[ipxe-devel] reproducible builds

Geert Stappers stappers at stappers.nl
Sat May 2 15:16:07 UTC 2020 

On Sat, May 02, 2020 at 09:34:34AM +0200, Geert Stappers wrote:
> On Fri, May 01, 2020 at 06:36:05PM -0400, Neil Roza wrote:
> > Hi ipxe-devel,
> > 
> > Please find the attached diff representing a patch I would like to submit
> > for your consideration. This is a small change to the
> > `src/Makefile.housekeeping` that makes the generation of most artifacts
> > (notably not `*.usb` images) deterministic.
> > 
      ...
> > 
> > I like reproducible builds, but I recognize that others have different
> > concerns. I'm happy to change what needs changing.
> > 
> 
> I also like reproducible builds.  I'm happy to help find consensus.
> 
> > 
> > Neil Roza
> 
> 
> That I missed something is concern for later ...
> 
> > diff --git a/src/Makefile.housekeeping b/src/Makefile.housekeeping
> > index 1dd14794..93c598d2 100644
> > --- a/src/Makefile.housekeeping
> > +++ b/src/Makefile.housekeeping
> > @@ -1163,14 +1163,22 @@ $(BLIB) : $(BLIB_OBJS) $(BLIB_LIST) $(MAKEDEPS)
> >  	$(Q)$(RANLIB) $@
    ...
> >  $(BIN)/%.tmp : $(BIN)/version.%.o $(BLIB) $(MAKEDEPS) $(LDSCRIPT)
> >  	$(QM)$(ECHO) "  [LD] $@"
> >  	$(Q)$(LD) $(LDFLAGS) -T $(LDSCRIPT) $(TGT_LD_FLAGS) $< $(BLIB) -o $@ \
> > -		--defsym _build_id=`$(BUILD_ID_CMD)` \
> > +		--defsym _build_id="0x$$(echo $@ | md5sum | head -c8)" \
> >  		--defsym _build_timestamp=$(BUILD_TIMESTAMP) \
> >  		-Map $(BIN)/$*.tmp.map
> >  	$(Q)$(OBJDUMP) -ht $@ | $(PERL) $(SORTOBJDUMP) >> $(BIN)/$*.tmp.map
> 
> 
> Oops, hefty changes.  I think I can make the proposed changes less intrusive.

Find attached two patches  (a thrid is work in progress)



Groeten
Geert Stappers


P.S.
Some happy git flow

  git checkout master
  git pull
  git checkout -b myfeaturebranch
  # the actual development
  git add  files_worked_on
  git commit
  # further development
  git add  files_worked_on 
  git commit
  git format-patch master
  # now you have patches that can be shared / distributed / emailed
   
At recieving end

  git checkout master
  git checkout -b reviewbranch
  git am  *.patch
  # actual reviewing
  git checkout master
  git rebase reviewbranch
-- 
Silence is hard to parse
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-src-Makefile.housekeeping-lines-reshuffled.patch
Type: text/x-diff
Size: 1102 bytes
Desc: not available
URL: <http://lists.ipxe.org/pipermail/ipxe-devel/attachments/20200502/0608f87f/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0002-Reproducible-builds.patch
Type: text/x-diff
Size: 1222 bytes
Desc: not available
URL: <http://lists.ipxe.org/pipermail/ipxe-devel/attachments/20200502/0608f87f/attachment-0001.bin>

More information about the ipxe-devel mailing list