techaro.lol / yeet
Yeet those builds out!
fork atom

test: ensure builds are reproducible (#24)

* test: ensure builds are reproducible

Signed-off-by: Xe Iaso <me@xeiaso.net>

* test: hardcode git version for extra determinism

Signed-off-by: Xe Iaso <me@xeiaso.net>

---------

Signed-off-by: Xe Iaso <me@xeiaso.net>

authored by Xe Iaso and committed by GitHub d3e5a176 436b9bdf

options
unified split
Changed files
+72 -5
.github
workflows
reproducible-builds.yaml
yeetfile.js
+71
.github/workflows/reproducible-builds.yaml
··· 1 + name: Reproducible builds 2 + 3 + on: 4 + push: 5 + branches: ["main"] 6 + pull_request: 7 + branches: ["main"] 8 + 9 + permissions: 10 + contents: read 11 + 12 + jobs: 13 + reproducible: 14 + runs-on: ubuntu-latest 15 + steps: 16 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 17 + with: 18 + persist-credentials: false 19 + fetch-tags: true 20 + 21 + - name: Setup Go environment 22 + uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0 23 + with: 24 + go-version: "stable" 25 + 26 + - name: Setup Golang caches 27 + uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3 28 + with: 29 + path: | 30 + ~/.cache/go-build 31 + ~/go/pkg/mod 32 + key: ${{ runner.os }}-golang-${{ hashFiles('**/go.sum') }} 33 + restore-keys: | 34 + ${{ runner.os }}-golang- 35 + 36 + - name: Setup Python environment 37 + uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0 38 + with: 39 + python-version: "3.12" 40 + 41 + - name: Install diffoscope 42 + run: | 43 + pip install diffoscope==297 44 + 45 + sudo apt-get update 46 + sudo apt-get -y install 7zip abootimg acl apksigcopier apksigner apktool binutils-multiarch black bzip2 caca-utils colord db-util default-jdk default-jdk-headless device-tree-compiler docx2txt e2fsprogs enjarify ffmpeg file fontforge-extras fonttools fp-utils genisoimage gettext ghc ghostscript giflib-tools gnumeric gnupg-utils gpg hdf5-tools html2text imagemagick openjdk-21-jdk jsbeautifier libarchive-tools linux-image-generic llvm lz4 lzip mono-utils ocaml-nox odt2txt oggvideotools openssh-client openssl perl pgpdump poppler-utils procyon-decompiler python3-all python3-argcomplete python3-binwalk python3-debian python3-defusedxml python3-distro python3-guestfs python3-h5py python3-jsondiff python3-pdfminer python3-progressbar python3-pytest python3-pyxattr python3-rpm python3-tlsh r-base-core rpm2cpio sng sqlite3 squashfs-tools tcpdump u-boot-tools unzip wabt xmlbeans xxd xz-utils zip zstd 47 + 48 + - name: Build yeet packages twice 49 + run: | 50 + mkdir -p ./var/pass1 ./var/pass2 ./var/output 51 + go run ./cmd/yeet --force-git-version 1.0.0 --package-dest-dir ./var/pass1 52 + go run ./cmd/yeet --force-git-version 1.0.0 --package-dest-dir ./var/pass2 53 + 54 + for file in ./var/pass1/*; do 55 + diffoscope --text "${file/pass1/output}.txt" $file "${file/pass1/pass2}"; 56 + done 57 + 58 + - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 59 + with: 60 + name: pass1 61 + path: var/pass1/* 62 + 63 + - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 64 + with: 65 + name: pass2 66 + path: var/pass2/* 67 + 68 + - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 69 + with: 70 + name: output 71 + path: var/output/*
+1 -5
yeetfile.js
··· 27 27 }), 28 28 ); 29 29 30 - pkgs.map((pkg) => { 31 - gitea.uploadPackage("Techaro", "yeet", "unstable", pkg); 32 - }); 33 - 34 30 tarball.build({ 35 31 name: "yeet-src-vendor", 36 32 license: "MIT", ··· 48 44 }, 49 45 50 46 mkFilename: ({ name, version }) => `${name}-${version}`, 51 - }); 47 + });