On 7/29/25 08:16, Andrew Leonard wrote:
Hi,
I’m looking for help on resolving this bug please
(https://bugs.openjdk.org/browse/JDK-8363942), that we see building
Eclipse Temurin, whereby we build the “exploded image(default)”
target, then externally “sign” the binaries, then “touch” the targets
using “make -t” so they don’t get re-built, then build the “images”…
However, after recent jdk-25 changes in idk-25+26 (I think by
8349665), this process fails.
We’ve found a workaround by manually deleting the file
“create-main-targets-include” before calling make images, but that
doesn’t seem ideal.
I've never used `make -t` so I'm not surprised it doesn't work well with
the OpenJDK build. We use a lot of meta targets and tricks throughout
the build, and I would expect things to behave unexpectedly when using
it. I'm curious why you think you need to run `make -t` after the
signing procedure? As long as none of the signing operations are
resetting the modification times on the signed binaries to an earlier
timestamp than the build produced, and you didn't touch any other files
or source files, then rebuilding shouldn't overwrite any of the already
built or signed binaries. There can of course be bugs, and historically
I'm sure there have been, causing things to be rebuilt unnecessarily, so
with an approach like this I would definitely recommend adding a
verification step after the build that checks all binaries for signatures.
Related to this, have you looked into
https://bugs.openjdk.org/browse/JDK-8350801? It was meant to make
external signing procedures easier to integrate with the build system.
/Erik
Many thanks
Andrew
Unless otherwise stated above:
IBM United Kingdom Limited
Registered in England and Wales with number 741598
Registered office: Building C, IBM Hursley Office, Hursley Park Road,
Winchester, Hampshire SO21 2JN
