[LEDE-DEV] Reproducible builds & feeds
Holger Levsen
holger at layer-acht.org
Thu Dec 22 10:35:29 PST 2016
Hi,
thanks for your mail Rafał and I'm very sorry for the late reply…
On Sat, Oct 15, 2016 at 05:32:02PM +0200, Rafał Miłecki wrote:
> After Holger & Alexander talk at OpenWrt Summit I started thinking
> about handling feeds in LEDE. Right now we simply point to external
> repositories within feeds.conf(.default):
> src-git packages https://git.lede-project.org/feed/packages.git
> src-git luci https://git.lede-project.org/project/luci.git
> src-git routing https://git.lede-project.org/feed/routing.git
> src-git telephony https://git.lede-project.org/feed/telephony.git
>
> I see few problems with this solution:
>
> 1) No info on used feeds revisions
> Problem: When you get an image you can't say which revisions of feeds
> were used to build it.
agreed.
> Possible solution: Include some extra file with info about each feed
> and used revision
>
> 2) No pointing specific revision
> Problem: We always use the latest revision of each feed. It's easy to
> hit some problem/regression introduced in a feed without an easy way
> of tracking it down. You have to guess which was the latest working
> revision.
agreed.
> Possible solution: Always point specific revision in
> feeds.conf.default, e.g. src-git packages
> https://git.lede-project.org/feed/packages.git^commithash .
> Unfortunately this will require us to update this file over and over.
>
> 3) The way of specifying revisions
> Problem: This is only possible with manually creating a proper
> feeds.conf. I'm wondering if this would make sense to make is somehow
> more script friendly? Alexander, Holger: what do you think about this?
use git tags?
> Possible solution: Implement solution suggested in problem 2 or maybe
> add support for some env variable(s) pointing revision(s)?
>
> I think the problem that really needs solving is the first one. The
> rest we can probably just discuss (hint: waiting for your opinions).
> Right now it's not possible/easy to rebuild image I got downloaded.
> Even if I'm ready to create my own feeds.conf I don't know what
> revisions to put there. Also please note this is only an introduction
> to have binary reproducible builds.
and now I will also say: sorry for the lame reply too, or in other
words: yes, I agree these problems should be solved, however i'm not
much familar with openwrt/lede internals, I basically just know that you
have these package feeds.
btw, I will be at 33c3 and happy to discuss anything related to
reproducible builds there. Either grab me if you see me or send an mail
so we can agree on a meeting time+date.
--
cheers,
Holger
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 811 bytes
Desc: Digital signature
URL: <http://lists.infradead.org/pipermail/lede-dev/attachments/20161222/0f8fded1/attachment.sig>
More information about the Lede-dev
mailing list