Guix on Trisquel & Ubuntu for Reproducible CI/CD Artifacts #guix #trisquel #Containers #podman https://blog.josefsson.org/2025/12/03/guix-on-trisquel-ubuntu-for-reproducible-ci-cd-artifacts/
Discussion
Loading...
Post
@jas Also, the last snippet shows different hashes for ‘guile-gnutls-v5.0.1-src.tar.gz’.
Did you find out why they’re different?
@civodul Git came from Ubuntu/Trisquel here, I wanted to illustrate that “git-archive” output depends on version and libraries. Ubuntu 22.04 git behave different from Ubuntu 24.04 git. There are at least four different variants in wide use depending on which OS you use (related to git export-subst features and libz vs libz-ng).
@jas Interesting. Do you know how the two archives differ concretely?
(Disarchive can figure out compression parameters, which might be useful here.)
@civodul @jas Well, git-archive depends on the locally installed Tar and GZip versions found in $PATH. Therefore, I’m not surprised that the archives are different when produced by two very different Ubuntu releases (22 vs 24).
Indeed, disarchive could super handy to collect the various “compressed tarball” parameter. Then diff the two “diarchive dissemble“ outputs. 😁
@jas Neat!
One thing I wonder: why use different host distros since the build tools are taken from Guix?
It is tempting to move from ‘guix install’ to ‘guix shell --pure’, then to ‘--container’ or ‘guix build -f guix.scm’, but at that point the host distro doesn’t have any influence on the final result.
@civodul As for Ubuntu & Trisquel, one aspect is to confirm that Trisquel remains compatible with Ubuntu for producing artifacts. I do not feel comfortable producing artifacts using Ubuntu with all its non-free stuff that may compromise things, and I didn’t feel comfortable switching to (back-then) relatively untested Trisquel images. Building for both and comparing was my way out of that dilemma. 2/2
@civodul I agree moving towards pure Guix environment is better - I am getting there 😊 These images target building software that use mixed build dependencies, some parts coming from Guix and some from Debian/Trisquel/Ubuntu. My first need for this was LibIDN’s Dot.Net port that required the Mono stack from Debian, although now Guix has that too. 1/2
A small Bonfire corner on the internet
This is a small personal instance of Bonfire in the Fediverse.
Automatic federation enabled