From 1b5f590d2eb0da9d22048a8de4aec94957dd976f Mon Sep 17 00:00:00 2001 From: Holger Levsen Date: Sat, 17 Oct 2015 00:15:09 +0200 Subject: reproducible arch: briefly explain what this is about --- TODO | 10 +++++----- bin/reproducible_common.sh | 11 ++++++++++- bin/reproducible_html_archlinux.sh | 2 +- 3 files changed, 16 insertions(+), 7 deletions(-) diff --git a/TODO b/TODO index 64a93094..032a5de5 100644 --- a/TODO +++ b/TODO @@ -293,16 +293,16 @@ properties: ==== reproducible Arch Linux * create a job, to bootstrap an arch schroot: done. needs to be made idempotent. +** BOOTSTRAP_TAR_GZ=2015.08.01/archlinux-bootstrap-2015.08.01-x86_64.tar.gz needs to be replaced with a future proof filename +** download bootstrap.tar.gz sig and verify * use regular maintenace job to update the arch schroot: 'schroot --directory /tmp -c source:jenkins-reproducible-arch -u root -- pacman -Syu --noconfirm' -* created another job (WIP), to build a single package +* arch build.sh: ** introduce variations: USER, TZ, LANG, LC_ALL, umask +** 'makepkg --skippgpcheck' should be replaced by 'makepkg' and 'echo "keyserver-options auto-key-retrieve" >> ~/.gnupg/gpg.conf' +*** this should make this obselete: 'schroot --directory /tmp -c source:jenkins-reproducible-arch -- grep ^validpgpkeys= $PKG/PKGBUILD|cut -d "'" -f2|xargs schroot --directory /tmp -c source:jenkins-reproducible-arch -- gpg --recv-keys' * create a working scheduler job ** idea: reschedule reverse build depends too * more random notes: -** BOOTSTRAP_TAR_GZ=2015.08.01/archlinux-bootstrap-2015.08.01-x86_64.tar.gz needs to be replaced with a future proof filename -** download bootstrap.tar.gz sig and verify -** 'makepkg --skippgpcheck' should be replaced by 'makepkg' and 'echo "keyserver-options auto-key-retrieve" >> ~/.gnupg/gpg.conf' -*** this should make this obselete: 'schroot --directory /tmp -c source:jenkins-reproducible-arch -- grep ^validpgpkeys= $PKG/PKGBUILD|cut -d "'" -f2|xargs schroot --directory /tmp -c source:jenkins-reproducible-arch -- gpg --recv-keys' ** patch pacman to create .buildinfo files - or better: wait ** rename arch scripts and jobs to archlinux diff --git a/bin/reproducible_common.sh b/bin/reproducible_common.sh index 567e88a5..baa9bba5 100755 --- a/bin/reproducible_common.sh +++ b/bin/reproducible_common.sh @@ -283,8 +283,15 @@ write_page_intro() { local PROJECTURL="https://github.com/freebsd/freebsd.git" local BUILD_ENVIRONMENT=", which via ssh triggers a build on a FreeBSD 10.1 system" local BRANCH="release/10.2.0" + elif [ "$1" = "Archlinux" ] ; then + write_page " Reproducible $1 is an effort to apply this to $1. Thus $1 packages are build twice, with a few varitations added and then the resulting packages from the two builds are then compared using diffoscope. Please note that the toolchain is not varied at all as the rebuild happens on exactly the same system. More variations are expected to be seen in the wild.

" + local PROJECTNAME="Archlinux" + fi + if [ "$1" != "Archlinux" ] ; then + write_page "

There is a weekly run jenkins job to test the $BRANCH branch of $PROJECTNAME.git. Currently this job is triggered more often though, because this is still under development and brand new. The jenkins job is running reproducible_$PROJECTNAME.sh$BUILD_ENVIRONMENT and this script is solely responsible for creating this page. Feel invited to join #debian-reproducible (on irc.oftc.net) to request job runs whenever sensible. Patches and other feedback are very much appreciated - if you want to help, please start by looking at the ToDo list for $1, you might find something easy to contribute.

" + else + write_page "

This is brand new and the test setup needs to be explained here.

" fi - write_page "

There is a weekly run jenkins job to test the $BRANCH branch of $PROJECTNAME.git. Currently this job is triggered more often though, because this is still under development and brand new. The jenkins job is running reproducible_$PROJECTNAME.sh$BUILD_ENVIRONMENT and this script is solely responsible for creating this page. Feel invited to join #debian-reproducible (on irc.oftc.net) to request job runs whenever sensible. Patches and other feedback are very much appreciated - if you want to help, please start by looking at the ToDo list for $1, you might find something easy to contribute.

" } write_page_footer() { @@ -295,6 +302,8 @@ write_page_footer() { write_page "NetBSD® is a registered trademark of The NetBSD Foundation, Inc." elif [ "$1" = "FreeBSD" ] ; then write_page "FreeBSD is a registered trademark of The FreeBSD Foundation. The FreeBSD logo and The Power to Serve are trademarks of The FreeBSD Foundation." + elif [ "$1" = "Archlinux" ] ; then + write_page "The Arch Linux name and logo are recognized trademarks. Some rights reserved. The registered trademark Linux® is used pursuant to a sublicense from LMI, the exclusive licensee of Linus Torvalds, owner of the mark on a world-wide basis." fi write_page "

" } diff --git a/bin/reproducible_html_archlinux.sh b/bin/reproducible_html_archlinux.sh index b1a99152..345547c6 100755 --- a/bin/reproducible_html_archlinux.sh +++ b/bin/reproducible_html_archlinux.sh @@ -25,8 +25,8 @@ cat > $PAGE <<- EOF Repoducible Archlinux ? -

This is work in progress and brand new…

EOF +write_page_intro Archlinux write_page "" for PKG in $(find $ARCHBASE/* -maxdepth 1 -type d -exec basename {} \;) ; do write_page " " -- cgit v1.2.3-70-g09d2
source packagetest date1st build log2nd build logdiffoscope output for binary packages