breaking CI if build is not reproducible?
Marek Marczykowski-Górecki
marmarek at invisiblethingslab.com
Sun Jun 18 14:08:12 UTC 2023
On Wed, Jun 07, 2023 at 03:50:41PM +0200, Martin Monperrus wrote:
> Hi all,
>
> We're researching on build reproducibility.
>
> Are you aware of any project where reproducibility is checked in a continuous integration pipeline?
>
> (For instance, by building twice in CI and comparing the output)
>
> If yes, thanks to share here or via private email.
Qubes OS fails CI on non-reproducible packages too. We do that by using
reprotest and comparing against initial build in another CI job.
Currently we test that on Fedora and Debian (bookworm and bullseye), but
due to upstream issues, Fedora jobs are allowed to fail.
--
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <http://lists.reproducible-builds.org/pipermail/rb-general/attachments/20230618/7f51c226/attachment.sig>
More information about the rb-general
mailing list