From mboxrd@z Thu Jan  1 00:00:00 1970
X-GM-THRID: 6449958519840964608
X-Received: by 10.36.179.70 with SMTP id z6mr4464521iti.36.1511981597463;
        Wed, 29 Nov 2017 10:53:17 -0800 (PST)
X-BeenThere: isar-users@googlegroups.com
Received: by 10.107.140.1 with SMTP id o1ls2095692iod.0.gmail; Wed, 29 Nov
 2017 10:53:17 -0800 (PST)
X-Google-Smtp-Source: AGs4zMYOORxBvT/ZFBPjyUG4WPy129XEZl8wYEJgf4O2jVURCy81HWOs0OuQnYDKVSBeP76GUEKU
X-Received: by 10.36.36.197 with SMTP id f188mr4336997ita.37.1511981597024;
        Wed, 29 Nov 2017 10:53:17 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1511981596; cv=none;
        d=google.com; s=arc-20160816;
        b=wQq5aDSKQ9qQW0xkZBx8DDJNNK4+kGGI2SuOXQttb077ez/S5RrYBJlpqnJVMh6tfr
         VAiy0MMm3EVgWbQLz30bgswcfsnxd9vbIXJdKQd11drSZauqVVu2HtEgacWMhzhdTXGq
         V7QUUvgSFSBaJgTycFMzEx5ixTz2nyhoV7sG1vbn9v8U+OJo9wh6a1GUokXWVpJM1AAi
         0Gyng75nh3QjqvDKsaiUQ4V5XoKX/vs2dOAljpL+i5uGtvoWg3b4VS/ao1p7clmP9jDG
         s7gL8nfqbGkYisKNgJgGZ+ENpYHmgafIH/W5pr5RsNAe4ZnKGMobQ5VUQU4GuqqAm0m7
         fLJA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=content-transfer-encoding:content-language:in-reply-to:mime-version
         :user-agent:date:message-id:from:references:to:subject
         :arc-authentication-results;
        bh=/Hybi09vVXe96FTAzWHZECe9dsDL0IOjCSMc6zkKFQA=;
        b=Z+wIdNAbYifqn6zxCVUQcqn6ag3/ArraFswql8ZgDfxCbTY/YGfpJxsSLCb6RHpucG
         LQ31Ra4LQpSHXge8K807qXWFisOiDAyEiStQ4qCVylnCwPi8D90tneEHx5KR8GgZMyrB
         Yh7aBhdoC1gBpKwhjOdMcL96PynV5s1uqiwQWW6pj8kpyxSv/k0p083aa3gmlp5m8XDM
         Mts9EWyXI4wn2GeShhkNTdbToNKwPNI63CDkTeUuwhlrrni2Vj0nryhrHtkwDD1b2h4U
         hClaJzWIYscWwA+R3IjeM1KKGeMeW4TWLIwalrZt0MMbIunNvbg400aAVrlrETTGi+xv
         L77Q==
ARC-Authentication-Results: i=1; gmr-mx.google.com;
       spf=pass (google.com: best guess record for domain of asmirnov@ilbers.de designates 85.214.62.211 as permitted sender) smtp.mailfrom=asmirnov@ilbers.de
Return-Path: <asmirnov@ilbers.de>
Received: from aqmola.ilbers.de (aqmola.ilbers.de. [85.214.62.211])
        by gmr-mx.google.com with ESMTPS id r66si231345itc.0.2017.11.29.10.53.15
        for <isar-users@googlegroups.com>
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Wed, 29 Nov 2017 10:53:16 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of asmirnov@ilbers.de designates 85.214.62.211 as permitted sender) client-ip=85.214.62.211;
Authentication-Results: gmr-mx.google.com;
       spf=pass (google.com: best guess record for domain of asmirnov@ilbers.de designates 85.214.62.211 as permitted sender) smtp.mailfrom=asmirnov@ilbers.de
Received: from [10.0.2.15] ([188.227.110.165])
	(authenticated bits=0)
	by aqmola.ilbers.de (8.14.4/8.14.4/Debian-4+deb7u1) with ESMTP id vATIr9pt002033
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT)
	for <isar-users@googlegroups.com>; Wed, 29 Nov 2017 19:53:11 +0100
Subject: Re: Reproducibility of builds
To: isar-users@googlegroups.com
References: <20171120083322.mz7uiz7nbgesf2qp@MD1KR9XC.ww002.siemens.net>
 <0508e061-441f-396b-98df-ab6226aa04cd@denx.de>
From: Alexander Smirnov <asmirnov@ilbers.de>
Message-ID: <c75334ef-75a7-1f34-df06-4dfe84112a64@ilbers.de>
Date: Wed, 29 Nov 2017 21:53:04 +0300
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
 Thunderbird/52.3.0
MIME-Version: 1.0
In-Reply-To: <0508e061-441f-396b-98df-ab6226aa04cd@denx.de>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit
X-TUID: 2FU+Gpcf5Cwf

Hi everybody,

I've started working on this topic and here I'd like to share my vision. 
At the moment I've implemented simple PoC in my branch 'asmirnov/build_rep'.

What it does:

1. There is new recipe: base-apt. It provides task which:

  - Fetches packages from origin Debian apt to local folder using 
deboostrap.
  - Put these packages via 'reprepro' to local repository called 'base-apt'.

2. Buildchroot uses 'base-apt' to generate rootfs.

3. Isar image uses 'base-apt' and 'isar' repos to generate rootfs.



What are the key benefits of this approach:

1. Download session for upstream packages is performed in a single step.

2. You could use your local 'versioned' apt repository instead of 
downloading origin packages.

3. Having local apt repository managed by 'reprepro' provides us 
possibility to implement version pinning. Reprepro provides lots of 
things like:
  - Get package name.
  - Get package version.
  - Remove specific package from repo.
  - Add single package to repo.

So in general, if we have know which package version we want to have, we 
need to get binary with this version and put it to 'base-apt'.



Which issues I see at the moment:

1. The key issue for me the list of packages for 'base-apt'. So before 
'base-apt' task is executed, we should prepare full list of packages 
that will be used by:
  - buildchroot (BUILDCHROOT_PREINSTALL).
  - packages to build (their build deps).
  - image (IMAGE_PREINSTALL).

So I have an idea how to implement this via special tasks, will push 
patch for RFC, but if you have your own proposals, I'll be happy to 
discuss them!

Alex