[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#932943: Missing SHA512 and gpg signature

On Sat, Aug 03, 2019 at 09:23:58PM +0100, Chris Boot wrote:
> Currently the build tools generate the raw image using FAI, then wrap it
> into a tarball. The tarball is then xz compressed outside
> debian-cloud-images in the GitLab CI job.
> Is there any reason to keep it that way? Why don't we move the
> compression into debian-cloud-images?

The output of the build process is uncompressed.  This is by design, as
compression is inherent expensive.

The stuff is only compressed with xz because the artifacts would be too
large otherwise, as zip does not feature really useful compression.

> Without this I don't see how debian-cloud-images can calculate a useful
> set of checksums for the cloud images. We either checksum the raw image
> itself or the tarball but neither is what ends up on patterson.

The checksum of the stuff after build is not that useful.  Only the
converted and compressed output on the storage is relevant.

Bastian

-- 
Suffocating together ... would create heroic camaraderie.
		-- Khan Noonian Singh, "Space Seed", stardate 3142.8
Reply to: