build: valid SOURCE_DATE_EPOCH #1520

xnox · 2024-09-27T14:02:16Z

Set the floor of SOURCE_DATE_EPOCH to 1980, as ZIP file format does
not support timestamps prior to 1980, meaning zip, jar, egg, wheel all
fail to be created or used.

Without this fix, if one removes the hand override of SOURCE_DATE_EPOCH from py3-userpath, the build fails:

melange build py3-userpath.yaml --arch x86_64  --pipeline-dir ./pipelines/ -k https://packages.wolfi.dev/os/wolfi-signing.rsa.pub -r https://packages.wolfi.dev/os --source-dir ./py3-userpath/
...
2024/09/27 14:55:33 INFO * Building wheel... name="Python Build"
2024/09/27 14:55:33 WARN Traceback (most recent call last): name="Python Build"
2024/09/27 14:55:33 WARN   File "/usr/lib/python3.12/site-packages/pyproject_hooks/_in_process/_in_process.py", line 373, in <module> name="Python Build"
2024/09/27 14:55:33 WARN     main() name="Python Build"
2024/09/27 14:55:33 WARN   File "/usr/lib/python3.12/site-packages/pyproject_hooks/_in_process/_in_process.py", line 357, in main name="Python Build"
2024/09/27 14:55:33 WARN     json_out["return_val"] = hook(**hook_input["kwargs"]) name="Python Build"
2024/09/27 14:55:33 WARN                              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ name="Python Build"
2024/09/27 14:55:33 WARN   File "/usr/lib/python3.12/site-packages/pyproject_hooks/_in_process/_in_process.py", line 271, in build_wheel name="Python Build"
2024/09/27 14:55:33 WARN     return _build_backend().build_wheel( name="Python Build"
2024/09/27 14:55:33 WARN            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ name="Python Build"
2024/09/27 14:55:33 WARN   File "/tmp/build-env-u9wepgmk/lib/python3.12/site-packages/hatchling/build.py", line 58, in build_wheel name="Python Build"
2024/09/27 14:55:33 WARN     return os.path.basename(next(builder.build(directory=wheel_directory, versions=['standard']))) name="Python Build"
2024/09/27 14:55:33 WARN                             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ name="Python Build"
2024/09/27 14:55:33 WARN   File "/tmp/build-env-u9wepgmk/lib/python3.12/site-packages/hatchling/builders/plugin/interface.py", line 155, in build name="Python Build"
2024/09/27 14:55:33 WARN     artifact = version_api[version](directory, **build_data) name="Python Build"
2024/09/27 14:55:33 WARN                ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ name="Python Build"
2024/09/27 14:55:33 WARN   File "/tmp/build-env-u9wepgmk/lib/python3.12/site-packages/hatchling/builders/wheel.py", line 476, in build_standard name="Python Build"
2024/09/27 14:55:33 WARN     record = archive.add_file(included_file) name="Python Build"
2024/09/27 14:55:33 WARN              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ name="Python Build"
2024/09/27 14:55:33 WARN   File "/tmp/build-env-u9wepgmk/lib/python3.12/site-packages/hatchling/builders/wheel.py", line 98, in add_file name="Python Build"
2024/09/27 14:55:33 WARN     zip_info = zipfile.ZipInfo(relative_path, cast(TIME_TUPLE, self.time_tuple)) name="Python Build"
2024/09/27 14:55:33 WARN                ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ name="Python Build"
2024/09/27 14:55:33 WARN   File "/usr/lib/python3.12/zipfile/__init__.py", line 398, in __init__ name="Python Build"
2024/09/27 14:55:33 WARN     raise ValueError('ZIP does not support timestamps before 1980') name="Python Build"
2024/09/27 14:55:33 WARN ValueError: ZIP does not support timestamps before 1980 name="Python Build"
2024/09/27 14:55:33 INFO name="Python Build"
2024/09/27 14:55:33 INFO ERROR Backend subprocess exited when trying to invoke build_wheel name="Python Build"
2024/09/27 14:55:33 ERRO ERROR: failed to build package. the build environment has been preserved:
2024/09/27 14:55:33 INFO   workspace dir: /tmp/melange-workspace-1020228742
2024/09/27 14:55:33 INFO   guest dir: /tmp/melange-guest-609671933
2024/09/27 14:55:33 ERRO failed to build package: unable to run package py3-userpath pipeline: unable to run pipeline: exit status 1

With this fix inplace it just builds correctly. This will remove many
custom overrides of SOURCE_DATE_EPOCH in wolfi-dev/os, and prevent any
developer hitting such pitfall.

This is similar to what was done in NixOS, Debian, Python and probably
other projects.

In Wolfi this will fix building brand new packages, and building
things directly with melange/wolfictl outside of pipelines and
makefiles.

See for example NixOS/nixpkgs#89794

Set the floor of SOURCE_DATE_EPOCH to 1980, as ZIP file format does not support timestamps prior to 1980, meaning zip, jar, egg, wheel all fail to be created or used. Without this fix, if one removes the hand override of SOURCE_DATE_EPOCH from py3-userpath, the build fails: ```console melange build py3-userpath.yaml --arch x86_64 --pipeline-dir ./pipelines/ -k https://packages.wolfi.dev/os/wolfi-signing.rsa.pub -r https://packages.wolfi.dev/os --source-dir ./py3-userpath/ ... 2024/09/27 14:55:33 INFO * Building wheel... name="Python Build" 2024/09/27 14:55:33 WARN Traceback (most recent call last): name="Python Build" 2024/09/27 14:55:33 WARN File "/usr/lib/python3.12/site-packages/pyproject_hooks/_in_process/_in_process.py", line 373, in <module> name="Python Build" 2024/09/27 14:55:33 WARN main() name="Python Build" 2024/09/27 14:55:33 WARN File "/usr/lib/python3.12/site-packages/pyproject_hooks/_in_process/_in_process.py", line 357, in main name="Python Build" 2024/09/27 14:55:33 WARN json_out["return_val"] = hook(**hook_input["kwargs"]) name="Python Build" 2024/09/27 14:55:33 WARN ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ name="Python Build" 2024/09/27 14:55:33 WARN File "/usr/lib/python3.12/site-packages/pyproject_hooks/_in_process/_in_process.py", line 271, in build_wheel name="Python Build" 2024/09/27 14:55:33 WARN return _build_backend().build_wheel( name="Python Build" 2024/09/27 14:55:33 WARN ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ name="Python Build" 2024/09/27 14:55:33 WARN File "/tmp/build-env-u9wepgmk/lib/python3.12/site-packages/hatchling/build.py", line 58, in build_wheel name="Python Build" 2024/09/27 14:55:33 WARN return os.path.basename(next(builder.build(directory=wheel_directory, versions=['standard']))) name="Python Build" 2024/09/27 14:55:33 WARN ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ name="Python Build" 2024/09/27 14:55:33 WARN File "/tmp/build-env-u9wepgmk/lib/python3.12/site-packages/hatchling/builders/plugin/interface.py", line 155, in build name="Python Build" 2024/09/27 14:55:33 WARN artifact = version_api[version](directory, **build_data) name="Python Build" 2024/09/27 14:55:33 WARN ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ name="Python Build" 2024/09/27 14:55:33 WARN File "/tmp/build-env-u9wepgmk/lib/python3.12/site-packages/hatchling/builders/wheel.py", line 476, in build_standard name="Python Build" 2024/09/27 14:55:33 WARN record = archive.add_file(included_file) name="Python Build" 2024/09/27 14:55:33 WARN ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ name="Python Build" 2024/09/27 14:55:33 WARN File "/tmp/build-env-u9wepgmk/lib/python3.12/site-packages/hatchling/builders/wheel.py", line 98, in add_file name="Python Build" 2024/09/27 14:55:33 WARN zip_info = zipfile.ZipInfo(relative_path, cast(TIME_TUPLE, self.time_tuple)) name="Python Build" 2024/09/27 14:55:33 WARN ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ name="Python Build" 2024/09/27 14:55:33 WARN File "/usr/lib/python3.12/zipfile/__init__.py", line 398, in __init__ name="Python Build" 2024/09/27 14:55:33 WARN raise ValueError('ZIP does not support timestamps before 1980') name="Python Build" 2024/09/27 14:55:33 WARN ValueError: ZIP does not support timestamps before 1980 name="Python Build" 2024/09/27 14:55:33 INFO name="Python Build" 2024/09/27 14:55:33 INFO ERROR Backend subprocess exited when trying to invoke build_wheel name="Python Build" 2024/09/27 14:55:33 ERRO ERROR: failed to build package. the build environment has been preserved: 2024/09/27 14:55:33 INFO workspace dir: /tmp/melange-workspace-1020228742 2024/09/27 14:55:33 INFO guest dir: /tmp/melange-guest-609671933 2024/09/27 14:55:33 ERRO failed to build package: unable to run package py3-userpath pipeline: unable to run pipeline: exit status 1 ``` With this fix inplace it just builds correctly. This will remove many custom overrides of SOURCE_DATE_EPOCH in wolfi-dev/os, and prevent any developer hitting such pitfall. This is similar to what was done in NixOS, Debian, Python and probably other projects. In Wolfi this will fix building brand new packages, and building things directly with melange/wolfictl outside of pipelines and makefiles. See for example NixOS/nixpkgs#89794

xnox · 2024-09-27T14:06:17Z

Once this is in wolfictl, we will be able to eliminate

$ git grep SOURCE_DATE_EPOCH *.yaml | grep 3155 | wc -l
48

At least that many lines of yaml, from wolfi (and often 3x that because of a comment, and environment: block, and human having had spent time writing that).

pkg/build/build_test.go

imjasonh reviewed Sep 27, 2024

View reviewed changes

pkg/build/build_test.go Show resolved Hide resolved

imjasonh previously approved these changes Sep 27, 2024

View reviewed changes

Add below min test

bc86411

xnox dismissed imjasonh’s stale review via bc86411 September 29, 2024 21:22

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build: valid SOURCE_DATE_EPOCH #1520

build: valid SOURCE_DATE_EPOCH #1520

xnox commented Sep 27, 2024

xnox commented Sep 27, 2024

build: valid SOURCE_DATE_EPOCH #1520

Are you sure you want to change the base?

build: valid SOURCE_DATE_EPOCH #1520

Conversation

xnox commented Sep 27, 2024

xnox commented Sep 27, 2024