Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Reproducible builds of unit-e #466

Closed
cornelius opened this issue Jan 23, 2019 · 2 comments
Closed

Reproducible builds of unit-e #466

cornelius opened this issue Jan 23, 2019 · 2 comments
Assignees
@cornelius @Ruteri
Labels
build Build system
Milestone
0.1

Comments

@cornelius
Copy link
Member

Bitcoin uses gitian to create reproducible builds, i.e. deterministic builds which create the same binary result even when run by different people and at different times. They use this to create the Bitcoin Core release builds. Signatures of builds by different people are collected in the gitian.sigs and once they have signatures on matching results from at least three different people, they publish the release.

We need to look into this system, check if it works with the current unit-e code and what would have to be changed to make it work, and decide if we want to use it for our release builds as well.

The advantage would be that we can leverage what upstream does and have a decentralized system to validate release builds which doesn't require something like a trusted build server.

The disadvantage is that the system is quite complex, goes through several layers of abstractions, only works in a narrowly defined environment (which can be run in a virtual machine, though), and takes some time to result in published release builds.
@cornelius cornelius added the build Build system label Jan 23, 2019
@cornelius cornelius self-assigned this Jan 23, 2019
@thothd thothd added this to the 0.1 milestone Jan 23, 2019
@Ruteri Ruteri mentioned this issue Jan 30, 2019
Merged
Ruteri added a commit that referenced this issue Jan 31, 2019
@Ruteri
Gitian unit e (#511)
f3c9480 
Adapted gitian to Unit-e

* Added option to build for windows without gui
* Set version in gitian descriptors to 0.0.1
* Bumped minimal OS versions
* Made version and signer regular options

Addresses #466

Signed-off-by: Mateusz Morusiewicz <[email protected]>
@Ruteri
Copy link
Member

Ruteri commented Jan 31, 2019
edited
Loading

#511 adapts gitian build script and descriptors to Unit-e. It is now possible to build Unit-e and extract the signatures.

This was referenced Feb 1, 2019
Merged
Merged
@cornelius
Copy link
Member Author

Reproducible builds of unit-e with gitian are functional now. We cherry-picked the latest upstream version of the gitian builds (#508, #548) and made it work with unit-e (#511). There also are quite a bit of improvements to the build script (e.g. #549, #550, #551). This is a solid working base now.

We still need to put an actual release through the gitian builds and make sure that the builds and signing and verifying releases works. We will do that with a first 0.0.1 release as soon as we have a first working version of what we intend to release in master.

We have removed the Qt based wallet now (#689, #676, #569) and also don't build the DMGs for Mac anymore (#663). This simplifies the build system quite a bit.

The gitian build script now also works on Mac (#610), building in a Docker container.

As the general work is done now, I'll close this issue. We'll create more specific follow-up issues as needed.

@cornelius cornelius mentioned this issue Mar 5, 2019
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@cornelius cornelius

@Ruteri Ruteri

Labels
build Build system
Projects
None yet
Milestone
0.1
Development

No branches or pull requests
3 participants
@cornelius @thothd @Ruteri