On 11/21/24 9:51 AM, Simon Josefsson wrote: > I support going even further: I think the Debian build infrastructure > should over time be moved over to Salsa pipelines. GitLab pipelines > offer a lot of transparency, security and reproducability benefits > compared to the current Debian buildds which in my perception operate > under a "trust us we know what we are doing but we can't be bothered to > be transparent about it" policy that doesn't inspire confidence in me.
Generally everything is in publicly available git repositories, if you know where to look (somewhere distributed between wanna-build, buildd, pybuildd, and dsa-puppet). The setup of the coordinator in particular suffers from only having a single installation (not even a staging/test one), though. I agree in principle in that a lot of trust needs to be extended to the management and operation here - and we could do much better. I'm not sure if pipelines are any better if the runner could equally tamper with the builds. But everything is in git somewhere. One challenge in particular is that we don't have virtualization available on all architectures equally, so we are operating with machines that are not ephemeral. And we would not have the resources to do extensive maintenance on a machine after every build. Hence Reproducible Builds to keep us honest. That said: There hasn't been much innovation in this space so far - in a way that was usable by Debian. Making builds something based off tasks (e.g. in a pipeline) when a package is uploaded rather than diffing the archive and trying to match the intent is something I would have wanted to see for a long time. Kind regards Philipp Kern
