1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
|
%global _empty_manifest_terminate_build 0
Name: python-deterministic-zip
Version: 0.1
Release: 1
Summary: A program to create deterministic zip files.
License: Simplified BSD License
URL: https://github.com/bboe/deterministic_zip
Source0: https://mirrors.nju.edu.cn/pypi/web/packages/04/5a/297b8b79061e9ac3b1c23cc238c78c89bca8b07379864d37ef172fa182de/deterministic_zip-0.1.tar.gz
BuildArch: noarch
%description
# deterministic_zip
A tool to generate consistent zip files.
This tool was specifically built to prevent zip file changes from triggering
AWS Lambda function updates when running `terraform apply`. Before this change,
every re-build of the zipfile would result in a different zip even if its
contents had not changed.
## Requirements
This tool currently only runs on python3.7 in order to use deflate compression
level 9.
## Installation
```sh
pip install deterministic_zip
```
## Creating a deterministic_zip
Run the following, and verify that your zip produces the same sha256 hash:
```sh
echo "The first file." > first
echo "The second file." > second
deterministic_zip archive.zip first second
sha256sum archive.zip
```
If you have `\n` line endings the result should be:
3afbd7c9b42bd5539ffd5c40499d3d1825157ed83791dce8d7ff2694189d28d6
If you have `\r\n` line endings (Windows) the result should be:
40e16270d62f15e7a192e88b1b301fa6540c86e7e897036b56be513341d376ed
## How does it work?
Great question! There are three tricks to building a deterministic zip.
1) Files must be added to the zip in the same order. Directory iteration order
may vary across machines, resulting in different zips. `deterministic_zip`
sorts all files before adding them to the zip archive.
2) Files in the zip must have consistent timestamps. If I share a directory to
another machine, the timestamps of individual files may differ, depsite
identical content. To achieve timestamp consistency, `deterministic_zip`
sets the timestamp of all added files to `2019-01-01 00:00:00`. Please note
that this __does not__ affect the timestamp of the source files.
3) Files in the zip must have consistent permissions. File permissions look
like `-rw-r--r--` for a file that is readable by all users, and only
writable by the user who owns the file. Similarly executable files might
have permissions that look like: `-rwxr-xr-x` or
`-rwx------`. `deterministic_zip` sets the permission of all files to either
`-r--r--r--`, or `-r-xr-xr-x`. The latter is only used of the user running
`deterministic_zip` has execute access on the file.
%package -n python3-deterministic-zip
Summary: A program to create deterministic zip files.
Provides: python-deterministic-zip
BuildRequires: python3-devel
BuildRequires: python3-setuptools
BuildRequires: python3-pip
%description -n python3-deterministic-zip
# deterministic_zip
A tool to generate consistent zip files.
This tool was specifically built to prevent zip file changes from triggering
AWS Lambda function updates when running `terraform apply`. Before this change,
every re-build of the zipfile would result in a different zip even if its
contents had not changed.
## Requirements
This tool currently only runs on python3.7 in order to use deflate compression
level 9.
## Installation
```sh
pip install deterministic_zip
```
## Creating a deterministic_zip
Run the following, and verify that your zip produces the same sha256 hash:
```sh
echo "The first file." > first
echo "The second file." > second
deterministic_zip archive.zip first second
sha256sum archive.zip
```
If you have `\n` line endings the result should be:
3afbd7c9b42bd5539ffd5c40499d3d1825157ed83791dce8d7ff2694189d28d6
If you have `\r\n` line endings (Windows) the result should be:
40e16270d62f15e7a192e88b1b301fa6540c86e7e897036b56be513341d376ed
## How does it work?
Great question! There are three tricks to building a deterministic zip.
1) Files must be added to the zip in the same order. Directory iteration order
may vary across machines, resulting in different zips. `deterministic_zip`
sorts all files before adding them to the zip archive.
2) Files in the zip must have consistent timestamps. If I share a directory to
another machine, the timestamps of individual files may differ, depsite
identical content. To achieve timestamp consistency, `deterministic_zip`
sets the timestamp of all added files to `2019-01-01 00:00:00`. Please note
that this __does not__ affect the timestamp of the source files.
3) Files in the zip must have consistent permissions. File permissions look
like `-rw-r--r--` for a file that is readable by all users, and only
writable by the user who owns the file. Similarly executable files might
have permissions that look like: `-rwxr-xr-x` or
`-rwx------`. `deterministic_zip` sets the permission of all files to either
`-r--r--r--`, or `-r-xr-xr-x`. The latter is only used of the user running
`deterministic_zip` has execute access on the file.
%package help
Summary: Development documents and examples for deterministic-zip
Provides: python3-deterministic-zip-doc
%description help
# deterministic_zip
A tool to generate consistent zip files.
This tool was specifically built to prevent zip file changes from triggering
AWS Lambda function updates when running `terraform apply`. Before this change,
every re-build of the zipfile would result in a different zip even if its
contents had not changed.
## Requirements
This tool currently only runs on python3.7 in order to use deflate compression
level 9.
## Installation
```sh
pip install deterministic_zip
```
## Creating a deterministic_zip
Run the following, and verify that your zip produces the same sha256 hash:
```sh
echo "The first file." > first
echo "The second file." > second
deterministic_zip archive.zip first second
sha256sum archive.zip
```
If you have `\n` line endings the result should be:
3afbd7c9b42bd5539ffd5c40499d3d1825157ed83791dce8d7ff2694189d28d6
If you have `\r\n` line endings (Windows) the result should be:
40e16270d62f15e7a192e88b1b301fa6540c86e7e897036b56be513341d376ed
## How does it work?
Great question! There are three tricks to building a deterministic zip.
1) Files must be added to the zip in the same order. Directory iteration order
may vary across machines, resulting in different zips. `deterministic_zip`
sorts all files before adding them to the zip archive.
2) Files in the zip must have consistent timestamps. If I share a directory to
another machine, the timestamps of individual files may differ, depsite
identical content. To achieve timestamp consistency, `deterministic_zip`
sets the timestamp of all added files to `2019-01-01 00:00:00`. Please note
that this __does not__ affect the timestamp of the source files.
3) Files in the zip must have consistent permissions. File permissions look
like `-rw-r--r--` for a file that is readable by all users, and only
writable by the user who owns the file. Similarly executable files might
have permissions that look like: `-rwxr-xr-x` or
`-rwx------`. `deterministic_zip` sets the permission of all files to either
`-r--r--r--`, or `-r-xr-xr-x`. The latter is only used of the user running
`deterministic_zip` has execute access on the file.
%prep
%autosetup -n deterministic-zip-0.1
%build
%py3_build
%install
%py3_install
install -d -m755 %{buildroot}/%{_pkgdocdir}
if [ -d doc ]; then cp -arf doc %{buildroot}/%{_pkgdocdir}; fi
if [ -d docs ]; then cp -arf docs %{buildroot}/%{_pkgdocdir}; fi
if [ -d example ]; then cp -arf example %{buildroot}/%{_pkgdocdir}; fi
if [ -d examples ]; then cp -arf examples %{buildroot}/%{_pkgdocdir}; fi
pushd %{buildroot}
if [ -d usr/lib ]; then
find usr/lib -type f -printf "/%h/%f\n" >> filelist.lst
fi
if [ -d usr/lib64 ]; then
find usr/lib64 -type f -printf "/%h/%f\n" >> filelist.lst
fi
if [ -d usr/bin ]; then
find usr/bin -type f -printf "/%h/%f\n" >> filelist.lst
fi
if [ -d usr/sbin ]; then
find usr/sbin -type f -printf "/%h/%f\n" >> filelist.lst
fi
touch doclist.lst
if [ -d usr/share/man ]; then
find usr/share/man -type f -printf "/%h/%f.gz\n" >> doclist.lst
fi
popd
mv %{buildroot}/filelist.lst .
mv %{buildroot}/doclist.lst .
%files -n python3-deterministic-zip -f filelist.lst
%dir %{python3_sitelib}/*
%files help -f doclist.lst
%{_docdir}/*
%changelog
* Tue May 30 2023 Python_Bot <Python_Bot@openeuler.org> - 0.1-1
- Package Spec generated
|
