-
Notifications
You must be signed in to change notification settings - Fork 19
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Make builds reproducible #1
Comments
There are two elements to this:
|
Latter part is pbuilder. Former part is using debian tools and various hacks. TODO reminder: verify reproducibility across checkouts (for modification times) and machines; make sure verbosity settings are turned down. |
Current progress is in the try-debian-builds branch. |
Full completion of this is going to depend on golang/go#16860, especially for kubernetes, which fares the worst with reproducibility. |
The easy part is completed -- notably, building everything with debian packaging tool in chroots. The hard part is not yet done, but has some work completed towards it. |
On further reflection, this is not a security issue. It's nice for security to have reproducibility, but it's not a security issue per se. |
That issue is fixed since Apr 24 of this year, by the way 🎉 |
This should avoid certain weird edge-case bugs (or at least make them easier to diagnose) and hopefully limit the dependencies on the build environment.
The text was updated successfully, but these errors were encountered: