-
Story
-
Resolution: Unresolved
-
Major
-
None
-
CentOS Stream 10, rhel-9.6, rhel-10.0
-
None
-
rhel-sst-bootc, rhel-sst-container-tools
-
None
-
False
-
-
None
-
None
-
None
-
None
-
None
https://reproducible-builds.org/ provide real value for us and customers, helping ensure at least two things:
- Avoiding "change amplification" where e.g. a rebuild triggered because of a change to something like a LABEL in the containerfile doesn't result in a pointless regeneration of the tarball, causing customers to need to redownload it. And in general we need to provide best practices and guidance for our own container builds and for customers to avoid "base image change amplification" where updating the base layer causes the rebuild of the higher layers to result in a new tarball, meaning we push a pointless change to the registry which customer unnecessarily redownloads for the app
- Reproducible builds prove that our binary artifacts came from the sources we claim they did.
In this epic we will do a spike to show that our build of ubi9 is reproducible.