[ipxe-devel] reproducible builds
Neil Roza
neil at rtr.ai
Sat May 2 00:58:05 UTC 2020
Hi Christian,
Not yet, but I'm certainly interested. How do I search for these previous
emails of which you speak?
On Fri, May 1, 2020 at 8:46 PM Christian Nilsson <nikize at gmail.com> wrote:
>
>
> On Sat, 2 May 2020, 07:36 Neil Roza, <neil at rtr.ai> wrote:
>
>> Hi ipxe-devel,
>>
>> Please find the attached diff representing a patch I would like to submit
>> for your consideration. This is a small change to the
>> `src/Makefile.housekeeping` that makes the generation of most artifacts
>> (notably not `*.usb` images) deterministic.
>>
>> The scariest change here is the removal of the `BUILD_ID_CMD` in favor of
>> an inlined shell snippet where the `_build_id` symbol is defined. In
>> keeping with the comments that specify a unique `_build_id` for each
>> `$(BIN)/%.tmp`, I use the first 8 characters of the md5sum of the target,
>> in the expected base-prefixed hexadecimal representation. Calculating the
>> likelihood of collisions I leave as an exercise to the reviewer. :D
>>
>> The `BUILD_TIMESTAMP` assignment has been changed to allow environment
>> variable overriding, but it defaults to `SOURCE_DATE_EPOCH`. The source
>> date epoch can also be overridden; it defaults to the Unix timestamp of the
>> current git HEAD commit.
>>
>> I like reproducible builds, but I recognize that others have different
>> concerns. I'm happy to change what needs changing.
>>
>
> Hi,
> Have you read all previous emails on the topic that is posted to the
> mailing list?
> Also take a look at the commits that introduced the parts that you now are
> changing.
>
>
>>
--
Neil Roza
Principal Systems Engineer at Realtime Robotics
P: 617.294.9853 E: neil at rtr.ai
rtr.ai
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ipxe.org/pipermail/ipxe-devel/attachments/20200501/e3691dcc/attachment.htm>
More information about the ipxe-devel
mailing list