
<configuration>
<injectAllReactorProjects>true</injectAllReactorProjects>
<runOnlyOnce>true</runOnlyOnce>
<skipPoms>false</skipPoms>
<dateFormat>yyyy-MM-dd'T'HH:mm:ssXXX</dateFormat>
</configuration>
<executions>
<execution>
<id>retrieve-git-info</id>
<goals>
<goal>revision</goal>
</goals>
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-checkstyle-plugin</artifactId>
@@ -968,9 +990,9 @@
<manifestEntries>
<Implementation-Title>${project.name}</Implementation-Title>
<Implementation-Vendor>${project.organization.name}</Implementation-Vendor>
<Implementation-Version>${project.version}.${build.number}.${build.revision}</Implementation-Version>
<Implementation-Version>${project.version}.${build.number}.${git.commit.id}</Implementation-Version>
<Rookout-Repository>${project.scm.url}</Rookout-Repository>
<Rookout-Revision>${build.revision}</Rookout-Revision>
<Rookout-Revision>${git.commit.id}</Rookout-Revision>
</manifestEntries>
</archive>
</configuration>
@@ -1084,24 +1106,6 @@
<artifactId>build-helper-maven-plugin</artifactId>
<version>3.3.0</version>
</plugin>
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>buildnumber-maven-plugin</artifactId>
<version>3.0.0</version>
<configuration>
<buildNumberPropertyName>build.revision</buildNumberPropertyName>
<revisionOnScmFailure>UNKNOWN</revisionOnScmFailure>
</configuration>
<executions>
<execution>
<id>determine-build-number</id>
<goals>
<goal>create</goal>
</goals>
<phase>validate</phase>
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>license-maven-plugin</artifactId>
@@ -1284,12 +1288,12 @@
</pluginManagement>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-source-plugin</artifactId>
<groupId>io.github.git-commit-id</groupId>
<artifactId>git-commit-id-maven-plugin</artifactId>
</plugin>
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>buildnumber-maven-plugin</artifactId>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-source-plugin</artifactId>
</plugin>
</plugins>
</build>