-
Notifications
You must be signed in to change notification settings - Fork 108
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Cannot reproduce 3.11.1 for Android #103
Comments
Same issue for 3.11.2 |
Thanks for the report. I would love to track down the root cause of this as well. We will discuss the removal of the minification step, but as you said, this will not resolve the original problem. The versions in the |
@AndreasGassmann I tried 3.11.2 with recent changes on server and the npm error has gone, yarn did the trick. But unfortunately the steps (layers) of building Airgap docker image are getting huge, so applying simple changes on previous layer (like a simple cp command) takes a lot of time to be completed by server. So 60 mins of timeout was not enough to reproduce the apk. I increased the timeout to 90 mins but still we get timeout and a build failure from gradle at STEP 31 Here are the logs:
Please let me know if we should increase the build timeout to 120 mins if it helps, Anyway I think some Dockerfile steps could be collapsed. |
I didn't create the docker files and I'm not a docker expert, but we use variations of this setup for all our projects. I just checked, and in our internal gitlab runner, the android build takes less than 8 minutes: https://github.com/airgap-it/airgap-vault/blob/master/.gitlab-ci.yml#L42-L62 I can see in the logs that a few layers were cached, so I'm not sure how long the build would take if nothing was cached. But we have our timeout set to 1 hour, and we never hit that limit. If I remember correctly, when I ran the walletscrutiny script last time in my VM, it took around 20 minutes? Could you increase the limit to 120m or even higher once, so we can see if it EVER finishes? Maybe it just hangs at a specific point and will never finish. Do you have any suggestions what we could change in our build to make it more efficient? |
I will take a look and update you. |
For what it's worth, build now worked with the server. It had run out of RAM and we upgraded to 16GB. |
airgap-it#103 This commit just removes unnecessary docker layers which results in smaller image and faster builds.
Sent a PR with minor changes in Dockerfile to remove unnecessary layers. |
Thanks for looking into this and thanks @mohammadrafigh for the PR. I will look into it ASAP. |
So I did some investigation yesterday and what I found is that it seems that the order of code is random in some cases. The diff was 3000 lines long, but there was only 1 huge chunk that was in a different place (but same code), and then a few individual lines that were different because the variable name of that chunk was different. In my case, it was one specific package that was "in the wrong place". I will continue to investigate why that is. I also disabled the optimisation step, but the file size of main.x.js doubled, so this isn't a feasible solution either. |
Ok since 3.12.0 is reproducible then if more investigation is not needed, you can close this issue. |
Thanks for all the help. |
@AndreasGassmann Something random is happening, in your private test 3.12.0 was reproducible but the play store version seems to be not reproducible again please take a look at these logs:
Do you use a specific API key or secret which is different between your production and development environment? maybe this is the case? |
Did you compare the hash of the APK that I uploaded and the one from the play store? Unless google changed something during the release process, they must be the same. I actually downloaded the APK from the google play store developer panel while it was in review and uploaded that exact version to walletscrutiny to check if it was reproducible. I had to do that because I wasn't the one who signed the APK, so this was the easiest way for me to get the signed APK. |
here is the hash of the APK in public state: The hashes are different which is weird. for more info please check developers panel, you can see both test results for public (without api key) and your private test. |
It would be good to compare the two APKs with diffoscope. I have seen the hash change after upload to Google Play but it was because of different compression or something as the content was identical. |
@AndreasGassmann Is there any updates\progress on this? The walletscrutiny status is still not good. |
This is an old issue, let's continue this here: #127 |
Great, let's track it there! Thank you! |
Sadly the issue with the minified main.js keeps cropping up and I wonder why and how to avoid it.
Objectionable diff is:
In index.html only the main.js file names differ but the two main.*.js files differ in dozens of chunks (after preffifying) and with them being minified, it's hard to just trust them. Would not minifying be an option? Although that wouldn't fix reproducibility issues, it would help understand what's happening and why.
I noticed that dependencies are not well pinned. Not only aren't they pinned to a cryptographic hash of the dependency, they are not even pinned to a version number. From https://github.com/airgap-it/airgap-vault/blob/abbed9486d42fc10279018ec789566b71cf9cce2/package.json:
The text was updated successfully, but these errors were encountered: