This is an automated email from the ASF dual-hosted git repository. vy pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/logging-log4j-tools.git
commit 0c96311b931b857e832a5028af7303c7015d5b4a Author: Volkan Yazıcı <[email protected]> AuthorDate: Mon Dec 12 21:17:41 2022 +0100 Fail build for not reproducible builds --- .github/workflows/build.yml | 30 ++++++++++++++++++++++-------- 1 file changed, 22 insertions(+), 8 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index df8e796..430663b 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -45,23 +45,37 @@ jobs: architecture: x64 cache: maven - # `install` is required to verify reproducible builds: https://maven.apache.org/guides/mini/guide-reproducible-builds.html#how-to-test-my-maven-build-reproducibility - - name: Build using Maven + # We could have used `verify`, but `clean install` is required while generating the build reproducibility report, which is performed in the next step. + # For details, see: https://maven.apache.org/guides/mini/guide-reproducible-builds.html#how-to-test-my-maven-build-reproducibility + - name: Build shell: bash run: | ./mvnw \ --show-version --batch-mode --errors --no-transfer-progress \ - -DskipTests=true \ - install + -DtrimStackTrace=false \ + -DinstallAtEnd=true \ + clean install - # `artifact:compare` is required to verify reproducible builds: https://maven.apache.org/guides/mini/guide-reproducible-builds.html#how-to-test-my-maven-build-reproducibility - - name: Verify using Maven + # `clean verify artifact:compare` is required to generate the build reproducibility report. + # For details, see: https://maven.apache.org/guides/mini/guide-reproducible-builds.html#how-to-test-my-maven-build-reproducibility + - name: Report build reproducibility shell: bash run: | ./mvnw \ --show-version --batch-mode --errors --no-transfer-progress \ - -DtrimStackTrace=false \ - verify artifact:compare + -DskipTests=true \ + clean verify artifact:compare + + - name: Verify build reproducibility + shell: bash + run: | + for report_file in target/*.buildcompare **/target/*.buildcompare; do + if ! grep -q "^ko=0$" "$report_file"; then + echo "Spotted build reproducibility failure in \`$report_file\`:" + cat "$report_file" + exit 1 + fi + done merge:
