Make zip generation (more) reproducible

The 'touch' command uses the system default timezone if none is
supplied. This makes zip files dependent on the timezone of the
generating machine.

Zip by default stores extended attributes (eg. ctime, atime) on Unix
systems. These can be further sources of non-determinism, so switch it
off with --no-extra

Change-Id: I7e102be7368ef339cbaf47524b90688c32a09238

polygerrit-ui/app/BUILD

@@ -65,6 +65,8 @@ genrule2(
         ("tar -hcf- $(locations :pg_code) |" +
          " tar --strip-components=2 -C $$TMP/ -xf-"),
         "cd $$TMP",
+        "TZ=UTC",
+        "export TZ",
         "find . -exec touch -t 198001010000 '{}' ';'",
         "zip -rq $$ROOT/$@ *",
     ]),

tools/bzl/javadoc.bzl

@@ -28,6 +28,8 @@ def _impl(ctx):
   source = ctx.outputs.zip.path + ".source"
   external_docs = ["http://docs.oracle.com/javase/8/docs/api"] + ctx.attr.external_docs
   cmd = [
+      "TZ=UTC",
+      "export TZ",
       "rm -rf %s" % source,
       "mkdir %s" % source,
       " && ".join(["unzip -qud %s %s" % (source, j.path) for j in source_jars]),
@@ -50,7 +52,7 @@ def _impl(ctx):
         ":".join(transitive_jar_paths),
         "-d %s" % dir]),
     "find %s -exec touch -t 198001010000 '{}' ';'" % dir,
-    "(cd %s && zip -qr ../%s *)" % (dir, ctx.outputs.zip.basename),
+    "(cd %s && zip -Xqr ../%s *)" % (dir, ctx.outputs.zip.basename),
   ]
   ctx.actions.run_shell(
       inputs = list(transitive_jar_set) + list(source_jars) + ctx.files._jdk,

tools/bzl/js.bzl

@@ -75,13 +75,15 @@ def _bower_archive(ctx):
 
   _bash(ctx, " && " .join([
     "TMP=$(mktemp -d || mktemp -d -t bazel-tmp)",
+    "TZ=UTC",
+    "export UTC",
     "cd $TMP",
     "mkdir bower_components",
     "cd bower_components",
     "unzip %s" % ctx.path(download_name),
     "cd ..",
     "find . -exec touch -t 198001010000 '{}' ';'",
-    "zip -r %s bower_components" % renamed_name,
+    "zip -Xr %s bower_components" % renamed_name,
     "cd ..",
     "rm -rf ${TMP}",
   ]))
@@ -153,11 +155,13 @@ def _js_component(ctx):
     name = name[:-4]
   dest = "%s/%s" % (dir, name)
   cmd = " && ".join([
+    "TZ=UTC",
+    "export TZ",
     "mkdir -p %s" % dest,
     "cp %s %s/" % (' '.join([s.path for s in ctx.files.srcs]), dest),
     "cd %s" % dir,
     "find . -exec touch -t 198001010000 '{}' ';'",
-    "zip -qr ../%s *" %  ctx.outputs.zip.basename
+    "zip -Xqr ../%s *" %  ctx.outputs.zip.basename
   ])
 
   ctx.actions.run_shell(
@@ -232,13 +236,15 @@ def _bower_component_bundle_impl(ctx):
     outputs=[out_zip],
     command=" && ".join([
       "p=$PWD",
+      "TZ=UTC",
+      "export TZ",
       "rm -rf %s.dir" % out_zip.path,
       "mkdir -p %s.dir/bower_components" % out_zip.path,
       "cd %s.dir/bower_components" % out_zip.path,
       "for z in %s; do unzip -q $p/$z ; done" % " ".join(sorted([z.path for z in zips])),
       "cd ..",
       "find . -exec touch -t 198001010000 '{}' ';'",
-      "zip -qr $p/%s bower_components/*" % out_zip.path,
+      "zip -Xqr $p/%s bower_components/*" % out_zip.path,
     ]),
     mnemonic="BowerCombine")
 

tools/bzl/pkg_war.bzl

@@ -55,9 +55,11 @@ def _add_file(in_file, output):
 def _make_war(input_dir, output):
   return '(%s)' % ' && '.join([
     'root=$(pwd)',
+    'TZ=UTC',
+    'export TZ',
     'cd %s' % input_dir,
     "find . -exec touch -t 198001010000 '{}' ';' 2> /dev/null",
-    'zip -9qr ${root}/%s .' % (output.path),
+    'zip -X -9qr ${root}/%s .' % (output.path),
   ])
 
 def _war_impl(ctx):