On Wed, Nov 27, 2019 at 9:17 AM Pablo Greco <pablo@xxxxxxxxxxxxxxxx> wrote: > > I'm starting to work on a project to make Fedora fully reproducible and bootstrappable from scratch. > I know it is a long term plan and still working on the steps, but it would be good to know the current status, if there is an internal interest in this, if someone is already working (or planning to). > I believe Dennis was last interested in this recently, though the last time it was seriously worked on was when Dhiru Kholia was doing this in Fedora 23 for the Reproducible Builds project. Since then, RPM has gained a number of features for supporting reproducibility, some of them from our friends at SUSE who have been pushing this hard for openSUSE itself. I've done a small bit of work here and there for this, too. The current state of things is that we could relatively quickly start verifying the reproducibility of Fedora by running a shadow Koji that has the following flags set in the target tag where builds occur: %clamp_mtime_to_source_date_epoch 1 %use_source_date_epoch_as_buildtime 1 %_buildhost koji.fedoraproject.org We already set the following in redhat-rpm-config[0]: %source_date_epoch_from_changelog 1 It would likely be quite safe for us to add "%clamp_mtime_to_source_date_epoch 1" to redhat-rpm-config without seriously inhibiting things. That would just leave a shadow Koji to only need "%use_source_date_epoch_as_buildtime" and "%_buildhost" set. These settings should never be forcibly set in redhat-rpm-config, as they impact third-party packagers and their workflows. Thankfully, Koji supports having macros set on build target tags directly since Koji 1.18[1]. As far as bootstrapping from scratch, I believe Richard W. M. Jones and David Abdurachmanov went through this process for Fedora RISC-V. They may have more to say about how that was done... [0]: https://src.fedoraproject.org/rpms/redhat-rpm-config/c/86aae600e62fadc18760d95d1fddd323cf9e9a86 [1]: https://docs.pagure.org/koji/release_notes_1.18/#system-changes -- 真実はいつも一つ!/ Always, there's only one truth! _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
