From 71a80c5e36906fb3e68044293d2f75be8e14c980 Mon Sep 17 00:00:00 2001 From: Bogdan Mukvich Date: Mon, 16 Jan 2023 17:01:58 +0100 Subject: [PATCH] Reproducible build should not run as root inside docker --- docs/building/build-1.8.10-draft.md | 72 +++++++++++++++++++++++++++++ 1 file changed, 72 insertions(+) create mode 100644 docs/building/build-1.8.10-draft.md diff --git a/docs/building/build-1.8.10-draft.md b/docs/building/build-1.8.10-draft.md new file mode 100644 index 00000000000..d4b434f5bc0 --- /dev/null +++ b/docs/building/build-1.8.10-draft.md @@ -0,0 +1,72 @@ +# Building 1.8.10 + +This tutorial explains how to build release [1.8.10](https://github.com/JetBrains/kotlin/releases/tag/v1.8.10) locally. + +## Prerequisites + +You must have: +* Linux or macOS. +* Docker installed. +* 14 GB memory available and configured in Docker. +* To get reproducible artifacts, [umask](https://en.wikipedia.org/wiki/Umask) command without parameters should + produce `0022` or `022` output. + +## Set environment variables + +The following environment variables must be set: + +```shell +export DEPLOY_VERSION=1.8.10 +export BUILD_NUMBER=1.8.10-release-1 +export KOTLIN_NATIVE_VERSION=1.8.10 +export DOCKER_CONTAINER_URL=kotlin.registry.jetbrains.space/p/kotlin/containers/kotlin-build-env:v6 +``` + +## Clone Kotlin repository + +In a new folder, clone the release tag from the Kotlin repository, and change directory to the build folder: + +```shell +git clone --depth 1 --branch v$DEPLOY_VERSION https://github.com/JetBrains/kotlin.git kotlin-build-$DEPLOY_VERSION +cd kotlin-build-$DEPLOY_VERSION +``` + +## Build and verify the compiler + +```shell +docker run --rm -it --name kotlin-build-$DEPLOY_VERSION \ + --workdir="/repo" \ + --volume="$(pwd):/repo" \ + --user="$(id -u):$(id -g)" \ + $DOCKER_CONTAINER_URL \ + /bin/bash -c "./scripts/build-kotlin-compiler.sh $DEPLOY_VERSION $BUILD_NUMBER" +``` + +This generates a ZIP file: `dist/kotlin-compiler-1.8.10.zip`. + +Check that the SHA 256 checksum is equal to the published one for [kotlin-compiler-1.8.10.zip](https://github.com/JetBrains/kotlin/releases/download/v1.8.10/kotlin-compiler-1.8.10.zip): + +`0bb9419fac9832a56a3a19cad282f8f2d6f1237d2d467dc8dfe9bd4a2a43c42e` + +## Build and verify maven artifacts + +```shell +export BUILD_NUMBER="1.8.10-release-345(1.8.10)" +docker run --rm -it --name kotlin-build-$DEPLOY_VERSION \ + --workdir="/repo" \ + --volume="$(pwd):/repo" \ + --user="$(id -u):$(id -g)" \ + $DOCKER_CONTAINER_URL \ + /bin/bash -c "./scripts/build-kotlin-maven.sh $DEPLOY_VERSION '$BUILD_NUMBER' $KOTLIN_NATIVE_VERSION" +docker run --rm -it --name kotlin-build-repack-zip-with-stable-entries-order-$DEPLOY_VERSION \ + --workdir="/repo" \ + --volume="$(pwd):/repo" \ + --user="$(id -u):$(id -g)" \ + $DOCKER_CONTAINER_URL \ + /bin/bash -c "cd build/repo-reproducible && rm reproducible-maven-$DEPLOY_VERSION.zip || true && find . -type f | sort | zip -X reproducible-maven-$DEPLOY_VERSION.zip -@" +``` + +This generates a ZIP file: `build/repo-reproducible/reproducible-maven-1.8.10.zip`. + +Check that the SHA 256 checksum is equal to +`98573938b708c193ca68c7269d29e6ac777dfe780b3935bc733d4c428a45d4e5`. \ No newline at end of file