Irregular status update about reproducible live-build ISO images

To: Debian-live mailing list <debian-live@lists.debian.org>, General discussions about reproducible builds <rb-general@lists.reproducible-builds.org>
Subject: Irregular status update about reproducible live-build ISO images
From: Roland Clobus <rclobus@rclobus.nl>
Date: Sun, 2 Jul 2023 17:37:30 +0200
Message-id: <[🔎] fa5a22a5-95e2-0a4d-70ec-d65a0cd2385f@rclobus.nl>

Hello lists,

here is the 18th update of the status for reproducible live-build ISOimages [1].

Single line summary: Live images are looking good, and the number of(passed) automated tests is growing


Reproducible status:

* All major desktops build reproducibly with bullseye, bookworm, trixieand sid


My activities in March, April, May, June:
* Non-free-firmware is added, the images are reproducible
* The live images are generated officially by Debian
* Better support for UEFI secure boot in live-build [10]
* Stabilising the tests in openQA [6][7][9]
* New test in openQA: the Calamares installer [8]
* The live images have less authentication prompts (pending) [2]
* A little bug triaging

Work to be done:

* More investigation is required to provide long-term reproducibility,because the live image will be generated without using a snapshot server* Test the official images and regular snapshot images in openQA as wellas the images generated by Jenkins (possibly replacing the imagesgenerated by Jenkins)

* Review the results of the generated ISO images in my local openQA instance
* Adjust the content of the live-build image
** Make the boot menu more similar to the live-wrapper menu
** Add a 'persistent' option (as seen in Kali)
** Keep the accessibility improvements made in the live-wrapper boot menu
** Verify the package lists
*** e.g. the Debian Reference is installed for es and it, but not en
** The additional firmware has made the live images much larger

** All locales are present in the live image, but they are notactivated, which results in a silly GNOME welcome screen [3]

** The .disk/info file must be made similar to the 11.x series [4]
* Bug triaging for issues reported against live-build
* Many other things. I'll update the current TODO page [5]

With kind regards,
Roland Clobus

[1] https://wiki.debian.org/ReproducibleInstalls/LiveImages
[2] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1037295
[3] https://lists.debian.org/debian-live/2023/06/msg00017.html
[4] https://lists.debian.org/debian-live/2023/06/msg00023.html
[5] https://wiki.debian.org/DebianLive/TODO
[6] https://salsa.debian.org/live-team/live-build/-/merge_requests/308
[7] https://salsa.debian.org/live-team/live-build/-/merge_requests/309

[8]https://salsa.debian.org/qa/openqa/openqa-tests-debian/-/merge_requests/27[9] https://salsa.debian.org/live-team/live-build/-/merge_requests/306,https://salsa.debian.org/live-team/live-build/-/merge_requests/305, #1023472

[10] https://salsa.debian.org/live-team/live-build/-/merge_requests/304

Attachment: OpenPGP_signature
Description: OpenPGP digital signature

Reply to:

Follow-Ups:
- Re: Irregular status update about reproducible live-build ISO images
  - From: "David A. Wheeler" <dwheeler@dwheeler.com>

Prev by Date: Bug#1037295: live-config: starting Calamares installer requires a password (which is 'live')
Next by Date: Solved: Booting without waiting for <RETURN> With UEFI boot?
Previous by thread: Processed: Bug#1037295 marked as pending in live-config
Next by thread: Re: Irregular status update about reproducible live-build ISO images
Index(es):
- Date
- Thread