* Hacking ideas from the Reproducible Builds Summit
@ 2020-01-07 15:40 Ludovic Courtès
2020-01-07 17:43 ` zimoun
0 siblings, 1 reply; 5+ messages in thread
From: Ludovic Courtès @ 2020-01-07 15:40 UTC (permalink / raw)
To: Guix-devel
[-- Attachment #1: Type: text/plain, Size: 228 bytes --]
Hello Guix!
I had taken note of some of the good ideas that were discussed at the
R-B Summit last month. It’s very rough but I figured it can be useful
to share and might lead people to hack or to further brainstorm!
[-- Attachment #2: the notes --]
[-- Type: text/x-org, Size: 1249 bytes --]
#+TITLE: Reproducible Build Summit V (2019)
* reproducible builds
** TODO implement the “k out of n” policy in ‘guix substitute’
- could read /etc/guix/policy.scm
** TODO add name tags to keys in /etc/guix/acl
** TODO make it easy to run CI
- “guix ci -C channel.scm -m manifest.scm”
** TODO allow for “guix publish” publishing narinfos without any ‘URL’ field
- to sign and publish hashes, without wasting bandwidth on nars
** TODO support IPFS in ‘guix publish’ and ‘guix substitute’
- https://issues.guix.gnu.org/issue/33899
** TODO narinfo signatures only on the required fields
- see %mandatory-fields in (guix scripts substitute)
** TODO keep narinfo signatures in the store database
- check what Nix does
** TODO have ‘guix challenge’ automatically do “guix build --check” if needed (?)
* bootstrapping
** TODO use fixed-output derivations for “tar xf” like “guile-bootstrap” (?)
This would avoid complex dependencies on tar, xz, etc. in (gnu packages
bootstrap) & co.
** DONE create an <operating-system> where PID 1 spawns a build of the package graph
- State "DONE" from "TODO" [2019-12-07 Sat 13:09]
[-- Attachment #3: Type: text/plain, Size: 12 bytes --]
Ludo’.
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Hacking ideas from the Reproducible Builds Summit
2020-01-07 15:40 Hacking ideas from the Reproducible Builds Summit Ludovic Courtès
@ 2020-01-07 17:43 ` zimoun
2020-01-08 10:42 ` Efraim Flashner
2020-01-08 22:04 ` Ludovic Courtès
0 siblings, 2 replies; 5+ messages in thread
From: zimoun @ 2020-01-07 17:43 UTC (permalink / raw)
To: Ludovic Courtès; +Cc: Guix-devel
Hi Ludo,
Thank you for sharing! Cool!
> ** TODO make it easy to run CI
> - “guix ci -C channel.scm -m manifest.scm”
Do you a pointer (thread in guix-devel or bug) about this point "guix ci"?
> ** TODO have ‘guix challenge’ automatically do “guix build --check” if needed (?)
I like the current default. :-)
Well, usually I do not know what I have locally build or not when I
use "guix challenge". And time to time I use "guix challenge <pkg>" to
know if this very <pkg> is locally built or not. Awkward but does the
job. :-)
BTW, it could be cool to expose some options of "guix build" to "guix
challenge", e.g., "--no-substitutes", "--max-jobs", "--cores",
"--with-source", etc.
Cheers,
simon
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Hacking ideas from the Reproducible Builds Summit
2020-01-07 17:43 ` zimoun
@ 2020-01-08 10:42 ` Efraim Flashner
2020-01-10 17:04 ` Ludovic Courtès
2020-01-08 22:04 ` Ludovic Courtès
1 sibling, 1 reply; 5+ messages in thread
From: Efraim Flashner @ 2020-01-08 10:42 UTC (permalink / raw)
To: zimoun; +Cc: Guix-devel
[-- Attachment #1: Type: text/plain, Size: 1216 bytes --]
On Tue, Jan 07, 2020 at 06:43:54PM +0100, zimoun wrote:
> Hi Ludo,
>
> Thank you for sharing! Cool!
>
>
> > ** TODO make it easy to run CI
> > - “guix ci -C channel.scm -m manifest.scm”
>
> Do you a pointer (thread in guix-devel or bug) about this point "guix ci"?
>
>
> > ** TODO have ‘guix challenge’ automatically do “guix build --check” if needed (?)
>
> I like the current default. :-)
> Well, usually I do not know what I have locally build or not when I
> use "guix challenge". And time to time I use "guix challenge <pkg>" to
> know if this very <pkg> is locally built or not. Awkward but does the
> job. :-)
>
> BTW, it could be cool to expose some options of "guix build" to "guix
> challenge", e.g., "--no-substitutes", "--max-jobs", "--cores",
> "--with-source", etc.
>
I wish 'guix challenge' by default challenged all the servers in the
substitute-url list without needing to specify it with a flag and not
just the default one (berlin)
--
Efraim Flashner <efraim@flashner.co.il> אפרים פלשנר
GPG key = A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351
Confidentiality cannot be guaranteed on emails sent or received unencrypted
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Hacking ideas from the Reproducible Builds Summit
2020-01-08 10:42 ` Efraim Flashner
@ 2020-01-10 17:04 ` Ludovic Courtès
0 siblings, 0 replies; 5+ messages in thread
From: Ludovic Courtès @ 2020-01-10 17:04 UTC (permalink / raw)
To: Efraim Flashner; +Cc: Guix-devel
Hello,
Efraim Flashner <efraim@flashner.co.il> skribis:
> I wish 'guix challenge' by default challenged all the servers in the
> substitute-url list without needing to specify it with a flag and not
> just the default one (berlin)
All the servers in which list? The default list currently used by
guix-daemon? (Bad news: that list is not available to clients.)
Ludo’.
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Hacking ideas from the Reproducible Builds Summit
2020-01-07 17:43 ` zimoun
2020-01-08 10:42 ` Efraim Flashner
@ 2020-01-08 22:04 ` Ludovic Courtès
1 sibling, 0 replies; 5+ messages in thread
From: Ludovic Courtès @ 2020-01-08 22:04 UTC (permalink / raw)
To: zimoun; +Cc: Guix-devel
Hi!
zimoun <zimon.toutoune@gmail.com> skribis:
>> ** TODO make it easy to run CI
>> - “guix ci -C channel.scm -m manifest.scm”
>
> Do you a pointer (thread in guix-devel or bug) about this point "guix ci"?
It was just discussed there. We were saying that reproducibility and
‘guix challenge’ & co. are useful only if people actually run CI
services, and can thus compare their results with one another. We have
‘guix publish’, which is rather easy to run, but Cuirass is quite
complex to set up.
If, instead, you could run a simple command like the one above, it’d be
much easier for each one of us to build stuff and publish results.
>> ** TODO have ‘guix challenge’ automatically do “guix build --check” if needed (?)
>
> I like the current default. :-)
Actually I like it too :-), but it makes sense to think about how we can
better integrate all the tools and options that test reproducibility.
Thanks,
Ludo’.
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2020-01-10 17:04 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2020-01-07 15:40 Hacking ideas from the Reproducible Builds Summit Ludovic Courtès
2020-01-07 17:43 ` zimoun
2020-01-08 10:42 ` Efraim Flashner
2020-01-10 17:04 ` Ludovic Courtès
2020-01-08 22:04 ` Ludovic Courtès
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/guix.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.