Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Reproducible WAR builds cause issues with Tomcat caches #10917

Open
joankaradimov opened this issue Oct 1, 2019 · 2 comments
Open

Reproducible WAR builds cause issues with Tomcat caches #10917

joankaradimov opened this issue Oct 1, 2019 · 2 comments

Comments

@joankaradimov
Copy link

@joankaradimov joankaradimov commented Oct 1, 2019

Expected Behavior

Gradle could expose an option for explicit timestamps in generated archives when doing reproducible builds.

Current Behavior

Archive tasks have options that facilitate reproducible builds: reproducibleFileOrder and preserveFileTimestamps. But the preserveFileTimestamps option always puts the same hard-coded date in the archives.

Context

When a war generated by gradle with the said flags is exploded by Tomcat, the zip timestamps are preserved. When Tomcat sees the timestamp coming from preserveFileTimestamps it does not bother to look at the file contents. It then decides that the file in unchanged and it generates the same etag in responses.

Here's a thread in the Tomcat mailing list referring to the problem.

I've implemented the option in gradle, called it timeForArchiveEntries, built it, and tested it like that:

war {
	reproducibleFileOrder = true
	preserveFileTimestamps = false

	def time = 'git log -1 --format=%cd --date=format-local:%Y-%m-%dT%H:%M:%S.00Z'.execute(['TZ=UTC'], null).text.trim()
	timeForArchiveEntries = Date.from(Instant.parse(time))
}

It correctly sets the timestamps for archive entries. If the suggestion sounds good, I can write some integration tests and documentation and make a PR.

@joankaradimov

This comment has been minimized.

Copy link
Author

@joankaradimov joankaradimov commented Oct 2, 2019

I'm not sure that the @build-cache label is correct. I'd assume it's for gradle's internal caches. And this is about the Tomcat cache handling.

Anyway, my WIP can be seen here.

@wolfs wolfs self-assigned this Nov 18, 2019
@wolfs

This comment has been minimized.

Copy link
Member

@wolfs wolfs commented Nov 18, 2019

@joankaradimov Currently, we don't want to support setting an archive entry timestamp which is used for reproducible archives. The main reason for this is that it is hard to obtain a timestamp which is the same across different timezones, operating systems and servers. It also somewhat defeats the idea behind reproducible archives since you also would need to find out the timestamp which was set for the archive entries so you actually can reproduce it.

It seems like Tomcat doesn't seem to work well with reproducible archives. Why can't you use non-reproducible archives? What are you trying to achieve by using reproducible WARs in the first place?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
2 participants
You can’t perform that action at this time.