On Sun, Mar 18, 2018 at 11:52:01AM +1000, Allan McRae wrote: > On 18/03/18 07:23, Robin Broda wrote: > > For reproducible builds, Foxboron and I are working on scripts to > > reproduce a given package file. Generating archive links to download > > the same exact packages that were present on the build machine is > > a crucial part of this. > > > > The package names have architecture information appended to them, eg. > > archlinux-keyring-20180302-1-any instead of archlinux-keyring-20180302-1 > > so to be able to reliably regenerate the package filename, architecture > > information is required. > > Isn't this being handled elsewhere already - e.g. On the Debian provided > reproducible service? How is that being managed without the > architecture information? > > A
Their service doesn't care as it tracks SVN directly when building packages. However, when we provide repro tools for our users we need to recreate with `.BUILDINFO`. So we have to pull down packages from the archive. Jelle suggested we just bruteforce it for the time being. But that sucks a little bit. Tool in question: https://github.com/Foxboron/devtools-repro -- Morten Linderud PGP: 9C02FF419FECBE16
signature.asc
Description: PGP signature
