Job orb on debian-11
README
Skip to buildsorb: check opam package reproducibility
This tool can check if an opam package build is reproductible (cf. https://reproducible-builds.org). It has two subcommands: build and rebuild.
The orb build conducts a build of an opam package, and collects the build result (and hashes thereof) and the build input (or build info), consisting of:
- build-environment (the environment variables plus OS/OS_DISTRIBUTION/OS_FAMILY/OS_VERSION/ORB_VERSION)
- system-packages (the installed packages on the system)
- opam-switch (opam switch export --full --freeze - a textual representation containing all installed opam packages)
- *.build-hashes with maps of installed files to their hashes
The orb rebuild takes this data as input and conducts a second build with the same environment, and compares that the hashes of the produced binaries are identical.
The orb build also has a command-line flag "--twice" to conduct a build and a rebuild directly afterwards. For debugging reproducibility, the "--keep-build-dir" option is provided that allows to compare intermediate build products as well.
Please have a look at "--out", "--switch-name", "--solver-timeout", "--date", and other command line parameters.
It is currently used as a payload of builder-worker to run the reproducible MirageOS unikernels infrastructure.
Binary packages for different platforms (Debian, Ubuntu, FreeBSD) are available at https://builds.robur.coop
Install & use
$ opam install orb
$ orb build --twice --repos=default:https://opam.ocaml.org cmdliner
Simple (and fast) failing and successful reproducible opam packages are in the reproducible-testing-repo.
History
The initial development was done by Raja Boujbel (working at OCamlPro) in spring 2019 at the MirageOS retreat in Marrakesh. Another iteration was done in December 2019 by Hannes Mehnert at the reproducible builds summit. In 2020 and 2021, Reynir Björnsson contributed together with Hannes Mehnert more adjustments to use orb on FreeBSD and Debian for conducting reproducible builds of MirageOS unikernels. In 2022, the robur team contributed work to use orb with MirageOS 4, which uses opam-monorepo.
Builds
Back to readme- ☑ debian-11 2025-03-03 09:55:13Z orb.deb
SHA256:24f202e78244e5266a238c32256b815046f21cac6924e5d6780fb734fbc99582(4.58MB) - ☑ debian-11 2025-01-21 09:31:26Z orb.deb
SHA256:7fcdd0ddbb9fe5dfce05120807c30b57a0d45ecbbc6a633fd8d17f8b89bc3cff(4.57MB) - ☑ debian-11 2025-01-08 19:10:49Z orb.deb
SHA256:714be5cc48cb8416f991d957bd1714394bbc0d121cbe6dddd684c03f28062d2f(4.58MB) - ☑ debian-11 2024-12-04 19:25:49Z orb.deb
SHA256:618dbdeec2a9c4893e5f5d146e0e233105023e28ce1c6339b4c3461dd8c7a20f(4.58MB) - ☑ debian-11 2024-12-03 19:10:23Z orb.deb
SHA256:6b1deb12a06c0d7995ec80e400d72f10c47e5ba796d6c587f81326bc8247ed2c(4.58MB) - ☑ debian-11 2024-11-14 14:21:33Z orb.deb
SHA256:76c87a064fe8b1a38f8981cfa1299eb345b4db4d435a39bb2b686f0d419beb6b(4.56MB) - ☑ debian-11 2024-09-18 14:21:13Z orb.deb
SHA256:24d1c6dfe8a6624563548766e2ff12f66c15d3b1e7740df9aee09d07cf7fddcd(4.56MB) - ☑ debian-11 2024-09-13 14:22:35Z orb.deb
SHA256:4944940406a2c974d25874107b18e9355efa7b58a8e4abd2063f7a5ab07faa0b(4.56MB) - ☑ debian-11 2024-09-03 14:20:30Z orb.deb
SHA256:dace3db108ea8e5a9163901ed9f8ef825d161c624b9cfb1f525c8ee61e328b48(4.55MB) - ☑ debian-11 2024-08-26 14:23:24Z orb.deb
SHA256:ae4c8409882897c255963b7d4030ac6d1b951b431648eef20faf49fce77c6123(4.15MB) - ☑ debian-11 2024-08-21 14:24:31Z orb.deb
SHA256:0052dcd6065bf46be2ce221e026f7b27481a138dd056ab30a9704fa5d6c5be9a(4.15MB) - ☑ debian-11 2024-08-08 10:35:45Z orb.deb
SHA256:c9b356f855188e886da86f018712cce771ae858f5c29683f598ea0af0d2b816d(4.15MB) - ☑ debian-11 2024-08-08 09:19:05Z orb.deb
SHA256:0f8a4a7f0e34bc486a1e12b274f8c60ea125175cfb7bc7fc9ca8f8a76b45b31c(4.55MB) - ☑ debian-11 2024-08-07 14:20:40Z orb.deb
SHA256:25766e2ed7a2e034d48ca0cfac42d0be5a8eb68198fb452e09908ab4b12aff09(4.15MB) - ☑ debian-11 2023-02-14 14:36:47Z orb.deb
SHA256:3a0ec12f161fbf77875f2d93599ed7437ed71f90e1e9eb96c8253d238cf3c0ba(4.35MB)
Including failed builds here.