[Reproducible-builds] Patches for sbuild reproducible builds
Vagrant Cascadian
vagrant at debian.org
Mon Feb 16 20:01:18 UTC 2015
On 2015-02-16, Holger Levsen wrote:
> On Samstag, 14. Februar 2015, Vagrant Cascadian wrote:
>> One patch sets the build dir to a static location based on the package
>> version, rather than a tempdir with a random string.
>>
>> The other patch ignores .buildinfo files in the .changes when displaying
>> package contents. Without it, the build status gets set to "attempted"
>> and is treated as a failed build:
>
> cool! I think it would be good if you could file a wishlist bug against sbuild
> ("please add support for reproducible building of packages with sbuild") and
> attach the patches there, so they do get lost.
Ok, I'll submit bugs about it so that they do *not* get lost. :)
> the current setup on jenkins.d.n just uses pbuilder twice. Maybe we should use
> sbuild once and pbuilder once? Could you help us with patches for that too? I
> at least have no clue about sbuild whatsoever ;-) We'd need to use our custom
> repo anyway, so using an sbuild rebuild plus your two patches is rather
> trivial...
The patch that configures the build dir would have to be rewritten for
that to work; sbuild seems to hard-code /build/ in a number of places ,
rather than the proposed /usr/src/debian/PACKAGE-VERSION; I'm not sure
what directory pbuilder is configured to use.
Also, pbuilder and sbuild would need to ensure the same exact package
set from build dependencies; there are various different dependency
resolvers which might result in differences that could cause
unreproducibility...
Could also add a third (and/or fourth) build with sbuild, to catch
issues where a package is rebuildable with pbuilder or sbuilder, but
doesn't produce consistant results when built once with pbuilder and
once with sbuild...
> git clone ssh://git.debian.org/git/qa/jenkins.debian.net.git and then check
> bin/reproducible_build.sh line 193 and 207 to see how pbuilder is used.
>
> Using sbuild once instead should be trivial, no? ;-)
With the above two issues (and perhaps other undiscovered issues) fixed,
it should be as simple as replacing:
pbuild --build ... --distribution sid ${SRCPACKAGE}_*.dsc
with:
sbuild --chroot sid ${SRCPACKAGE}_*.dsc
With appropriately configured sbuild/schroot chroots.
live well,
vagrant
p.s. not (yet) subscribed to list, so if you need me to respond, please
CC me.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 818 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/reproducible-builds/attachments/20150216/f2fd655b/attachment.sig>
More information about the Reproducible-builds
mailing list