Build: Add reproducible build job. #633
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
RomanHodulak
force-pushed
the
repro-builds
branch
from
0fcacb5 to
e362559
Compare
sept-en
reviewed
Nov 4, 2022
joshuajbouw
suggested changes
Nov 4, 2022
There was a problem hiding this comment.
As what @sept-en said, we need instructions written up in in the README file and also include the binary hash that the process created in the PR so that we can have multiple people building. It wouldn't be the same as the one we had already done when we figured this out last night, as that was on master.
Also, the Github Actions build workflow must be updated to build with docker. That way, all builds produced by CI and locally should be identical.
RomanHodulak
force-pushed
the
repro-builds
branch
2 times, most recently
from
423232e to
8c9a76d
Compare
|
I have addressed all comments and rebased on the latest |
RomanHodulak
force-pushed
the
repro-builds
branch
from
8c9a76d to
3c02f37
Compare
joshuajbouw
approved these changes
Nov 24, 2022
joshuajbouw
pushed a commit
that referenced
this pull request
Nov 24, 2022
Merged
joshuajbouw
added a commit
that referenced
this pull request
Nov 25, 2022
* Chore(docs): Additional documentation for xcc gas values (#590) * Feat(standalone): Conversion from standalone's TransactionKind to NormalizedEthTransaction (#586) * Add Backstage metadata (#534) * Add Backstage metadata * Fix(aurora-engine-transactions): remove hex feaure from std (#600) * Feat(tests): benchmark transaction Emufid2pv2UpxrZae4NyowF2N2ZHvYEPq16LsQc7Uoc6 (#599) * Connector-tests: Add tests for the case where an account other than aurora-engine is used for ETH deposit (#598) * [Docs] Eth Connector - extended documentation (#601) * feat: add serde JSON to JSON serializable structs in parameters (#605) * Pausable precompiles (#588) * Test(engine): Increase unit test coverage (#614) * Feat: allow xcc calls to perform any possible NEAR call (#610) * Test(engine): Increase unit test coverage (#618) * Refactor: Mark functions that create promises on NEAR as unsafe (#617) * Fix(xcc): Only update the router contract version in storage if the deploy is successful (#616) * Fix(CI): broken submodules checkout + Clippy warnings (#621) * Chore(standalone): Upgrade rocksdb to v0.19. (#615) * fix: remove sscache from CI (#626) * Tiny refactoring by clippy suggestions (#625) * Improvements in log macro (#630) * Fix (engine): update SputnikVM dependency to avoid stack overflow on deeply nested EVM calls (#628) * Fix(xcc): Ensure the xcc router attaches enough gas to the execute function (#622) * Release 2.8.0 notes * Build: Add reproducible build job. (#633) * fix: bn 256 regression (#637) * Update release notes * Update README to exclude version (#623) * Chore: Update to SputnikVM version v0.37.1-aurora. Includes some overflow-related fixes. (#638) * fix: modexp underestimated gas * chore: bump Cargo to 2.8 * chore: remove version from deployments in README.md Co-authored-by: Alexey Lapitsky <lex@realisticgroup.com> Co-authored-by: Joshua J. Bouw <joshua@aurora.dev> Co-authored-by: Kirill <kirill@aurora.dev> Co-authored-by: Evgeny Ukhanov <evgeny@aurora.dev> Co-authored-by: Roman Hodulák <roman.hodulak@aurora.dev> Co-authored-by: Dmitry Strokov <dmitry.strokov@aurora.dev> Co-authored-by: Oleksandr Anyshchenko <aanischenko@gmail.com> Co-authored-by: Oleksandr Anyshchenko <oleksandr.anyshchenko@aurora.dev>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Adds a build job that produces identical binaries across different build environments.
This is useful to verify that the binary wasn't changed, preventing malicious code from being deployed.
Performance / NEAR gas cost considerations
None.
Testing
Ran locally with @joshuajbouw, and resulted in the same hash of the WASM binary.
How should this be reviewed
Nothing to highlight.
Additional information
Checksums
Steps to produce
Expected results