From 9a3fb52b4286755c532f7983335c8e24fd3bbdca Mon Sep 17 00:00:00 2001
From: Morten Linderud <morten@linderud.pw>
Date: Sun, 2 Aug 2020 02:26:39 +0200
Subject: [PATCH] Support reproducible builds (#1802)

* Makefile: Ensure we strip out embedded paths

To reproduce binaries undeterministic values needs to be removed. By
default Go embeds several module paths into the binaries, which prevents
people from reproducing said distributed binary.

The distributed binary from micro contains the full home path of the
current builder of the binary. -trimpath removes these paths from the
binary.

    $ strings micro | grep "/home/zyedidia" | wc -l
    868

This also helps other distributions providing reproducible versions of
micro down the line.

Signed-off-by: Morten Linderud <morten@linderud.pw>

* build-date: Ensure build time adheres to SOURCE_DATE_EPOCH

Embedding undeterministic values into binaries prevents reproduction of
the binaries. The reproducible builds projects defines
`SOURCE_DATE_EPOCH` to allow deterministic insertion of build times.

This patch ensures `build-date` checks the environment variable before
building with the local time.

    $ SOURCE_DATE_EPOCH=123123 go run tools/build-date.go
    January 02, 1970
    $ go run tools/build-date.go
    July 31, 2020

    $ make build-quick && ./micro --version
    [...]
    Compiled on July 31, 2020
    $ SOURCE_DATE_EPOCH=123123 make build-quick && ./micro --version
    [...]
    Compiled on January 02, 1970

https://reproducible-builds.org/specs/source-date-epoch/

Signed-off-by: Morten Linderud <morten@linderud.pw>
---
 Makefile            |  8 ++++----
 tools/build-date.go | 16 +++++++++++++++-
 2 files changed, 19 insertions(+), 5 deletions(-)

diff --git a/Makefile b/Makefile
index 19badb91..91f84bae 100644
--- a/Makefile
+++ b/Makefile
@@ -15,20 +15,20 @@ VSCODE_TESTS_BASE_URL = 'https://raw.githubusercontent.com/microsoft/vscode/e6a4
 
 # Builds micro after checking dependencies but without updating the runtime
 build:
-	go build -ldflags "-s -w $(GOVARS) $(ADDITIONAL_GO_LINKER_FLAGS)" ./cmd/micro
+	go build -trimpath -ldflags "-s -w $(GOVARS) $(ADDITIONAL_GO_LINKER_FLAGS)" ./cmd/micro
 
 build-dbg:
-	go build -ldflags "-s -w $(ADDITIONAL_GO_LINKER_FLAGS) $(DEBUGVAR)" ./cmd/micro
+	go build -trimpath -ldflags "-s -w $(ADDITIONAL_GO_LINKER_FLAGS) $(DEBUGVAR)" ./cmd/micro
 
 build-tags: fetch-tags
-	go build -ldflags "-s -w $(GOVARS) $(ADDITIONAL_GO_LINKER_FLAGS)" ./cmd/micro
+	go build -trimpath -ldflags "-s -w $(GOVARS) $(ADDITIONAL_GO_LINKER_FLAGS)" ./cmd/micro
 
 # Builds micro after building the runtime and checking dependencies
 build-all: runtime build
 
 # Builds micro without checking for dependencies
 build-quick:
-	go build -ldflags "-s -w $(GOVARS) $(ADDITIONAL_GO_LINKER_FLAGS)" ./cmd/micro
+	go build -trimpath -ldflags "-s -w $(GOVARS) $(ADDITIONAL_GO_LINKER_FLAGS)" ./cmd/micro
 
 # Same as 'build' but installs to $GOBIN afterward
 install:
diff --git a/tools/build-date.go b/tools/build-date.go
index ff994d2a..427ef1b1 100644
--- a/tools/build-date.go
+++ b/tools/build-date.go
@@ -2,9 +2,23 @@ package main
 
 import (
 	"fmt"
+	"os"
+	"strconv"
 	"time"
 )
 
 func main() {
-	fmt.Println(time.Now().Local().Format("January 02, 2006"))
+	var buildTime time.Time
+	epoch := os.Getenv("SOURCE_DATE_EPOCH")
+	if epoch != "" {
+		i, err := strconv.Atoi(epoch)
+		if err != nil {
+			fmt.Errorf("SOURCE_DATE_EPOCH is not a valid integer")
+			os.Exit(1)
+		}
+		buildTime = time.Unix(int64(i), 0)
+	} else {
+		buildTime = time.Now().Local()
+	}
+	fmt.Println(buildTime.Format("January 02, 2006"))
 }