save progress

2025-12-28 01:40:35 +02:00
parent 3bfbbae115
commit cec4265a40
694 changed files with 88052 additions and 24718 deletions
--- a/devops/docker/repro-builders/debian/Dockerfile
+++ b/devops/docker/repro-builders/debian/Dockerfile
@@ -0,0 +1,59 @@
+# Debian Reproducible Builder
+# Creates deterministic builds of Debian packages for fingerprint diffing
+#
+# Usage:
+#   docker build -t repro-builder-debian:bookworm --build-arg RELEASE=bookworm .
+#   docker run -v ./output:/output repro-builder-debian:bookworm build openssl 3.0.7-1
+
+ARG RELEASE=bookworm
+FROM debian:${RELEASE}
+
+ARG RELEASE
+ENV DEBIAN_RELEASE=${RELEASE}
+ENV DEBIAN_FRONTEND=noninteractive
+
+# Install build tools
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    build-essential \
+    devscripts \
+    dpkg-dev \
+    equivs \
+    fakeroot \
+    git \
+    curl \
+    ca-certificates \
+    binutils \
+    elfutils \
+    coreutils \
+    patch \
+    diffutils \
+    file \
+    jq \
+    && rm -rf /var/lib/apt/lists/*
+
+# Create build user
+RUN useradd -m -s /bin/bash builder \
+    && echo "builder ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers
+
+USER builder
+WORKDIR /home/builder
+
+# Copy scripts
+COPY --chown=builder:builder scripts/build.sh /usr/local/bin/build.sh
+COPY --chown=builder:builder scripts/extract-functions.sh /usr/local/bin/extract-functions.sh
+COPY --chown=builder:builder scripts/normalize.sh /usr/local/bin/normalize.sh
+
+USER root
+RUN chmod +x /usr/local/bin/*.sh
+USER builder
+
+# Environment for reproducibility
+ENV TZ=UTC
+ENV LC_ALL=C.UTF-8
+ENV LANG=C.UTF-8
+
+VOLUME /output
+WORKDIR /build
+
+ENTRYPOINT ["/usr/local/bin/build.sh"]
+CMD ["--help"]