On Mon, 2011-07-11 at 09:11 -0500, Zach Pfeffer wrote:
In-order to make reproducible builds we create pinned manifests with each commit explicitly listed. We also use this method to create a release. We depend on these pinned commits - if they don't exist the "released" builds can no longer be reproduced.
Yea. I'm totally fine with adding tags, and we're working on the kernel team to get a consistent tagging method created.
That said, wouldn't using the specific sha1s in the manifest be a lower overhead solution?
Otherwise you run into oddball issues where a "-final" tag is created, and a build is made, and a bug is found, and fix committed, and that fix is tested and then we say ok "-final-forrealthistime", etc.
Otherwise, we need to do a loop where the current tree is built, tested, and "acked" in some way. Then we make the tag and build the "official" release.
So if build reproduction is the goal, creating the manifests using the current sha1 hashes allows for that in a very simple way with less overhead or complications.
That said, having human usable names is definitely useful, and the plan is for there to be consistent tagging between trees so we can easily tell what release is based on what point in a tree (so we know which linaro tree the linaro+android tree contains). However, these tags will most likely be date based (something like: linaro-3.0-11.07.12-android-15), and thus somewhat too coarse if there are numerous last minute builds (in which case sha1s are better because they are much more exact).
thanks -john