New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

CMakelists: remove build user/hostname #1122

Closed
wants to merge 2 commits into
base: master
from

Conversation

Projects
None yet
2 participants
@lynxis
Contributor

lynxis commented Dec 9, 2017

The build user and hostname breaks reproducible builds.
Reproducible builds is an effort to create bit-by-bit identical
binaries independent from certain part including the build system.

@lynxis

This comment has been minimized.

Show comment
Hide comment
@lynxis

lynxis Dec 9, 2017

Contributor

For further information take a look at the reproducible builds webpage https://reproducible-builds.org/

Contributor

lynxis commented Dec 9, 2017

For further information take a look at the reproducible builds webpage https://reproducible-builds.org/

@lws-team

This comment has been minimized.

Show comment
Hide comment
@lws-team

lws-team Dec 9, 2017

Member

I understand the problem, but instead of 'remove' how about being able to control it from a cmake option?

Member

lws-team commented Dec 9, 2017

I understand the problem, but instead of 'remove' how about being able to control it from a cmake option?

CMakeLists: build reproducible by default
Using the build user and build hostname as part of the git hash breaks
reproducible builds. Make this part optional, but build reproducible by
default.
@lynxis

This comment has been minimized.

Show comment
Hide comment
@lynxis

lynxis Dec 10, 2017

Contributor

I've replaced the commit. Why do you include the build username/hostname? Isn't the git hash already unique?

Contributor

lynxis commented Dec 10, 2017

I've replaced the commit. Why do you include the build username/hostname? Isn't the git hash already unique?

@lws-team

This comment has been minimized.

Show comment
Hide comment
@lws-team

lws-team Dec 10, 2017

Member

Thanks, it's pushed on master.

Why do you include the build username/hostname?

There is reproducibility, and there is traceability. For example if you buy some food in the store, for a tin of pringles or whatever it should always taste the same, and the tin will always look the same; they can reproduce it. But on the tin will be printed the exact date and time of manufacture and information such as which factory and even production line did it... if there is a problem they can trace back where it came from. It's traceability.

For a distro where you build everything at once you might have other ways like CI to find out where and when it was build, and it's a priority to guarantee there were no changes from source inserted in there. For other cases like embedded where the rootfs and updates are composed from separate builders, traceability is also valuable.

Member

lws-team commented Dec 10, 2017

Thanks, it's pushed on master.

Why do you include the build username/hostname?

There is reproducibility, and there is traceability. For example if you buy some food in the store, for a tin of pringles or whatever it should always taste the same, and the tin will always look the same; they can reproduce it. But on the tin will be printed the exact date and time of manufacture and information such as which factory and even production line did it... if there is a problem they can trace back where it came from. It's traceability.

For a distro where you build everything at once you might have other ways like CI to find out where and when it was build, and it's a priority to guarantee there were no changes from source inserted in there. For other cases like embedded where the rootfs and updates are composed from separate builders, traceability is also valuable.

@lws-team lws-team closed this Dec 10, 2017

@lynxis

This comment has been minimized.

Show comment
Hide comment
@lynxis

lynxis Dec 10, 2017

Contributor

Thanks!

Contributor

lynxis commented Dec 10, 2017

Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment