Randomness
Random data will make builds unreproducible and must be avoided.
If random-like input is required, the solution is to use a predetermined value to seed a pseudo-random number generator. This value can be read from some file, a changelog or the version control system.
When Link-Time Optimizations are turned on, GCC users will write random
identifiers to binary objects they create. Using -frandom-seed can be used
for this particular case. As it will hash arbitrary data, passing the file
name should work in most cases.
Some compilation tools will write intermediate temporary files. This might
lead to reproducibility issues if paths get embedded in the final
output. There’s no general solutions for such cases, better fix the code
directly. One way is to use the .file assembler directive like it has
been done in
O’Caml.
Introduction
- Which problems do Reproducible Builds Solve?
- Definitions
- History
- Why reproducible builds?
- Making plans
- Academic publications
Achieve deterministic builds
- Commandments of reproducible builds
- Variations in the build environment
- SOURCE_DATE_EPOCH
- Deterministic build systems
- Volatile inputs can disappear
- Stable order for inputs
- Stripping of unreproducible information
- Value initialization
- Version information
- Timestamps
- Timezones
- Locales
- Archive metadata
- Stable order for outputs
- Randomness
- Build path
- System images
- JVM
Define a build environment
- What's in a build environment?
- Recording the build environment
- Definition strategies
- Proprietary operating systems
