Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Reproducible build fails due to a missing dependency #192

Open
Giszmo opened this issue Dec 1, 2021 · 1 comment
Open

Reproducible build fails due to a missing dependency #192

Giszmo opened this issue Dec 1, 2021 · 1 comment

Comments

@Giszmo
Copy link

Giszmo commented Dec 1, 2021

Following the reproducible build instructions, I run into a missing dependency openjdk-8-jdk-headless=8u302-b08-1~deb9u1:

$ mkdir ~/tmp
$ cd ~/tmp/
$ git clone https://github.com/shesek/spark-wallet && cd spark-wallet
$ git checkout v0.3.1 
HEAD is now at 4ffb929 v0.3.1
...
Step 14/35 : RUN apt-add-repository 'deb http://security.debian.org/debian-security stretch/updates main' && apt-get update   && apt-get install -y --no-install-recommends openjdk-8-jdk-headless=8u302-b08-1~deb9u1   && apt-add-repository --remove 'deb http://security.debian.org/debian-security stretch/updates main' && apt-get update
 ---> Running in a098df6b197f
Hit:1 http://security.debian.org/debian-security bullseye-security InRelease
Hit:2 http://deb.debian.org/debian bullseye InRelease
Hit:3 http://deb.debian.org/debian bullseye-updates InRelease
Get:4 http://security.debian.org/debian-security stretch/updates InRelease [53.0 kB]
Hit:5 https://dl.winehq.org/wine-builds/debian bullseye InRelease
Get:6 http://security.debian.org/debian-security stretch/updates/main amd64 Packages [748 kB]
Get:7 http://security.debian.org/debian-security stretch/updates/main i386 Packages [748 kB]
Fetched 1549 kB in 1s (1847 kB/s)
Reading package lists...
Reading package lists...
Building dependency tree...
Reading state information...
E: Version '8u302-b08-1~deb9u1' for 'openjdk-8-jdk-headless' was not found
The command '/bin/sh -c apt-add-repository 'deb http://security.debian.org/debian-security stretch/updates main' && apt-get update   && apt-get install -y --no-install-recommends openjdk-8-jdk-headless=8u302-b08-1~deb9u1   && apt-add-repository --remove 'deb http://security.debian.org/debian-security stretch/updates main' && apt-get update' returned a non-zero code: 100

I'm publishing my findings on WalletScrutiny and would love to soon list this app – particularly Android – as reproducible.
@emanuelb
Copy link

emanuelb commented Aug 7, 2022

The build failures can be fixed easily manually by removing the version strings that cause failures in time of check, like:

sed -i 's/winehq-stable=6.0.2~bullseye-1/winehq-stable/g' ./scripts/builder.Dockerfile;
sed -i 's/openjdk-8-jdk-headless=8u302-b08-1~deb9u1/openjdk-8-jdk-headless/g' ./scripts/builder.Dockerfile;

and then call the container build command:

podman build --rm -f scripts/builder.Dockerfile -t spark-builder031 .
mkdir docker-builds
podman run --rm --cap-add SYS_ADMIN --device /dev/fuse --security-opt apparmor:unconfined -it -v `pwd`/docker-builds:/target:Z,rw spark-builder

which will build debug apk, for creating release apk the RB instructions at:
https://github.com/shesek/spark-wallet/blob/8b66e1df830f9e6c1bb8eab874103a509028ca60/doc/reproducible-builds.md#reproduce-with-docker

should be updated as it's require more steps that are not documented, like creating the spark-signing-keys directory.

spark-wallet/scripts/release.sh

Lines 22 to 23 in 112fd9b

# Try loading Android signing keys
[[ -z "$ANDROID_RELEASE_CONFIG" && -f ../spark-signing-keys/build.json ]] && ANDROID_KEYS=`pwd`/../spark-signing-keys

latest commit in repo is for not released version 0.3.2-rc, for the upcoming version the suggestions regarding RB are:

  1. update rb documentation on building release apk (creating content of spark-signing-keys directroy)

  2. use SOURCE_DATE_EPOCH env var https://reproducible-builds.org/docs/source-date-epoch/

using it might allow to git rid of faketime usage in (if faketime is still needed a bug upstream for the affected component should be opened to support SOURCE_DATE_EPOCH):

spark-wallet/electron/build.sh

Lines 32 to 38 in b35d317

# Use faketime (if available) to make reproducible electron builds (works for all builds except deb and the Windows portable runner)
: ${LIBFAKETIME:=/usr/lib/x86_64-linux-gnu/faketime/libfaketime.so.1}
if [ -f "$LIBFAKETIME" ]; then
# Set a start timestamp and make the clock move *very* slowly. The build
# should finish in under 1 second with this speed.
export LD_PRELOAD=$LIBFAKETIME FAKETIME="@2017-11-08 16:58:41 x0.0000001"
fi

spark-wallet/scripts/builder.Dockerfile

Line 9 in bd89399

faketime=0.9.8-9 fuse=2.9.9-5 disorderfs=0.5.11-1

  1. update all deps as it likely 1 of them is to blame for RB failure, and do RB test locally on latest commit.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Giszmo @emanuelb