Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Make builds reproducible #1

Open
celskeggs opened this issue Jul 1, 2017 · 7 comments
Open

Make builds reproducible #1

celskeggs opened this issue Jul 1, 2017 · 7 comments
Labels
category code-quality macro
Milestone
Dev Cluster 8

Comments

@celskeggs
Copy link
Member

This should avoid certain weird edge-case bugs (or at least make them easier to diagnose) and hopefully limit the dependencies on the build environment.
@celskeggs celskeggs added the micro label Jul 1, 2017
@celskeggs celskeggs self-assigned this Jul 2, 2017
@celskeggs
Copy link
Member Author

There are two elements to this:

  • Setting up builds of individual components to produce consistent artifacts.
  • Setting up a chroot/container/VM-like system to have a consistent build system.

@celskeggs
Copy link
Member Author

celskeggs commented Jul 7, 2017
edited
Loading

Latter part is pbuilder. Former part is using debian tools and various hacks.

TODO reminder: verify reproducibility across checkouts (for modification times) and machines; make sure verbosity settings are turned down.

@celskeggs
Copy link
Member Author

Current progress is in the try-debian-builds branch.

@celskeggs
Copy link
Member Author

Full completion of this is going to depend on golang/go#16860, especially for kubernetes, which fares the worst with reproducibility.

@celskeggs celskeggs mentioned this issue Jul 9, 2017
Merged
@celskeggs
Copy link
Member Author

The easy part is completed -- notably, building everything with debian packaging tool in chroots. The hard part is not yet done, but has some work completed towards it.

@celskeggs celskeggs removed their assignment Jul 9, 2017
@celskeggs celskeggs mentioned this issue Jul 9, 2017
Closed
@celskeggs celskeggs added macro and removed micro labels Jul 13, 2017
@celskeggs celskeggs mentioned this issue Jul 13, 2017
Closed
@celskeggs celskeggs modified the milestone: Dev Cluster 8 Oct 10, 2017
@celskeggs
Copy link
Member Author

On further reflection, this is not a security issue. It's nice for security to have reproducibility, but it's not a security issue per se.

@cryslith
Copy link
Member

Full completion of this is going to depend on golang/go#16860, especially for kubernetes, which fares the worst with reproducibility.

That issue is fixed since Apr 24 of this year, by the way 🎉

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
category code-quality macro
Projects
None yet
Milestone
Dev Cluster 8
Development

No branches or pull requests
2 participants
@cryslith @celskeggs