summaryrefslogtreecommitdiffstats
path: root/bitbake
diff options
context:
space:
mode:
authorOlaf Mandel <o.mandel@menlosystems.com>2022-03-24 17:47:59 +0100
committerRichard Purdie <richard.purdie@linuxfoundation.org>2022-03-26 09:27:43 +0000
commit5cbdd2b4831fe069e5b441f0c6f427b2b9dc086b (patch)
tree760609e2fad7aa34635aad40360a99617b81dd5d /bitbake
parent7e273d09d0fe30c3254edd864fb822777109cddc (diff)
downloadpoky-5cbdd2b4831fe069e5b441f0c6f427b2b9dc086b.tar.gz
bitbake: fetch2/git: stop generated tarballs from leaking info
When using BB_GENERATE_MIRROR_TARBALLS="1" to generate mirror tarballs of git repositories, they leaked local information: username, group and time of the last fetch. Remove all these by setting fixed information: * uname = pokybuild * gname = users * mtime = committer time of newest commit in repo The username and group value were taken from the archives available on the downloads.yoctoproject.org mirror. The modification time is chosen so it still retains some relationship to the contents of the archive. (Bitbake rev: 0178ab83e6312e97e528aa8c5e12105f5165d896) Signed-off-by: Olaf Mandel <o.mandel@menlosystems.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'bitbake')
-rw-r--r--bitbake/lib/bb/fetch2/git.py5
-rw-r--r--bitbake/lib/bb/tests/fetch.py30
2 files changed, 34 insertions, 1 deletions
diff --git a/bitbake/lib/bb/fetch2/git.py b/bitbake/lib/bb/fetch2/git.py
index b3c5e6dacc..4d06a57198 100644
--- a/bitbake/lib/bb/fetch2/git.py
+++ b/bitbake/lib/bb/fetch2/git.py
@@ -462,7 +462,10 @@ class Git(FetchMethod):
462 462
463 logger.info("Creating tarball of git repository") 463 logger.info("Creating tarball of git repository")
464 with create_atomic(ud.fullmirror) as tfile: 464 with create_atomic(ud.fullmirror) as tfile:
465 runfetchcmd("tar -czf %s ." % tfile, d, workdir=ud.clonedir) 465 mtime = runfetchcmd("git log --all -1 --format=%cD", d,
466 quiet=True, workdir=ud.clonedir)
467 runfetchcmd("tar -czf %s --owner pokybuild --group users --mtime \"%s\" ."
468 % (tfile, mtime), d, workdir=ud.clonedir)
466 runfetchcmd("touch %s.done" % ud.fullmirror, d) 469 runfetchcmd("touch %s.done" % ud.fullmirror, d)
467 470
468 def clone_shallow_local(self, ud, dest, d): 471 def clone_shallow_local(self, ud, dest, d):
diff --git a/bitbake/lib/bb/tests/fetch.py b/bitbake/lib/bb/tests/fetch.py
index eff12b7c50..233ecae737 100644
--- a/bitbake/lib/bb/tests/fetch.py
+++ b/bitbake/lib/bb/tests/fetch.py
@@ -11,6 +11,7 @@ import hashlib
11import tempfile 11import tempfile
12import collections 12import collections
13import os 13import os
14import tarfile
14from bb.fetch2 import URI 15from bb.fetch2 import URI
15from bb.fetch2 import FetchMethod 16from bb.fetch2 import FetchMethod
16import bb 17import bb
@@ -628,6 +629,35 @@ class GitShallowTarballNamingTest(FetcherTest):
628 self.assertIn(self.mirror_tarball, dir) 629 self.assertIn(self.mirror_tarball, dir)
629 630
630 631
632class CleanTarballTest(FetcherTest):
633 def setUp(self):
634 super(CleanTarballTest, self).setUp()
635 self.recipe_url = "git://git.openembedded.org/bitbake"
636 self.recipe_tarball = "git2_git.openembedded.org.bitbake.tar.gz"
637
638 self.d.setVar('BB_GENERATE_MIRROR_TARBALLS', '1')
639 self.d.setVar('SRCREV', '82ea737a0b42a8b53e11c9cde141e9e9c0bd8c40')
640
641 @skipIfNoNetwork()
642 def test_that_the_tarball_contents_does_not_leak_info(self):
643 fetcher = bb.fetch.Fetch([self.recipe_url], self.d)
644
645 fetcher.download()
646
647 fetcher.unpack(self.unpackdir)
648 mtime = bb.process.run('git log --all -1 --format=%ct',
649 cwd=os.path.join(self.unpackdir, 'git'))
650 self.assertEqual(len(mtime), 2)
651 mtime = int(mtime[0])
652
653 archive = tarfile.open(os.path.join(self.dldir, self.recipe_tarball))
654 self.assertNotEqual(len(archive.members), 0)
655 for member in archive.members:
656 self.assertEqual(member.uname, 'pokybuild')
657 self.assertEqual(member.gname, 'users')
658 self.assertEqual(member.mtime, mtime)
659
660
631class FetcherLocalTest(FetcherTest): 661class FetcherLocalTest(FetcherTest):
632 def setUp(self): 662 def setUp(self):
633 def touch(fn): 663 def touch(fn):