From b303a774d8c462747869cdf239280eda151d18f3 Mon Sep 17 00:00:00 2001
From: morguldir <morguldir@protonmail.com>
Date: Tue, 16 Apr 2024 22:06:52 -0400
Subject: [PATCH] Set the time of the HEAD commit as the OCI created field

Apparently it uses `date -Iseconds` to parse, so we can use @ with a timestamp

Also it doesn't parse `created` in buildImage, only buildLayeredImage

Signed-off-by: morguldir <morguldir@protonmail.com>
Signed-off-by: strawberry <strawberry@puppygock.gay>
---
 flake.nix | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/flake.nix b/flake.nix
index 0a4b6e2a..5ef2c00f 100644
--- a/flake.nix
+++ b/flake.nix
@@ -194,10 +194,12 @@
       };
 
       mkOciImage = pkgs: package: allocator: tag:
-        pkgs.dockerTools.buildImage {
+        pkgs.dockerTools.buildLayeredImage {
           name = package.pname;
           tag = "${tag}";
-          copyToRoot = [
+          # Debian makes builds reproducible through using the HEAD commit's date
+          created = "@${toString self.lastModified}";
+          contents = [
             pkgs.dockerTools.caCertificates
           ];
           config = {