-
Notifications
You must be signed in to change notification settings - Fork 16
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
We can not reproduce the same chcksum for cardano-cli #1013
Comments
@n0price> that is because the SHA in This is visible here: https://github.com/IntersectMBO/cardano-cli/blob/5c768706b41f/.github/workflows/release-upload.yml#L206 Let me know if you need further assistance. |
I downloaded the cardano-cli binary from the release 10.2.0.0 located in cardano-cli-10.2.0.0-x86_64-linux/cardano-cli. After running the command: strip --strip-all cardano-cli-10.2.0.0-x86_64-linux/cardano-cli 82f82d3c255b51904119dfcabc6af21df59213d08e40ba0614892c329f2cfd9d The comparison was conducted only on the binaries, using the same steps |
The release binaries are uploaded from Hydra CI builds, which is based on nix-ops (not cabal build you're tracking on github workflows) that IO uses across the board for their devops. |
How then to reproduce the same hash? I need to build cabal build. which version ghc and cabal version is used? |
I'm not sure what you want to achieve @n0price. The purpose of tags listed in the
|
For risks reasons to remove single point of failure we should be able to reproduce the same hash using the same code. |
@CarlosLopezDeLara> do you know if we could redirect this reproducibility feature to another team? This is outside the scope of the |
Thanks, just to add, IMHO this is crucial for institutions and will become even more essential in the future.
|
Alas because the binaries in releases are built by Hydra, it is outside of the scope of this team to know the details of how the binaries are generated. The build process goes as follows if you want to dig by yourself: The release pipeline workflow is called when a tag is created: And then the pipeline takes the binaries built by Hydra's run on the given commit: which, in the case of Then if you go to this commit's view: You should open the CI's run for this commit and select this Hydra entry: Open Hydra as follows: Select the And then access the logs, which tell you how Nix built the thing: So if you are capable of reproducing this Nix build, you should maybe get a hash similar to the one attached to release, but byte for byte reproducibility is its own deep topic, which the CLI team is not responsible for; and so we cannot help you more here. |
We can not reproduce the sha256sum for the version 10.2.0.0.
cardano-cli-10.2.0.0-sha256sums.txt
The text was updated successfully, but these errors were encountered: