From mboxrd@z Thu Jan 1 00:00:00 1970 From: =?utf-8?Q?Ludovic_Court=C3=A8s?= Subject: Hacking ideas from the Reproducible Builds Summit Date: Tue, 07 Jan 2020 16:40:31 +0100 Message-ID: <87v9pni8b4.fsf@gnu.org> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" Return-path: Received: from eggs.gnu.org ([2001:470:142:3::10]:51109) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1ioqyI-0000YU-IA for Guix-devel@gnu.org; Tue, 07 Jan 2020 10:40:43 -0500 Received: from fencepost.gnu.org ([2001:470:142:3::e]:48649) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ioqyI-00034g-8M for Guix-devel@gnu.org; Tue, 07 Jan 2020 10:40:42 -0500 Received: from [2001:660:6102:320:e120:2c8f:8909:cdfe] (port=50080 helo=ribbon) by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256) (Exim 4.82) (envelope-from ) id 1ioqyF-0003c8-Uc for Guix-devel@gnu.org; Tue, 07 Jan 2020 10:40:41 -0500 List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: "Guix-devel" To: Guix-devel --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Hello Guix! I had taken note of some of the good ideas that were discussed at the R-B Summit last month. It=E2=80=99s very rough but I figured it can be use= ful to share and might lead people to hack or to further brainstorm! --=-=-= Content-Type: text/x-org; charset=utf-8 Content-Disposition: inline; filename=rb-notes.org Content-Transfer-Encoding: quoted-printable Content-Description: the notes #+TITLE: Reproducible Build Summit V (2019) * reproducible builds ** TODO implement the =E2=80=9Ck out of n=E2=80=9D policy in =E2=80=98guix = substitute=E2=80=99 - could read /etc/guix/policy.scm ** TODO add name tags to keys in /etc/guix/acl ** TODO make it easy to run CI - =E2=80=9Cguix ci -C channel.scm -m manifest.scm=E2=80=9D ** TODO allow for =E2=80=9Cguix publish=E2=80=9D publishing narinfos withou= t any =E2=80=98URL=E2=80=99 field - to sign and publish hashes, without wasting bandwidth on nars ** TODO support IPFS in =E2=80=98guix publish=E2=80=99 and =E2=80=98guix su= bstitute=E2=80=99 - https://issues.guix.gnu.org/issue/33899 ** TODO narinfo signatures only on the required fields - see %mandatory-fields in (guix scripts substitute) ** TODO keep narinfo signatures in the store database - check what Nix does ** TODO have =E2=80=98guix challenge=E2=80=99 automatically do =E2=80=9Cgui= x build --check=E2=80=9D if needed (?) * bootstrapping ** TODO use fixed-output derivations for =E2=80=9Ctar xf=E2=80=9D like =E2= =80=9Cguile-bootstrap=E2=80=9D (?) This would avoid complex dependencies on tar, xz, etc. in (gnu packages bootstrap) & co. ** DONE create an where PID=C2=A01 spawns a build of the= package graph - State "DONE" from "TODO" [2019-12-07 Sat 13:09] --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: base64 DQpMdWRv4oCZLg0K --=-=-=--