You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@logging.apache.org by vy...@apache.org on 2022/12/12 21:50:47 UTC

[logging-log4j-tools] 02/02: Fail build for not reproducible builds

This is an automated email from the ASF dual-hosted git repository.

vy pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/logging-log4j-tools.git

commit 0c96311b931b857e832a5028af7303c7015d5b4a
Author: Volkan Yazıcı <vo...@yazi.ci>
AuthorDate: Mon Dec 12 21:17:41 2022 +0100

    Fail build for not reproducible builds
---
 .github/workflows/build.yml | 30 ++++++++++++++++++++++--------
 1 file changed, 22 insertions(+), 8 deletions(-)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index df8e796..430663b 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -45,23 +45,37 @@ jobs:
           architecture: x64
           cache: maven
 
-      # `install` is required to verify reproducible builds: https://maven.apache.org/guides/mini/guide-reproducible-builds.html#how-to-test-my-maven-build-reproducibility
-      - name: Build using Maven
+      # We could have used `verify`, but `clean install` is required while generating the build reproducibility report, which is performed in the next step.
+      # For details, see: https://maven.apache.org/guides/mini/guide-reproducible-builds.html#how-to-test-my-maven-build-reproducibility
+      - name: Build
         shell: bash
         run: |
           ./mvnw \
             --show-version --batch-mode --errors --no-transfer-progress \
-            -DskipTests=true \
-            install
+            -DtrimStackTrace=false \
+            -DinstallAtEnd=true \
+            clean install
 
-      # `artifact:compare` is required to verify reproducible builds: https://maven.apache.org/guides/mini/guide-reproducible-builds.html#how-to-test-my-maven-build-reproducibility
-      - name: Verify using Maven
+      # `clean verify artifact:compare` is required to generate the build reproducibility report.
+      # For details, see: https://maven.apache.org/guides/mini/guide-reproducible-builds.html#how-to-test-my-maven-build-reproducibility
+      - name: Report build reproducibility
         shell: bash
         run: |
           ./mvnw \
             --show-version --batch-mode --errors --no-transfer-progress \
-            -DtrimStackTrace=false \
-            verify artifact:compare
+            -DskipTests=true \
+            clean verify artifact:compare
+
+      - name: Verify build reproducibility
+        shell: bash
+        run: |
+          for report_file in target/*.buildcompare **/target/*.buildcompare; do
+            if ! grep -q "^ko=0$" "$report_file"; then
+              echo "Spotted build reproducibility failure in \`$report_file\`:"
+              cat "$report_file"
+              exit 1
+            fi
+          done
 
   merge: