-
Notifications
You must be signed in to change notification settings - Fork 3.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
R4R: Infrastructure for reproducible builds #4262
Conversation
Codecov Report
@@ Coverage Diff @@
## master #4262 +/- ##
======================================
Coverage 59.1% 59.1%
======================================
Files 217 217
Lines 14595 14595
======================================
Hits 8627 8627
Misses 5330 5330
Partials 638 638 |
Instructions follow: Make sure ruby is installed in your system and lives in /usr/bin/ruby: [ `which ruby` = '/usr/bin/ruby' ] && echo yes || echo no Clone gitian: git clone https://github.com/devrandom/gitian-builder Prepare a docker image for the build: cd gitian-build bin/make-base-vm --docker bin/make-base-vm --docker --arch amd64 export USE_DOCKER=1 Download go: mkdir inputs gopkg=go1.12.4.linux-amd64.tar.gz ; \ curl -L https://dl.google.com/go/$gopkg > inputs/$gopkg Build: bin/gbuild $SDK-PATH/cmd/gaia/contrib/gitian-linux.yml \ --commit cosmos-sdk=v0.34.3
…ck of reproducible builds
Update version package accordingly.
2022bb9
to
9f28890
Compare
Bnaries are now built with CGO enabled. I've successfully tested ledger support on Linux amd64. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If I run ./cmd/gaia/contrib/gitian-build.sh
on macosx, I get a ./cmd/gaia/contrib/gitian-build.sh: line 196: 1: unbound variable
. Update: OK, I see this needs a param passed in, e.g. ./cmd/gaia/contrib/gitian-build.sh linux pwd
.
Now:
Start the build
bin/gbuild:252:in ``': No such file or directory - sha256sum (Errno::ENOENT)
from bin/gbuild:252:in `<main>'
OK, looks like coreutils installation failed. NVM.
The instructions should probably contain a sentence on how to verify that the build I've created matches the official build / I successfully reproduced it. |
@liamsi dixit:
I will certainly do! And I will include instructions on how to retrieve and import builder keys into your GPG keyring, etc. |
Update: coreutils wasn't in PATH ... NVM I ran
|
Build reports: https://github.com/Liamsi/gaia.sigs |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Builds the darwin for me!!
This change set introduces support for building gaia with gitian
on the following GOOS/GOARCH pairs:
cmd/gaia/contrib/gitian-descriptors/ contains gitian descriptor files.
cmd/gaia/contrib/gitian-keys/ contains:
personal GPG keyring.
The gosum utility is removed, so is the go.sum hashsum bit from gaiacli/gaiad
version string. It was meant to be a provisional mitigation to the lack of a
reproducible build process.
GOBIN is removed from all Makefiles. When GOBIN is set, go refuses to cross-compiles
binaries for foreign architectures. export GOBIN=$GOPATH/bin is unnecessary anyway
as by default go install places built binaries in $GOPATH/bin. Developers are required
to update their enviornment files and replace $GOBIN with $GOPATH/bin in PATH.
circleci configuration file is amended accordingly.
Instructions at https://github.com/cosmos/cosmos-sdk/wiki/Reproducible-builds
Closes: #4027
Closes: #4280
For Admin Use: