From d983cbcdb83499c798d09abdd316dbc9c4c9f16f Mon Sep 17 00:00:00 2001
From: David McKinney <mckinney@subgraph.com>
Date: Tue, 3 Jul 2018 15:17:13 -0400
Subject: [PATCH] Added scripts/repro_gaps.sh for comparing reproducibility
 gaps across two independent builds, updated README with usage instructions

---
 README.md             |  25 ++++++++
 scripts/repro_gaps.sh | 136 ++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 161 insertions(+)
 create mode 100755 scripts/repro_gaps.sh

diff --git a/README.md b/README.md
index 0dde6e9..47c2c7a 100644
--- a/README.md
+++ b/README.md
@@ -82,4 +82,29 @@ You can then unpack this tarball somewhere and run a script inside of it called
 
 The install.sh script redirects all output from the commands it runs to a file install.log in the current directory.  If the last line of output does not say "Install completed successfully" then something failed.  Look in install.log for information about what went wrong.  The script itself does not print any output when it fails, it will just stop at one of the steps and it appears as if everything worked since there is no error output.
 
+# Reproducible builds
+
+Citadel is configured to reproducibly build artifacts. At this stage, we are 
+not yet at 100% reprodubility. We have included a script to track the gaps
+in reproducibility. 
+
+This requires performing two independent builds of Citadel (preferably on the 
+same host, doing this on different hosts is an exercise left up to the user).
+
+The first build is the test build and the second build is the control build.
+To compare the two, run the `repro_gaps.sh` script in the `scripts` directory
+of this repo. 
+
+By default, it will produce a summary table showing how many packages have been
+built reproducibly across the test and control builds. For example:
+```
+$ ./repro_gaps.sh /home/user/src/citadel /home/user/src/citadel-control
+```
+
+To generate a list of the packages that were not reproducible, the script
+can be run with the `--output` option:
+```
+$ ./repro_gaps.sh /home/user/src/citadel /home/user/src/citadel-control --output gaps.txt
+```
+
 
diff --git a/scripts/repro_gaps.sh b/scripts/repro_gaps.sh
new file mode 100755
index 0000000..becc3bc
--- /dev/null
+++ b/scripts/repro_gaps.sh
@@ -0,0 +1,136 @@
+#!/bin/bash
+
+DATE=`date '+%Y-%m-%d %H:%M:%S'`
+
+# Path to the .debs to deploy within the build dir of the Citadel root
+DEPLOY_PATH="build/tmp-glibc/deploy/deb/"
+
+TEST_PATH=$(realpath $1)
+CONTROL_PATH=$(realpath $2)
+
+usage () {
+    echo ""
+    echo "Usage:"
+    echo "${0} <path_to_test_build> <path_to_control_build> [--output filename]"
+    echo ""
+    echo "Compare the reproducibility gaps between two Citadel builds"
+    echo ""
+    echo "Options:"
+    echo "    --output filename    Output the list of unreproducible packages (optional)"
+    echo ""
+    echo "Example:"
+    echo ""
+    echo "${0} src/citadel src/citadel-control --output gaps.txt"
+    echo ""
+}
+
+# Find all .debs, will ignore Packages.gz and other files
+find_all() {
+    local all_debs=$(find -L ${TEST_PATH}/${DEPLOY_PATH} -name '*.deb' -exec readlink -f {} \;)
+    echo $all_debs
+}
+
+# Main
+
+if [ -z "$TEST_PATH" ]; then 
+    echo "Missing argument for the test build path"
+    usage
+    exit 1
+fi
+
+if [ -z "$CONTROL_PATH" ]; then
+    echo "Missing argument for the control build path"
+    usage
+    exit 1
+fi
+
+if [ ! -d "$TEST_PATH" ]; then
+    echo "Test path argument is not a directory"
+    usage
+    exit 1
+fi
+
+if [ ! -d "$CONTROL_PATH" ]; then
+    echo "Control path argument is not a directory"
+    usage
+    exit 1
+fi
+
+if [ "$TEST_PATH" = "$CONTROL_PATH" ]; then
+    echo "Test path and control path cannot be the same"
+    usage
+    exit 1
+fi
+
+shift 2
+
+OUTPUT=false
+
+while (( $# > 1 )); do case $1 in
+    --output) OUTPUT=$2;;
+    *) break;
+esac; shift 2
+done
+
+echo "Enumerating files..."
+
+ALL_DEBS=$(find_all)
+NUM_FILES=( $ALL_DEBS )
+
+SAME=0
+DIFF=0
+TOTAL=0
+
+echo ""
+echo "Comparing reproducibility gaps for ${#NUM_FILES[@]} .debs - ${DATE}"
+if [ ! "$OUTPUT" = false ]; then
+    echo "Logging unreproducible packages to ${OUTPUT}"
+    echo "Unreproducible packages - ${DATE}" > ${OUTPUT}
+fi
+echo "Test Path: ${TEST_PATH}/${DEPLOY_PATH}"
+echo "Control Path: ${CONTROL_PATH}/${DEPLOY_PATH}"
+echo "Same: ${SAME}"
+echo "Different: ${DIFF}"
+echo "Total: ${TOTAL}"
+tput civis
+
+clean_up () {
+    tput cnorm
+    tput sgr0
+    exit 2
+}
+
+trap clean_up SIGHUP SIGINT SIGTERM
+
+for file1 in $ALL_DEBS; do
+    TOTAL=$((TOTAL + 1))
+    tput sc
+    tput cuu 1
+    echo "Total: ${TOTAL}"
+    tput rc
+    file2=${file1/$TEST_PATH/$CONTROL_PATH}
+    if [ -f ${file2} ]; then
+        cmp ${file1} ${file2} -s
+        if [ $? -eq 0 ]; then
+            SAME=$((SAME + 1))
+            tput sc
+            tput cuu 3
+            echo "Same: $(tput setaf 2) ${SAME} $(tput sgr0)"
+            tput rc
+        else 
+            DIFF=$((DIFF + 1)) 
+            if [ ! "$OUTPUT" = false ]; then
+                echo ${file1} >> ${OUTPUT}
+            fi
+            tput sc
+            tput cuu 2
+            echo "Different: $(tput setaf 1) ${DIFF} $(tput sgr0)"
+            tput rc
+        fi
+    fi
+done
+
+tput cnorm
+tput sgr0
+
+