Skip to content
Commits on Source (4)
Hide whitespace changes
Inline Side-by-side
2019-07-21-DebConf19/index.html
View file @ e13aeb1c
......@@ -130,14 +130,14 @@
<br>
<br>
<br>
<br>
<br>
<h3>
aiming for <em>bullseye</em>!
</h3>
<br>
<br>
<h4>
Vagrant Cascadian / Chris Lamb / Holger Levsen
<h4>
Vagrant Cascadian / Chris Lamb / Holger Levsen
</h4>
</section>
......@@ -157,13 +157,17 @@
<p class="fragment">Reproducible Builds have the purpose to enable anyone to reproduce identical binary packages from a given source.</p>
</section>
<section>
<iframe width="1000px" height="500px" src="https://www.youtube.com/embed/PSxm2DbDHG8"></iframe>
</section>
<section class="title" data-background="images/800px-Debconf19-horizontal.png" data-background-size="15%" data-background-position="90% 10%">
<h3>Project goals</h3>
<p class="fragment">Ensure builds have identical results.</p>
<p class="fragment">We want to change the meaning of ”Free Software”:
It’s only Free Software if it’s reproducible!</p>
</section>
<section class="title" data-background="images/800px-Debconf19-horizontal.png" data-background-size="15%" data-background-position="90% 10%">
<h3>Other talks</h3>
<br>
......@@ -178,13 +182,13 @@ It’s only Free Software if it’s reproducible!</p>
<section class="title" data-background="images/800px-Debconf19-horizontal.png" data-background-size="15%" data-background-position="90% 10%">
<p>We have a logo:</p>
<img class="fragment" src="images/logo.png" width="584">
<img class="fragment" src="images/logo.png" width="584">
<p class="fragment">4th Reproducible Builds Summit in Paris</p>
</section>
<section class="title" data-background="images/800px-Debconf19-horizontal.png" data-background-size="15%" data-background-position="90% 10%">
<img src="images/sfc.png" width="584">
<p class="fragment">R-B now a Software Freedom Conservancy project</p>
<section class="title" data-background="images/800px-Debconf19-horizontal.png" data-background-size="15%" data-background-position="90% 10%">
<img src="images/sfc.png" width="584">
<p class="fragment">Reproducible Builds is now a Software Freedom Conservancy project</p>
</section>
<!-- stevenc -->
......@@ -193,7 +197,7 @@ It’s only Free Software if it’s reproducible!</p>
<h3>Other projects</h3>
<p class="fragment">Arch Linux at ~80% reproducible packages</p>
<p class="fragment">openSUSE at 93%</p>
<p class="fragment">openSUSE and Arch Linux now included in tests.r-b.o database</p>
<p class="fragment">openSUSE and Arch Linux now included in tests.reproducible-builds.org database</p>
<p class="fragment">Alpine being tested since MiniDebConf Hamburg 2019</p>
<p class="fragment">NetBSD and FreeBSD base systems at 100% for the base install</p>
<p class="fragment">Tails 3.3, 3.6.1 &rarr; 100% reproducible ISO images</p>
......@@ -203,7 +207,7 @@ It’s only Free Software if it’s reproducible!</p>
<section class="title" data-background="images/800px-Debconf19-horizontal.png" data-background-size="15%" data-background-position="90% 10%">
<h3>Collaboration is great</h3>
<p>lots of very nice, unexpected results...</p>
<img class="fragment" src="images/reprobuilds-display.jpeg" width=100%">
<img class="fragment" src="images/reprobuilds-display.jpeg" width=100%">
</section>
<section class="title" data-background="images/800px-Debconf19-horizontal.png" data-background-size="15%" data-background-position="90% 10%">
......@@ -222,7 +226,7 @@ It’s only Free Software if it’s reproducible!</p>
<section class="title" data-background="images/800px-Debconf19-horizontal.png" data-background-size="15%" data-background-position="90% 10%">
<p>Applied and unapplied patches</p>
<img class="fragment" src="images/stats_bugs_sin_ftbfs_state.png" width="120%">
<img class="fragment" src="images/stats_bugs_sin_ftbfs_state.png" width="120%">
</section>
......@@ -251,41 +255,41 @@ int main() {
<section class="title" data-background="images/800px-Debconf19-horizontal.png" data-background-size="15%" data-background-position="90% 10%">
<h3>macro-prefix-map not accepted by upstream (yet)</h3>
<p>so we tag this <em>buster-ignore</em> and (probably) <em>bullseye-ignore</em> as well</p>
<p>simple workaround: rebuild in recorded path</p>
<p>so we tag this <em>buster-ignore</em> and (probably) <em>bullseye-ignore</em> as well</p>
<p>simple workaround: rebuild in recorded path</p>
<p class="fragment">needs someone to drive $this</p>
</section>
<!-- issues in-depth -->
<section class="title">
<h3>Debian is wrong</h3>
<p>93% is a lie. We need infrastructure, processes and policies. (And testing. Currently we only have testing and a vague goal.)<p>
<p class="fragment">With the upcoming list of bugs we
don't want to fingerpoint at individual teams,
instead I think we can only solve this if we as Debian
decide we want to solve it for <em>buster</em>.
<br />
I think this is not happening because people believe
things have been sorted out and we take care of them.
But we are not, we can't do this alone.</p>
<p>93% is a lie. We need infrastructure, processes and policies. (And testing. Currently we only have testing and a vague goal.)<p>
<p class="fragment">With the upcoming list of bugs we
don't want to fingerpoint at individual teams,
instead I think we can only solve this if we as Debian
decide we want to solve it for <em>buster</em>.
<br />
I think this is not happening because people believe
things have been sorted out and we take care of them.
But we are not, we can't do this alone.</p>
</section>
<section class="title">
<h3>The difference between theory and practice</h3>
<p>93% is a lie.</p>
<p class="fragment">54% on March 5th 2019.</p>
<p class="fragment">31% today.</p>
<p class="fragment">We can still improve this, though 24% (6804) of our source packages have not been uploaded nor binNMUed since December 2016.</p>
<p class="fragment">I'm not sure I want to / we should upload &gt;5000 source packages in the next 2 years. So mass binNMUs for the rescue?</p>
<p>93% is a lie.</p>
<p class="fragment">54% on March 5th 2019.</p>
<p class="fragment">31% today.</p>
<p class="fragment">We can still improve this, though 24% (6804) of our source packages have not been uploaded nor binNMUed since December 2016.</p>
<p class="fragment">I'm not sure I want to / we should upload &gt;5000 source packages in the next 2 years. So mass binNMUs for the rescue?</p>
</section>
<section class="title" data-background="images/800px-Debconf19-horizontal.png" data-background-size="15%" data-background-position="90% 10%">
<h3>Major blockers, where to help</h3>
<p>#869184<br>sbuild, dput, dpkg: source uploads including <code>_amd64.buildinfo</code> causes problems</p>
<p>#869184<br>sbuild, dput, dpkg: source uploads including <code>_amd64.buildinfo</code> causes problems</p>
<p class="fragment">#894441<br>binNMUs, mtimes and <code>rsync(1)</code> causes problems and binNMUs should be replaced by easy "no-change-except-debian/changelog-uploads"</p>
<p class="fragment">blocker for #900837<br>release.debian.org: Mass-rebuild of packages for reproducible builds"</p>
<p class="fragment">blocker for #900837<br>release.debian.org: Mass-rebuild of packages for reproducible builds"</p>
</section>
<section class="title" data-background="images/800px-Debconf19-horizontal.png" data-background-size="15%" data-background-position="90% 10%">
......@@ -298,26 +302,26 @@ int main() {
<section class="title" data-background="images/800px-Debconf19-horizontal.png" data-background-size="15%" data-background-position="90% 10%">
<h3><code>.buildinfo</code> files</h3>
<p>buildinfo.debian.net</p>
<p class="fragment">buildinfos.debian.net</p>
<p class="fragment">buildinfos.debian.net</p>
</section>
<section class="title" data-background="images/800px-Debconf19-horizontal.png" data-background-size="15%" data-background-position="90% 10%">
<h3><code>.buildinfo</code> files</h3>
<p>buildinfo.debian.net: allows submissions from everyone</p>
<p class="fragment">buildinfos.debian.net: ftp view with pool structure and build date based</p>
<p class="fragment">buildinfos.debian.net: ftp view with pool structure and build date based</p>
</section>
<section class="title" data-background="images/800px-Debconf19-horizontal.png" data-background-size="15%" data-background-position="90% 10%">
<h3><code>.buildinfo</code> files from an unofficial service?</h3>
<p class="fragment">there should be a debian.org machine serving <code>.buildinfo</code> files to the public.</p>
<p class="fragment">since December 2016: 965333 files in total, eg 118195 amd64 related.</p>
<p class="fragment">12 GB files, 4 GB links.</p>
<h3><code>.buildinfo</code> files from an unofficial service?</h3>
<p class="fragment">there should be a debian.org machine serving <code>.buildinfo</code> files to the public.</p>
<p class="fragment">since December 2016: 965333 files in total, eg 118195 amd64 related.</p>
<p class="fragment">12 GB files, 4 GB links.</p>
</section>
<section class="title" data-background="images/800px-Debconf19-horizontal.png" data-background-size="15%" data-background-position="90% 10%">
<h3>user facing interface</h3>
<p class="fragment">#863622<br> apt: warn when installing packages that are not reproducible</p>
<p class="fragment">#863622<br> apt: warn when installing packages that are not reproducible</p>
<p class="fragment">that would be great for bullseye, but...</p>
<p class="fragment">the goal should be to not install nor to run unreproducible software.</p>
<p class="fragment">in-toto brings this to the next level...</p>
......@@ -325,25 +329,25 @@ int main() {
<section class="title" data-background="images/800px-Debconf19-horizontal.png" data-background-size="15%" data-background-position="90% 10%">
<h3>tests.reproducible-builds.org</h3>
<p>results saved in common database</p>
<p>json for Debian, openSUSE, Arch Linux, OpenWrt, Alpine</p>
<p class="fragment">shared notes, cross distro links</p>
<p class="fragment">two kinds of tests: CI tests (like we have now) and tests against what's on "ftp.(debian|archlinux|...).org"</p>
<p>results saved in common database</p>
<p>json for Debian, openSUSE, Arch Linux, OpenWrt, Alpine</p>
<p class="fragment">shared notes, cross distro links</p>
<p class="fragment">two kinds of tests: CI tests (like we have now) and tests against what's on "ftp.(debian|archlinux|...).org"</p>
</section>
<section class="title" data-background="images/800px-Debconf19-horizontal.png" data-background-size="15%" data-background-position="90% 10%">
<h3>Debian <em>stretch</em></h3>
<p>the 'reproducibly in theory but not in practice' release</p>
<p>the 'reproducibly in theory but not in practice' release</p>
<h3>Debian <em>buster</em></h3>
<p>the 'we could be reproducible but we are not' release</p>
<p>the 'we could be reproducible but we are not' release</p>
<h3>Debian <em>bullseye</em></h3>
<p>the 'we are almost there but still haven't sorted out...' release???</p>
<p>the 'we are almost there but still haven't sorted out...' release???</p>
</section>
<section class="title" data-background="images/800px-Debconf19-horizontal.png" data-background-size="15%" data-background-position="90% 10%">
<h3>Debian <em>bullseye</em></h3>
<p>the release is still far away and we haven't frozen yet! :-)</p>
<img class="fragment" src="images/hc_fdroid_fosdem16-idea.png" width="584">
<p>the release is still far away and we haven't frozen yet! :-)</p>
<img class="fragment" src="images/hc_fdroid_fosdem16-idea.png" width="584">
</section>
......@@ -357,8 +361,8 @@ int main() {
</h3>
<br>
<br>
<h4>
Vagrant Cascadian / Chris Lamb / Holger Levsen
<h4>
Vagrant Cascadian / Chris Lamb / Holger Levsen
</h4>
</section>
</div>
......