rainersigwald
commented
1 month ago This may not be all that's required for https://github.com/dotnet/sdk-container-builds/issues/34 but it's great precedent and would probably go a long way.
Open cmeyertons opened 1 month ago
rainersigwald
commented
1 month ago This may not be all that's required for https://github.com/dotnet/sdk-container-builds/issues/34 but it's great precedent and would probably go a long way.
baronfel
commented
1 month ago I wonder if this flag would be interesting to the whole SDK too, independent of any integration into the containers-building portion of the tooling.
rainersigwald
commented
1 month ago I'd say "no" other than maybe setting $(Deterministic) if it's set. The biggest thing in the containers work is the tarball timestamps IIRC; Roslyn should do a pretty good job keeping things bit-for-bit identical otherwise.
baronfel
commented
1 month ago Details on the impacts of this value in the Docker tooling (from the linked docs) are:
The build arg value is used for:
the created timestamp in the OCI Image Config the created timestamp in the history objects in the OCI Image Config the org.opencontainers.image.created annotation in the OCI Image Index the timestamp of the files exported with the local exporter the timestamp of the files exported with the tar exporter
cmeyertons
commented
1 month ago Also, worth noting that SOURCE_DATE_EPOCH is not Docker-specific and is standards-based.
Docker BuildKit supports reproducible builds by setting the env var
SOURCE_DATE_EPOCH=0It appears the OCI default labels does not respect this value,
This is a nice tool for teams to leverage in order to perform digest pinning, etc in their deployment pipelines (a new commit doesn't necessitate a re-deployment of infrastructure if the SHA didn't change, etc)