Lower the workload caused by reproducible builds Jenkins jobs
Originally created by @intrigeri on #12633 (Redmine)
Currently, when I push a commit to a base branch, 3 ISOs are built from the same commit:
- one ISO is built by the
build_Tails_ISO_$branch
job; - two ISOs are built by the
reproducibly_build_Tails_ISO_$branch
job and then compared.
We really need to build only 2 of these ISOs to get what we want, so there’s room for improvement wrt. our CI infrastructure latency and throughput => usefulness.
I suggest instead having any successful build_Tails_ISO_$branch
job
trigger another job, that would:
- get as input the ISO built by
build_Tails_ISO_$branch
(a checksum would be enough in the best case, but we really need that ISO to compare when they differ), and any relevant parameter e.g. the commit ID and base branch commit ID; - build a second ISO image (ideally with different build settings e.g. a time offset applied and a different CPU, but this is certainly not a blocker for this ticket)
- run diffoscope to compare these ISOs
- if these ISOs are the same, then delete all artifacts; otherwise, archive both ISO build artifacts + the diffoscope output
This looks very similar to what we already do for the test_Tails_ISO_*
jobs, so I expect it will be pretty cheap to implement.
And as a bonus, in most cases the 2 ISOs will be built on two different isobuilders, which increases the value of the reproducibility testing :)
Feature Branch: puppet-tails:feature/12633-lower-reproducible-builds-workload;jenkins-jobs:feature/12633-lower-reproducible-builds-workload
Parent Task: tails#5630 (closed)
Related issues
- Related to tails#13436 (closed)
- Related to #14924 (closed)
- Related to #14944 (closed)
- Related to tails#14946 (closed)
- Related to tails#14871
- Related to #14875 (closed)