diff on signature copying failure?

[emanuelb]

Is this issue about publishing diffoscope output of non reproducible results like its done in https://verification.f-droid.org/ (the .html files) ?

[obfusk]

Something similar, yes. Diffs that would help others diagnose the cause of the RB failure. There are some unresolved issues:

• Diffs in diffoscope HTML output are truncated, making it only partially useful, especially when you don't have the APKs.
• I stopped using diffoscope for APKs myself as it's often faster and more accurate to use my own tooling, but that isn't completely automated like running diffoscope would be. It's mostly used for interactive debugging of RB issues.
• I also don't currently have anywhere to publish the diffs (or APKs).

[emanuelb]

* Diffs in `diffoscope` HTML output are truncated, making it only partially useful, especially when you don't have the APKs.

its possible to disable the truncation via argument such as --no-default-limits or have specific limits that are bigger then the defaults via arguments:

--max-diff-block-lines --max-page-diff-block-lines --max-diff-input-lines --max-container-depth --max-diff-block-lines-saved --max-page-size --max-report-size

* I stopped using `diffoscope` for APKs myself as it's often faster and more accurate to use my own tooling, but that isn't completely automated like running `diffoscope` would be. It's mostly used for interactive debugging of RB issues.

Can you elaborate on the process? is the process and the tooling are published on Github?

* I also don't currently have anywhere to publish the diffs (or APKs).

Regarding the APKs I don't have suggestions, for the storage of the diffs results and the diffoscope execution maybe it worth to ask holger @h01ger about using CI resources at: https://reproducible-builds.org/citests/ (the one that test debian, and others) as they run lots of diffoscope operations on huge packages, its likely they have the resources for it. In addition it might be possible to use their resources to test the RB process as well via https://github.com/nektos/act (to execute the github actions locally on their servers?)

[obfusk]

Thanks!

Tooling: https://github.com/obfusk/reproducible-apk-tools Examples: https://gist.github.com/obfusk/f0460dcdb21396ba3d2cc9db56bb40ae#bash-functions

That gist is outdated, I've improved existing tooling and added more since (like my own AXML/ARSC parser, my DEX parser isn't finished yet), but should give you some idea.

I filed an ITP to get reproducible-apk-tools packaged for Debian and planned to make some MRs for diffoscope to be able to use it but I haven't had a chance to work on that yet. So much to do :sweat_smile:

to execute the github actions locally on their servers

Probably easier to just adapt them to work there. All the actions do is e.g. run update-logs.py and make a PR with the changes.

We're still working on supporting various CI systems and build environments and having pure rebuilders that simply use e.g. this repo and do not add or update recipes but only reproduce my results.