search

frzb / coinboot

A framework for diskless computing
https://coinboot.io
GNU General Public License v3.0
167 stars 17 forks source link

Reproducible rootfs creation #62

Open frzb opened 2 years ago

frzb commented 2 years ago

While I was thinking about the rework of the release scheme I recognized that build process has to be reproducible to not end up with a moving target. Main target of this effort is the rootfs build with debirf based on debootstrap.

The people at Debian already addressed this topic:

https://wiki.debian.org/ReproducibleInstalls

So we should find out which software we should use for creating a reproducible rootfs build.

frzb commented 2 years ago

Experiment with mmdebstrap

$ export SOURCE_DATE_EPOCH=1649535745 && sudo mmdebstrap --variant=minbase --aptopt='Dir::Etc::Trusted "/usr/share/keyrings/ubuntu-master-keyring.gpg"' focal ./focal-chroot && sudo du -sh ./foc
al-chroot
I: automatically chosen mode: root
I: chroot architecture amd64 is equal to the host's architecture
I: automatically chosen format: directory
I: running apt-get update...
done
I: downloading packages with apt...
done
I: extracting archives...
done
I: installing essential packages...
done
I: downloading apt...
done
I: installing apt...
done
I: installing remaining packages inside the chroot...
done
done
I: cleaning package lists and apt cache...
done
done
I: success in 24.1608 seconds
89M     ./focal-chroot