15:02:01 <h01ger> #startmeeting general monthly reproducible builds meeting
15:02:01 <MeetBot> Meeting started Tue Nov 30 15:02:01 2021 UTC.  The chair is h01ger. Information about MeetBot at http://wiki.debian.org/MeetBot.
15:02:01 <MeetBot> Useful Commands: #action #agreed #help #info #idea #link #topic.
15:02:21 <h01ger> #topic say hello / confirm the agenda
15:02:50 * h01ger is Holger Levsen and short on words today
15:03:06 * lamby is Chris Lamb and is sipping coffee
15:03:12 <rclobus> rclobus is Roland Clobus, working on live-build images
15:03:24 <h01ger> the agenda is at https://pad.riseup.net/p/rb-irc-meetings-keep as usual
15:03:49 * jelle is Jelle van der Waa and is on a train :o
15:03:56 * vagrantc is Vagrant Cascadian and experiencing pre-dawn while staring at a screen in the dark
15:09:16 * vagrantc notices the entire meeting is a single numbered bullet point followed by unnumbered bullet points :)
15:09:32 * vagrantc waves to david-a-wheeler
15:09:52 <h01ger> hi david-a-wheeler
15:09:56 <david-a-wheeler> Hi all!
15:10:05 <h01ger> the agenda is at https://pad.riseup.net/p/rb-irc-meetings-keep as usual. we havent really started yet
15:11:25 <h01ger> and half the people for the topics arent here today :/
15:13:07 * david-a-wheeler nods in mock astonishment
15:14:51 * h01ger wonders if silence is endorsement or silence
15:15:12 <vagrantc> endorsement of ?
15:16:29 * david-a-wheeler suspects the US folks are just coming off the Thanksgiving holiday.
15:16:40 <david-a-wheeler> You're also coming up on Christmas.
15:17:03 * vagrantc is just working on maintaining awakeness :)
15:17:27 <david-a-wheeler> I have a hard stop in 45 minutes (OpenSSF TAC meeting)
15:19:21 <vagrantc> hello folks, you've got a slot on the agenda: kpcyrd Ariadne fepitre h01ger rclobus obfusk mapreri
15:19:33 <vagrantc> would like to start soon
15:19:59 <rclobus> vagrantc: I'm ready for my topic :-)
15:20:27 <david-a-wheeler> I suggest starting.
15:20:58 <vagrantc> rclobus: excellent!
15:21:04 <h01ger> #topic short time slots for various topics
15:21:15 <h01ger> #topic short time slots: alpine / Ariadne
15:21:18 <lamby> :)
15:22:21 <h01ger> #topic short time slots: alpine / kpcyrd
15:23:40 <h01ger> #topic short time slots: snapshot.d.o mirror / fepitre
15:25:04 <h01ger> #topic short time slots: debian rebuilder / h01ger
15:25:13 <h01ger> i've nothing to say here.
15:25:31 <h01ger> #topic short time slots: debian live-build / rclobus
15:25:43 <rclobus> I've sent an update per e-mail
15:25:49 <h01ger> :)
15:25:56 <rclobus> #info https://lists.debian.org/debian-live/2021/11/msg00012.html
15:26:22 * h01ger is happy about the progress here but unhappy doesnt doesnt have official live builds for bookworm
15:26:23 <rclobus> Since then, dictionaries-common got uploaded, the next run of sid will show much more reproducible results.
15:26:54 <lamby> 2 hours for diffoscope... Hm.. *strokes beard*
15:27:17 <h01ger> https://lists.debian.org/debian-devel/2021/11/msg00376.html is the mail informing no official live builds for bookworm
15:27:18 <rclobus> Yup, 2 hours, because the iso will be extracted, and then the squashfs image will be extracted.
15:28:11 <rclobus> I've once suggested to use userland mounts, I guess that would speed up things a lot (and saves harddisk space)
15:28:27 <vagrantc> like squashfs fuse or something?
15:28:41 <rclobus> vagrantc: That was the term I was looking for
15:29:06 <vagrantc> not sure it's particularly fast
15:29:19 <vagrantc> fuse in general, that is
15:29:42 <vagrantc> maybe running it in a user namespace so you can run as "root" and actually mount stuff directly...
15:29:53 <vagrantc> without fully running as root
15:30:02 <rclobus> After the squashfs image is unpacked, 2x 4-8GB will be compared. That takes some time.
15:30:55 <rclobus> I'm planning to implement a few boot-tests in OpenQA, that would help to reduce some maintenance for any kind of live-image (live-wrapper or live-build based)
15:31:57 <h01ger> i'm sure fil is happy to help with openqa.. :)
15:32:02 <david-a-wheeler> Userland fuse is generally considered slow I think.
15:32:09 <rclobus> Cinnamon is different, it looks like includes some TeX fonts, so that would need additional patching. Then... sid might be reproducible again :-)
15:32:22 <h01ger> diffoscope runtime will be non issue once the image is reproducible :)
15:32:33 <lamby> h01ger: :D
15:32:37 <rclobus> h01ger: I'm already in contact with fil, I've received quite some instructions
15:32:41 <h01ger> rclobus: cool
15:32:58 <rclobus> Once the ISO is identical, diffoscope needs only a short time.
15:32:58 <vagrantc> as always, really glad to see work on this! :)
15:33:23 <h01ger> and to migate the diffoscope runtime until 'then', we could run the unproducible jobs with a lower frequency until they are reproducible?!
15:34:00 <h01ger> next topic?
15:34:11 <rclobus> All sid images, except Cinnamon (currently running daily) will be reproducible after the next archive sync.
15:34:23 <rclobus> Next topic.
15:34:26 <h01ger> cool
15:34:45 <h01ger> #topic short time slots: F-Droid  / obfusk
15:34:53 <david-a-wheeler> rclobus: But are these reproducible images the ones people are actually using?
15:35:03 <david-a-wheeler> (Whups sorry, new topic)
15:35:05 <h01ger> david-a-wheeler: no
15:35:47 <david-a-wheeler> h0lger: Got it. You've heard my schpiel before :-)
15:36:06 <rclobus> david-a-wheeler: No, the official images were created by live-wrapper.
15:37:07 <david-a-wheeler> rclobus: Understand. I look forward to the time when what people *use* is reproducible :-)
15:37:24 <h01ger> we all do :)
15:37:29 <rclobus> :-)
15:37:46 <vagrantc> that is the point of what we're doing, really :)
15:37:48 <h01ger> david-a-wheeler: the current status is: debian will have no live builds anymore. :/
15:38:19 <h01ger> (which really is outside the scope of this meeting)
15:40:12 <david-a-wheeler> (Weird. There's no reason you can't have r-b and live builds)
15:40:53 <h01ger> for sure. rclobus proves this. :)
15:40:55 <rclobus> At least as proof-of-principle, it is shown that an installed version of Debian can be created reproducibly
15:41:11 <h01ger> #topic short time slots: rebuilderd / kpcyrd
15:42:30 <h01ger> hello omicron :)
15:42:57 <jelle> :(
15:43:15 <lamby> :/
15:43:36 * h01ger is quite confident that after some years also germany will agree to wave the patents on covid vacines...
15:43:53 <h01ger> +c
15:44:07 <vagrantc> yeah, much as i miss y'all, i'll probably stick to my bunker for 2022
15:44:15 <h01ger> #topic any other business
15:45:51 <h01ger> somewhat unrelated, but it's about reproducing too: https://twitter.com/jwildeboer/status/1465688892531568641 - robots that can reproduce! i surely hope you had them on your bingo card for 2021 :-D
15:47:12 <h01ger> i'm sorry but i'm in a bit bad mood today ;) (if you have nothing nice to say...)
15:48:32 <jelle> no input from my side, need to figure find time for looking at packages again, meanwhile looking into making osbuild reproducible once it supports arch linux
15:48:45 <jelle> (osbuild builds VM images)
15:49:49 * lamby hugs h01ger
15:50:50 <vagrantc> david-a-wheeler: we kind of skipped over the topic, but beta.tests.reproducible-builds.org shows packages in use in the real world that have been tested for reproducibility and it's getting similar numbers to your theoretical test infrastructure
15:51:06 <vagrantc> er, our theoretical test infrastructure
15:51:19 <vagrantc> for debian at least
15:51:42 <vagrantc> i think archlinux tests are all against the packages actually shipped
15:52:03 <h01ger> lamby: :)
15:52:35 <h01ger> https://reproducible.archlinux.org/ is the same for archlinux
15:52:52 <jelle> yup, that's against repository packages!
15:53:11 <h01ger> https://beta.tests.reproducible-builds.org is also against packages from ftp.debian.org!
15:53:19 <jelle> https://wiki.archlinux.org/title/Rebuilderd we have three rebuilders atm for Arch Linux
15:53:26 <h01ger> thats what i ment with 'the same' :)
15:53:49 <david-a-wheeler> Those are all good news :-)
15:54:07 <jelle> we are still stuck on 85% :(
15:54:38 <jelle> we also have a grafana dashboard https://dashboards.archlinux.org/d/PKkRg-FGz/rebuilderd?orgId=1
15:54:46 <david-a-wheeler> (must go, sorry have to leave early. Take care everyone!)
15:55:15 <h01ger> oh, there's one more little topic: should we skip the december meeting? if cccongress would happen offline i'd definitly would suggest skipping, but even without i'd think that some folks would enjoy less events between the years...
15:55:47 <jelle> isn't CCC already decided to be offline
15:55:58 <david-a-wheeler> jelle: "Stuck" at 85% still means you've countered 85% of the problem. Far better than 0% :-)
15:56:03 <jelle> :)
15:56:22 <vagrantc> h01ger: seems like skipping december makes sense
15:56:33 <jelle> well still seems we have some classes of rebuild issues (thunderbird lang packs)
15:57:07 <vagrantc> might be interesting to compare major remaining issues across distros at some point
15:57:14 <jelle> :)
15:57:22 <jelle> vagrantc: kpcyrd made a thing, sec
15:57:43 <jelle> vagrantc: https://gitlab.archlinux.org/archlinux/reproducible-archlinux-notes
15:57:45 <vagrantc> given that percentages are roughly similar, i presume some of the same issues are blockers
15:58:00 <jelle> should setup something to generate a list of packages in a nice format :)
15:58:56 <vagrantc> i feel like issues with pdf generation and sphinx documentation are some of the biggest classes of issues for debian, but haven't actually analyzed it
15:59:13 <jelle> aha, we have haskell which is a big one
16:00:59 <h01ger> have the python issues been solved (the ones debian doesnt have due to different packaging)
16:01:02 <h01ger> ?
16:01:03 <vagrantc> jelle: i see skopeo marked with "embedded build paths" ... i didn't think archlinux tested build paths?
16:01:42 <jelle> vagrantc: hmmm it doesn't I think
16:02:04 <h01ger> https://gitlab.archlinux.org/archlinux/reproducible-archlinux-notes/-/blob/main/packages.yml is the most interesting blob :)
16:02:15 <jelle> h01ger: iirc pacman now exports a thing which should make it reproducible, so maybe not everything was rebuild yet (a python rebuild is on the way!)
16:02:25 <h01ger> jelle: nice!
16:02:48 * vagrantc swears vagrantc is not pulling in any unpinned dependencies
16:03:10 <jelle> vagrantc: maybe it's go build paths
16:03:15 <jelle> iirc skopeo is go
16:03:31 <jelle> │ │ │ -F5NO6b7sJo4BPZIaS4hq/d4a63usxMHc0H-O-DjwX/Fy-Lifuwet40Ofq1YFB0/fFU_sxn268mUTPXJaEHb
16:03:33 <jelle> │ │ │ +FY6OsxaRpmKkIGDx9bE3/exAbaztLQiRkM6eOHZnW/Fy-Lifuwet40Ofq1YFB0/ZV_b8R1RbXfMYasex066
16:03:39 <jelle> fun fun :D
16:03:52 <vagrantc> jelle: xca is reproducible for debian, wonder if we've got a patch you could borrow :)
16:04:40 * h01ger thinks we can close this meeting now :)
16:04:41 <vagrantc> shall we wrap up the meeting?
16:04:43 <vagrantc> hah
16:04:55 <vagrantc> we can, of course, keep fixing things outside the meeting :)
16:05:10 <h01ger> thank you for attending and for the great work in the first place!
16:05:18 <lamby> \o/
16:05:24 <rclobus> See you!
16:05:35 <h01ger> #endmeeting