Fix Wasm module reproducibility #1819
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ipetr0v
force-pushed
the
fix_repro
branch
3 times, most recently
from
eea3c86
to
6f86775
Compare
|
@ipetr0v if the issue is only on GCB (and not on GH actions) , should we just delete the GCB pipeline? I think keeping only one makes sense long term anyways |
|
It looks like GH actions also hang and don't succeed |
ipetr0v
force-pushed
the
fix_repro
branch
2 times, most recently
from
6cd89e8
to
dbb08be
Compare
|
So, github CI can reproducibly build Wasm modules now. So in order to have a reproducible CI - we need to drop GCB and only use github CI. |
|
But IIUC it's only possible to remove GCB simultaneously for all PRs. |
|
Is the problem with GCB that it still runs the containers as root? |
|
Yes |
Yes I can change the repo settings to make the GH actions check mandatory, but it will be a global change. I think that's fine though, as long as we are fine with GH actions as our primary CI. Is there anything left that is not currently checked on GH actions? I think the git diff stuff may not be there. Is GH actions stable enough, or is it more flaky than GCB, in your experience? |
To be honest GH actions do seem more flaky than GCB. |
it's true, do you have an idea why? |
|
Not sure |
Merged
|
Created a PR that updates github CI to match GCB: #1888 |
tiziano88
approved these changes
Feb 18, 2021
tiziano88
approved these changes
Feb 18, 2021
tiziano88
approved these changes
Feb 18, 2021
ipetr0v
added a commit
that referenced
this pull request
Feb 23, 2021
This change updates github CI actions to match Google Cloud Build. Required for #1819 in order to disable GCB CI and completely move to github CI.
Update hashes Use fake user ID in Docker Update Aggregator hash TEST_CI: chwon oak files TEST_CI: add ci_init TEST_CI: change order TEST_CI: check user TEST_CI: check user TEST_CI: check user TEST_CI: check user TEST_CI: check user TEST_CI: check user TEST_CI: check user TEST_CI: chown oak TEST_CI: chown oak TEST_CI: chown oak TEST_CI: chown oak TEST_CI: fix order TEST_CI: fix order TEST_CI: fix order TEST_CI: fix order TEST_CI: fix order TEST_CI: fix order TEST_CI: fix order Init github CI Test github CI Test github CI Test github CI Test github CI Remove test code Remove test code Remove test code Update signature Update Dockerfile Test CI Test CI Update hashes
|
Reproducibility Index: Reproducibility Index diff: diff --git a/reproducibility_index b/reproducibility_index
index b13d2ad..c1a9862 100644
--- a/reproducibility_index
+++ b/reproducibility_index
@@ -1,15 +1,15 @@
-b8b378416e4ed10f558b8e41c4577e3b010b0a1eb6fa32ea3a6c4430cd35201d ./examples/abitest/bin/abitest_0_frontend.wasm
-691019ccb0f22af4a07560a773d005f6346dd4a4c7116690e06f3654e904029c ./examples/abitest/bin/abitest_1_backend.wasm
-69b651f1edccec1436793d90677467471919897481e619e7e87b3bae0701c0f4 ./examples/abitest/bin/abitest_linear_handles.wasm
-401b1d9f238b82b12043e80eb214e0b0fe782447cd6ee251601a7f5bb3374221 ./examples/aggregator/bin/aggregator.wasm
-e06e9dc64d8ac7480bd1f97c28ce623197f6a680e4b9c5844ca2b673f4f45431 ./examples/chat/bin/chat.wasm
-7b4bf21eb8e976cc542b9a15a3051f0c005f3282442bd7dadd21bee7e5e1a981 ./examples/hello_world/bin/hello_world.wasm
-6cdade7f66bf2ea5c9b74a14deadae474f631fe6aaa3dade858b7e4695f6cde9 ./examples/hello_world/bin/translator.wasm
-2cfca9c514d384c6edcfcd8adde55f610a9c6f2b6a9f1a8ea7964834ef43d12f ./examples/http_server/bin/http_server.wasm
-18d0c9ff1ffa8982bbb9018c9c9bd87d7c4166d0e71ff17c0d482a886b0df3a1 ./examples/injection/bin/injection.wasm
-8fcbacd377bc8219789c7966532caf2b41fe19ce9bffcf1bf1d0cee828212f9e ./examples/private_set_intersection/bin/private_set_intersection.wasm
-6d8cb28d84840997591bd8d72e466273788b70443dafbf85d2302db2e5c2ff54 ./examples/private_set_intersection/bin/private_set_intersection_handler.wasm
-d51756e055b5c09a6923dbc7935beca3efa9973011351c7de9ef32d9d80608fb ./examples/proxy_attestation/bin/proxy_attestation_example.wasm
-6cdade7f66bf2ea5c9b74a14deadae474f631fe6aaa3dade858b7e4695f6cde9 ./examples/translator/bin/translator.wasm
-19b9524d8920c6d6805d7a6adb84d1c3936e58b25d0599e5d7a2ad921bd6981f ./examples/trusted_database/bin/trusted_database.wasm
-b96b5912d8c7f2efd4493908361bc20f130724d53c061f40864c695f5d98a0a2 ./oak_loader/bin/oak_loader
+d6bf09c6b84df6a51210aebfda47bac9e704593e61e3a62abcf483c8af4f3b3f ./examples/abitest/bin/abitest_0_frontend.wasm
+589e9a738e5d5ec9630ddb731f1cfba326a7be00a2cd1f3ee48849745028e8d0 ./examples/abitest/bin/abitest_1_backend.wasm
+053b3b5b53317fee05170e02bbca03ca4d0bc97f9c8dc966aea4f892e071b5e4 ./examples/abitest/bin/abitest_linear_handles.wasm
+87dd6f0375b1fcea0e5b8b13adda6cbe6ca9a9eef4ab8557b65f90ac593d9cb7 ./examples/aggregator/bin/aggregator.wasm
+d2330f52bbd3a930d2bc5bb0282df04824993d2fea4a8cf0fc90173f5fcd7525 ./examples/chat/bin/chat.wasm
+5007802f7892d5100c1953296eb1d3a0272a9c6972329bf2ea3fcd44b5e1687d ./examples/hello_world/bin/hello_world.wasm
+601272baacbf8a4fd025f7b9c5bb40c7b56ba945fe16c37c2388258715489bfa ./examples/hello_world/bin/translator.wasm
+fd37c27cbda6702469249ecfde45ffc15421c973fab06195f335e6c5971c9edd ./examples/http_server/bin/http_server.wasm
+effdf048815faa00b15d3b9775926d341716a5db68ebc009454660222680e184 ./examples/injection/bin/injection.wasm
+3b954f4946e0294fa6925305cc7f14818d6b931efdf6e68cb0a2297e694e464d ./examples/private_set_intersection/bin/private_set_intersection.wasm
+873229d9cfcfafb3cfe183174915ed7c5cb6175b6ff14b190caaf00839e965b4 ./examples/private_set_intersection/bin/private_set_intersection_handler.wasm
+016cb29eb2e128d17dbcd50509f2e6e67e87a7837a9934c79c90cbb766ccff13 ./examples/proxy_attestation/bin/proxy_attestation_example.wasm
+601272baacbf8a4fd025f7b9c5bb40c7b56ba945fe16c37c2388258715489bfa ./examples/translator/bin/translator.wasm
+dbf52868f38b55eeb5d1e812ebbe7c672a43f54dc0870103e5dc07233839e262 ./examples/trusted_database/bin/trusted_database.wasm
+7f3d64d1f6896989bcffd33b9189188579eb4f80105eb6d8bb5f2ac5ca770fbd ./oak_loader/bin/oak_loader
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This change:
Fixes #865