ci/scripts: refactor reproducible builds (#1490)

* ci: build cache, remove 20.04, minor refactor * scripts: update build reproducibility script * script: add postgresql reproducibility * script: no cache when building image * scripts: force symlinks * scripts: also download prebuilt postgresql binary * scripts: add missing app var
2026-03-29 10:10:06 +00:00 · 2025-03-22 13:27:11 +00:00
parent 614fa2b163
commit 2e67ed9c4c
3 changed files with 117 additions and 35 deletions
--- a/scripts/reproduce-builds.sh
+++ b/scripts/reproduce-builds.sh
@@ -1,30 +1,81 @@
 #!/usr/bin/env sh
 set -eu

-tag="$1"
+TAG="$1"

-git clone https://github.com/simplex-chat/simplexmq && cd simplexmq
+tempdir="$(mktemp -d)"
+init_dir="$PWD"

-git checkout "$tag"
+mkdir -p "$init_dir/$TAG/from-source" "$init_dir/$TAG/prebuilt"
+
+git -C "$tempdir" clone https://github.com/simplex-chat/simplexmq.git &&\
+	cd "$tempdir/simplexmq" &&\
+	git checkout "$TAG"

 for os in 20.04 22.04 24.04; do
-	mkdir -p out-${os}-github;
+	os_url="$(printf '%s' "$os" | tr '.' '_')"
+	mkdir -p "$init_dir/cache/cabal/builder-${os}" "$init_dir/cache/dist-newstyle/builder-${os}"
+	chmod g+wX "$init_dir/cache"

-	docker build -f Dockerfile.build --build-arg TAG=${os} -t repro-${os} .
-	docker run -t -d --name builder-${os} repro-${os}
+	docker build \
+		--no-cache \
+		-f "$tempdir/simplexmq/Dockerfile.build" \
+		--build-arg TAG=${os} \
+		-t repro-${os} \
+		.
+
+	docker run \
+		-t \
+		-d \
+		-v "$init_dir/cache/cabal/builder-${os}:/root/.cabal" \
+		-v "$init_dir/cache/dist-newstyle/builder-${os}:/dist-newstyle" \
+		-v "$tempdir/simplexmq:/project" \
+		--name builder-${os} \
+		repro-${os}
+	
 	
 	apps='smp-server xftp-server ntf-server xftp'
-	os_url="$(printf '%s' "$os" | tr '.' '_')"
-	
-	docker exec -t -e apps="$apps" builder-${os} sh -c 'cabal build && mkdir /out && for i in $apps; do bin=$(find /project/dist-newstyle -name "$i" -type f -executable); strip "$bin"; chmod +x "$bin"; mv "$bin" /out/; done'

-	docker cp builder-${os}:/out out-${os}
+	# Regular build (all)
+	docker exec \
+		-t \
+		-e apps="$apps" \
+		builder-${os} \
+		sh -c 'ln -fs /dist-newstyle ./dist-newstyle && cabal update && cabal build && mkdir -p /out && for i in $apps; do bin=$(find /dist-newstyle -name "$i" -type f -executable); strip "$bin"; chmod +x "$bin"; mv "$bin" /out/; done'
+
+	docker cp \
+		builder-${os}:/out \
+		out-${os}
+
+	# PostgreSQL build (only smp-server)
+	docker exec \
+		-t \
+		builder-${os} \
+		sh -c 'ln -fs /dist-newstyle ./dist-newstyle && cabal update && cabal build -fserver_postgres exe:smp-server && mkdir -p /out && bin=$(find /dist-newstyle -name "smp-server" -type f -executable); strip "$bin"; chmod +x "$bin"; mv "$bin" /out/'
+
+	docker cp \
+		builder-${os}:/out/smp-server \
+		"$init_dir/$TAG/from-source/smp-server-postgres-ubuntu-${os_url}-x86-64"
+
+	curl -L \
+		--output-dir "$init_dir/$TAG/prebuilt/" \
+		-O \
+		"https://github.com/simplex-chat/simplexmq/releases/download/${TAG}/smp-server-postgres-ubuntu-${os_url}-x86-64"
 	
 	for app in $apps; do
-		curl -L "https://github.com/simplex-chat/simplexmq/releases/download/${tag}/${app}-ubuntu-${os_url}-x86-64" -o out-${os}-github/${app}
+		curl -L \
+			--output-dir "$init_dir/$TAG/prebuilt/" \
+			-O \
+		       	"https://github.com/simplex-chat/simplexmq/releases/download/${TAG}/${app}-ubuntu-${os_url}-x86-64"
+
+		mv "./out-${os}/$app" "$init_dir/$TAG/from-source/${app}-ubuntu-${os_url}-x86-64"
 	done

 	docker stop builder-${os}
 	docker rm builder-${os} 
 	docker image rm repro-${os}
 done
+
+# Cleanup
+cd "$init_dir"
+rm -rf "$tempdir"