• Icon: Story Story
    • Resolution: Unresolved
    • Icon: Major Major
    • None
    • CentOS Stream 10, rhel-9.6, rhel-10.0
    • ubi9-container
    • None
    • rhel-sst-bootc, rhel-sst-container-tools
    • None
    • False
    • Hide

      None

      Show
      None
    • None
    • None
    • None
    • None
    • None

      https://reproducible-builds.org/ provide real value for us and customers, helping ensure at least two things:

      • Avoiding "change amplification" where e.g. a rebuild triggered because of a change to something like a LABEL in the containerfile doesn't result in a pointless regeneration of the tarball, causing customers to need to redownload it. And in general we need to provide best practices and guidance for our own container builds and for customers to avoid "base image change amplification" where updating the base layer causes the rebuild of the higher layers to result in a new tarball, meaning we push a pointless change to the registry which customer unnecessarily redownloads for the app
      • Reproducible builds prove that our binary artifacts came from the sources we claim they did.

      In this epic we will do a spike to show that our build of ubi9 is reproducible.

              container-runtime-eng Container Runtime Eng Bot
              walters@redhat.com Colin Walters
              Container Runtime Eng Bot Container Runtime Eng Bot
              Container Runtime Bugs Bot Container Runtime Bugs Bot
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated: