c9b6a6c01e
- repro builds to use fixed uid=1000 inside the container
- in case the file permissions leak into the binaries, they are still reproducible
- chown 1000:1000 fresh_clone
- repro builds to create fresh_clone dir outside git clone
- otherwise the local dev build would still interact with the fresh_clone dir
- due to e.g. recursive "find -exec touch",
- and even the "docker build" cmd itself would try to stat/read it
- see https://github.com/docker/for-linux/issues/380
- and "rm -rf fresh_clone" needs sudo if the host uid is not 1000
- this way the local dev build does not need sudo
to recap:
- local dev builds use the host userid inside the container, directly operate on the project dir
- does not need sudo
- repro builds create a fresh git clone, chown it to 1000, and use userid=1000 inside the container
- if the host userid is 1000, does not need sudo
- otherwise, needs sudo
closes https://github.com/spesmilo/electrum/issues/8261
Source tarballs
✓ This file should be reproducible, meaning you should be able to generate distributables that match the official releases.
This assumes an Ubuntu (x86_64) host, but it should not be too hard to adapt to another similar system.
We distribute two tarballs, a "normal" one (the default, recommended for users), and a strictly source-only one (for Linux distro packagers). The normal tarball, in addition to including everything from the source-only one, also includes:
- compiled (
.mo) locale files (in addition to source.polocale files) - compiled (
_pb2.py) protobuf files (in addition to source.protofiles) - the
packages/folder containing source-only pure-python runtime dependencies
Build steps
-
Install Docker
See
contrib/docker_notes.md. -
Build tarball
(set envvar
OMIT_UNCLEAN_FILES=1to build the "source-only" tarball)$ ./build.shIf you want reproducibility, try instead e.g.:
$ ELECBUILD_COMMIT=HEAD ELECBUILD_NOCACHE=1 ./build.sh $ ELECBUILD_COMMIT=HEAD ELECBUILD_NOCACHE=1 OMIT_UNCLEAN_FILES=1 ./build.sh -
The generated distributables are in
./dist.