[ipxe-devel] reproducible builds
Christian Nilsson
nikize at gmail.com
Sat May 2 00:46:16 UTC 2020
On Sat, 2 May 2020, 07:36 Neil Roza, <neil at rtr.ai> wrote:
> Hi ipxe-devel,
>
> Please find the attached diff representing a patch I would like to submit
> for your consideration. This is a small change to the
> `src/Makefile.housekeeping` that makes the generation of most artifacts
> (notably not `*.usb` images) deterministic.
>
> The scariest change here is the removal of the `BUILD_ID_CMD` in favor of
> an inlined shell snippet where the `_build_id` symbol is defined. In
> keeping with the comments that specify a unique `_build_id` for each
> `$(BIN)/%.tmp`, I use the first 8 characters of the md5sum of the target,
> in the expected base-prefixed hexadecimal representation. Calculating the
> likelihood of collisions I leave as an exercise to the reviewer. :D
>
> The `BUILD_TIMESTAMP` assignment has been changed to allow environment
> variable overriding, but it defaults to `SOURCE_DATE_EPOCH`. The source
> date epoch can also be overridden; it defaults to the Unix timestamp of the
> current git HEAD commit.
>
> I like reproducible builds, but I recognize that others have different
> concerns. I'm happy to change what needs changing.
>
Hi,
Have you read all previous emails on the topic that is posted to the
mailing list?
Also take a look at the commits that introduced the parts that you now are
changing.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ipxe.org/pipermail/ipxe-devel/attachments/20200502/a1ea57a6/attachment.htm>
More information about the ipxe-devel
mailing list