golosegor
commented
10 months ago looks like it's jib issue because repro with buildpack is not working
Closed golosegor closed 10 months ago
golosegor
commented
10 months ago looks like it's jib issue because repro with buildpack is not working
wilkinsona
commented
10 months ago Edit: I wrote the following before I saw the comment above.
Thanks for the sample.
It's not clear to me that this is a Spring Boot problem or at least solely a Spring Boot project. I'm not very familiar with jib, but I do know that Spring Boot has no control over the contents of the tar the it produces as Spring Boot does not depend on jib.
If I take jib out of the picture and build Spring Boot's uber jar instead (bootJar), the artifact that's produced has a reproducible hash. As such, the problem appears to be somewhat specific to jib or specific to an interaction between Spring Boot and jib.
To help to narrow down the problem, can you please compare the contents of the two tar files and the files that they contain? It would be useful to know where the differences are in the two tars as it should help to identify the underlying cause of the problem.
golosegor
commented
10 months ago Hello wilkinsona.
You are right, looks like it's jib issue. I've created a report there: https://github.com/GoogleContainerTools/jib/issues/4163 Fatjar is the same. Buildpack is also works as expected (producing the same hash of container even if you build 2 times).
Since spring boot version 3.2 multi-module project build is not reproduceable anymore If you build project 2 times -> you are getting different hash summs of the 'tar'
I've created a demo project to demonstrate: https://github.com/golosegor/spring-boot-3.2-build-reproducible-issue
If you do exactly the same with version "3.1.7" - hash summs are always the same