Closed lassemoldrup closed 8 months ago
There are two things to say here
cdylib
as well, and for those it is recommended to have Cargo.lock committed.!Cargo.lock
to an extra .ignore
file as documented in the README.And additionally, the reason we don't commit the lock files for those example contracts is that they are examples, they are not meant as artifacts themselves.
So the only thing that should be done is to add those .ignore
files so that reproducible builds also work out of the box for our examples.
When creating a reproducible build with the
--verifiable
flag, files that are .gitignored are not added to the docker image. This causes the build to fail in projects whereCargo.lock
is ignored, which is recommended for library crates (https://github.com/rust-lang/cargo/issues/315). An example of this is any smart contract in the concordium-rust-smart-contracts repo.We should decide whether this is acceptable or if we should make an exception for
Cargo.lock
.