Reproducible builds with GitHub Actions
Table of contents
SOURCE_DATE_EPOCH
is a
standardized environment variable
for instructing build tools to produce a reproducible output.
Setting the environment variable for a build makes the timestamps in the
image index, config, and file metadata reflect the specified Unix time.
To set the environment variable in GitHub Actions,
use the built-in env
property on the build step.
Unix epoch timestamps
The following example sets the SOURCE_DATE_EPOCH
variable to 0, Unix epoch.
name: ci
on:
push:
jobs:
docker:
runs-on: ubuntu-latest
steps:
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Build
uses: docker/build-push-action@v6
with:
tags: user/app:latest
env:
SOURCE_DATE_EPOCH: 0
name: ci
on:
push:
jobs:
docker:
runs-on: ubuntu-latest
steps:
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Build
uses: docker/bake-action@v6
env:
SOURCE_DATE_EPOCH: 0
Git commit timestamps
The following example sets SOURCE_DATE_EPOCH
to the Git commit timestamp.
name: ci
on:
push:
jobs:
docker:
runs-on: ubuntu-latest
steps:
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Get Git commit timestamps
run: echo "TIMESTAMP=$(git log -1 --pretty=%ct)" >> $GITHUB_ENV
- name: Build
uses: docker/build-push-action@v6
with:
tags: user/app:latest
env:
SOURCE_DATE_EPOCH: ${{ env.TIMESTAMP }}
name: ci
on:
push:
jobs:
docker:
runs-on: ubuntu-latest
steps:
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Get Git commit timestamps
run: echo "TIMESTAMP=$(git log -1 --pretty=%ct)" >> $GITHUB_ENV
- name: Build
uses: docker/bake-action@v6
env:
SOURCE_DATE_EPOCH: ${{ env.TIMESTAMP }}
Additional information
For more information about the SOURCE_DATE_EPOCH
support in BuildKit,
see
BuildKit documentation.