[arch-devops] Reproducible Build nodes

[Jelle van der Waa]

Hi all,

We promised two PIA boxes to be used for reproducible build rebuilding
nodes. [1] The boxes are already defined in ansible's hosts and don't have to
be converted to Debian if we can get them working with Arch. [2] [3]

The boxes should be added to their Jenkins server via ssh. We should
setup a user with sudo rights and ssh key access to set the box up as
slave.

My plan if no one objects is:

1) Update the boxes and hope they come back up (~ 200 updates).
2) Add DNS entries for the two boxes {repro1,2}.pkgbuild.com.
3) add holger to this box with sudo rights (an ansible role probably).
[4]
4) Add them to monitoring I suppose.

Some background about reproducible builds and the usage of the boxes.
The boxes will detect package updates, rebuild these packages twice and
check if they are reproducible.
These rebuilds have already found failing to build from source packages,
404 urls and other issues which improves are packages!

[1] https://tests.reproducible-builds.org/archlinux/archlinux.html
[2] https://git.archlinux.org/infrastructure.git/tree/hosts
[3] https://salsa.debian.org/qa/jenkins.debian.net/blob/master/bin/reproducible_build_archlinux_pkg.sh
[4] https://salsa.debian.org/qa/jenkins.debian.net/blob/master/authorized_keys/holger@matrix.pub

-- 
Jelle van der Waa
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <https://lists.archlinux.org/pipermail/arch-devops/attachments/20181122/2018a8cf/attachment.asc>