Snapcraft

snapcraft doesn't create binary-identical reproducible builds

Bug #1582417 reported by Chad Miller on 2016-05-16

This bug affects 7 people

Affects		Status	Importance	Assigned to	Milestone
	Snapcraft	Confirmed	Undecided	Unassigned

Bug Description

It would be nice if plugins were run in a deterministic order and two very different machines with identical snapcraft.yaml files would make a byte-for-byte identical snap package.

Reproducible builds would be a great selling-point.

Chad Miller (cmiller) on 2016-05-16

summary:

- snapcraft doesn't create binary-identicale reproducible builds
+ snapcraft doesn't create binary-identical reproducible builds

Revision history for this message

Kyle Fazzari (kyrofa) wrote on 2016-05-20:

I'm not sure there's a good way to guarantee this. For example, stage-packages don't (at least currently) have a way to specify versions, so they'll always pull down the most recent.

Revision history for this message

Leo Arias (elopio) wrote on 2016-05-21:

I think this could be related to bug #1547158, where we will record the details of the packages used.

Changed in snapcraft:
status:	New → Confirmed

Revision history for this message

Colin Watson (cjwatson) wrote on 2016-11-28:

Even given identical stage inputs, snapcraft currently generates non-identical squashfs files. I think there's probably a timestamp-dependent input in there, but it's not just that because running snapcraft inside faketime doesn't solve the problem. Fixing the mksquashfs step to be reproducible would be a great help; it would probably then be possible to solve the rest of the problem by pinning source versions/commits, perhaps using SOURCE_DATE_EPOCH, etc.

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.