[Qa-jenkins-scm] [Git][qa/jenkins.debian.net][master] reproducible Debian rebuilder 'thing': explain what we are doing (and why we...
Holger Levsen
gitlab at salsa.debian.org
Wed Apr 1 01:09:50 BST 2020
Holger Levsen pushed to branch master at Debian QA / jenkins.debian.net
Commits:
3e84a05c by Holger Levsen at 2020-04-01T02:09:28+02:00
reproducible Debian rebuilder 'thing': explain what we are doing (and why we ignore gpg signatures here)
Signed-off-by: Holger Levsen <holger at layer-acht.org>
- - - - -
2 changed files:
- TODO
- bin/reproducible_debian_rebuilder_prototype.sh
Changes:
=====================================
TODO
=====================================
@@ -64,14 +64,11 @@ See link:https://jenkins.debian.net/userContent/about.html["about jenkins.debian
=== Debian rebuilder 'thing'
* prototype only dealing with bullseye and amd64 (and arch all packages)
-** first step: download a .buildinfo file and sbuild it
+** first step: download a .buildinfo file and sbuild it - WIP
*** second step: put result in db
*** third step: have some scheduler job and a rebuilder job picking up tasks
*** fourth step: have a smarter scheduler
*** fifth step: export results as json and html
-** the goal is to create json export to integrate in tracker.d.o and/or packages.d.o
-** another goal (implied in the one above) is create Debian's POV on the 'practical' reproducibility status of the packages distributed via ftp.d.o. - so far tests.r-b.o/debian/ only shows the 'theoretical' reproducibility of Debian packages.
-** we'll leave out the problem of 'trust' here quite entirely. that's why it's called a Debian rebuilder 'thing', to explore technical feasibility, ductaping our way ahead, keeping our motto 'to allow anyone to independently verify...' in mind.
* run jenkins job on pb7 (=buildinfos.d.n), which triggers builds on osuosl173 and stores the results on pb7
** keep data in postgresql|sqlite on pb7
*** pb7 also has the builtin-pho db so it seems natural to join them...
=====================================
bin/reproducible_debian_rebuilder_prototype.sh
=====================================
@@ -4,6 +4,19 @@
# Copyright 2020 Holger Levsen <holger at layer-acht.org>
# released under the GPLv2
+###########################################################################################
+### ###
+### the goal is to create json export to integrate in tracker.d.o and/or packages.d.o ###
+### ###
+### another goal (implied in the one above) is create Debian's POV on the 'practical' ###
+### reproducibility status of the packages distributed via ftp.d.o. - so far ###
+### tests.r-b.o/debian/ only shows the 'theoretical' reproducibility of Debian packages.###
+### ###
+### we'll leave out the problem of 'trust' here quite entirely. that's why it's called ###
+### a Debian rebuilder 'thing', to explore technical feasibility, ductaping our way ###
+### ahead, keeping our motto 'to allow anyone to independently verify...' in mind. ###
+###########################################################################################
+
DEBUG=false
. /srv/jenkins/bin/common-functions.sh
common_init "$@"
@@ -21,7 +34,7 @@ FILE='bash_5.0-6_amd64.buildinfo'
URLPATH='https://buildinfos.debian.net/buildinfo-pool/b/bash'
# use gpg here to workaround #955050 in devscripts: debrebuild: please accepted signed .buildinfo files
-curl $URLPATH/$FILE | gpg > $FILE
+curl $URLPATH/$FILE | gpg > $FILE || true # we cannot validate the signature and we don't care
echo
echo this is $URLPATH/$FILE with gpg signature stripped:
cat $FILE
View it on GitLab: https://salsa.debian.org/qa/jenkins.debian.net/-/commit/3e84a05c3ba8a8c0b419b8f7f2a491b7743a8e4f
--
View it on GitLab: https://salsa.debian.org/qa/jenkins.debian.net/-/commit/3e84a05c3ba8a8c0b419b8f7f2a491b7743a8e4f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/qa-jenkins-scm/attachments/20200401/020448c1/attachment-0001.html>
More information about the Qa-jenkins-scm
mailing list