From 5169769e0f84dd227592cb73da97dacd61ae40b9 Mon Sep 17 00:00:00 2001
From: Julian Andres Klode <julian.klode@canonical.com>
Date: Mon, 14 Nov 2022 12:16:29 +0100
Subject: [PATCH 11/13] make-archive: Build reproducible tarball

Remove timestamps, user names, etc. from the tarball so that
it can be built reproducibly by multiple people, on different
machines.

The outer bzip2 layer might still be different, no reproducible
bzip2 known.

Signed-off-by: Julian Andres Klode <julian.klode@canonical.com>
---
 make-archive | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/make-archive b/make-archive
index d4f095f0a46..9ae9eef077a 100755
--- a/make-archive
+++ b/make-archive
@@ -86,14 +86,16 @@ main() {
 	cd ..
 	if [ "x" = "x${SHIM_GIT_TAG}" ] ; then
 		git archive --format=tar "$(git log -1 --pretty=format:%h)" | ( cd "${ARCHIVE_DIR}/shim-${VERSION}" ; tar x )
+		TIMESTAMP=0
 	else
 		# ORIGIN doesn't yet have this tag
 		git archive --format=tar "${SHIM_GIT_TAG}" | ( cd "${ARCHIVE_DIR}/shim-${VERSION}" ; tar x )
+		TIMESTAMP=$(git log -1 --pretty=%ct "${SHIM_GIT_TAG}")
 	fi
 	git log -1 --pretty=format:%H > "${ARCHIVE_DIR}/shim-${VERSION}/commit"
 	DIR="$PWD"
 	cd "${ARCHIVE_DIR}"
-	tar -c --bzip2 -f "${DIR}/shim-${VERSION}.tar.bz2" "shim-${VERSION}"
+	tar -c --sort=name --mtime="@${TIMESTAMP}" --owner=0 --group=0 --numeric-owner --pax-option=exthdr.name=%d/PaxHeaders/%f,delete=atime,delete=ctime --bzip2 -f "${DIR}/shim-${VERSION}.tar.bz2" "shim-${VERSION}"
 	rm -rf "${ARCHIVE_DIR}"
 	echo "The archive is in shim-${VERSION}.tar.bz2"
 	exit 0
-- 
2.37.1