[Trisquel-devel] Reproducible build of Trisquel 11? Comparison with Ubuntu 22.04?

Simon Josefsson simon at josefsson.org
Fri Dec 16 08:25:05 UTC 2022


Luis Guzman <ark at switnet.org> writes:

> Hello Simon,
>
> En 15/12/22 08:21, Simon Josefsson escribió:
>> Hi.  I'm moving from Debian to Trisquel to see if it will work for me.
>> Is anyone working on rebuilding the official Trisquel 11 packages, to
>> build confidence that they are built in a reproducible fashion?  If not,
>> I'm going to experiment with doing that, so pointers to any previous
>> efforts or thoughts around it would be welcome.
>
> As for now, only packages which changes are made are rebuild.
> Those are identified by the "+$(RELEASE)trisquel$(HELPER_REVISION)"
> version suffix.
>
> Let's say,
> grub2 | 2.06-2ubuntu7+11.0trisquel6

Hi Luis.  Great -- this suggests that achieving a 100% reproducible
Trisquel (except for the Ubuntu package) may be feasible!  It would be a
nice milestone.

I'll try to write some scripts that builds all trisquel-modified
packages, and see if I end up with the same binaries that you publish.

> From earlier discussions on the development meetings, I can share that
> for trisquel to rebuild the complete repository it's necessary for the 
> project, community and developer team to grow and the respective
> infrastructure scaling, as for now its current size is not the right 
> time to go that path.

Right, I understand.  I wonder what a good workflow for rebuilding all
packages would be.  Perhaps that if the Debian/Ubuntu package are built
reproducible, and a Trisquel rebuild of the original package results in
exactly the same binary package -- you wouldn't really need to rebuild
the package anyway?  Adding the changelog stanza and introducing a new
package version into the ecosystem has some costs.  And the rebuilds
costs CPU cycles too.  Ultimately, you would only have to build the
modified packages, and maybe the ones that don't build reproducible (or
ignore them, saying that fixing that problem should be done through
Ubuntu/Debian).

>> It is not easy to understand what the differences between Ubuntu
>> 22.04
>> and Trisquel 11 are.  Is this summarized somewhere, or would a pure
>> HTMLized diff comparison between each Ubuntu 22.04 package and the
>> corresponding Trisquel 11 package be useful?
>
> Maybe I'm not getting what you refer, I would argue Trisquel is
> walking it's own path, it works on several "tasks" to purge, modify,
> assemble and host itself.
> The result you can see it on the ISOs, repos, and online instances.
> Maybe you can take a look at,
>
> * trisquel/ubuntu-purge
> * trisquel/package-helpers
> * trisquel/trisquel-packages
>
> at the gitlab instance to see the main changes done to the repository.
> Does that work?

Yes, it is a starting point.  If I diff the packages that Trisquel
rebuilds compared to Ubuntu, and put HTMLized versions of those diffs on
a web page, I would feel more in control of what is running on my
machine.  Then the rest of differences are due to newly introduced
packages, but they can be reviewed manually.

>> Together with a
>> reproducible build status page, a diff like that would be useful for me.
>
> You can check current status build at jenkins.trisquel.org

Thanks, I find jenkins a bit opaque to work with, but it is nice to see
this exists!  A package-oriented interface like tracker.debian.org would
be nice, I'm not sure that is possible via jenkins?

>> Also, I miss a way to report bugs except via the forum or mailing
>> lists,
>> would it be possible to create user 'jas' on gitlab.trisquel.org for
>> simon at josefsson.org?
>
> Sure, I can help with that.

Got the invite -- thank you!  I'll report bugs when I encounter them.

/Simon
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 255 bytes
Desc: not available
URL: <http://listas.trisquel.info/pipermail/trisquel-devel/attachments/20221216/56183c05/attachment.sig>


More information about the Trisquel-devel mailing list