Date: Thu, 19 Dec 2024 09:37:13 -0800 From: Ravi Pokala <rpokala@freebsd.org> To: John Baldwin <jhb@FreeBSD.org>, Gleb Smirnoff <glebius@freebsd.org>, Ed Maste <emaste@freebsd.org> Cc: <src-committers@freebsd.org>, <dev-commits-src-all@freebsd.org>, <dev-commits-src-main@freebsd.org> Subject: Re: a1097094c4c5 - main - newvers: Set explicit git revision length Message-ID: <58382B1B-DE05-4C46-997E-175F74B5A018@panasas.com> In-Reply-To: <9afbf270-0cc0-4fd0-8975-6b88aadd3903@FreeBSD.org> References: <202412131306.4BDD6bxu011253@gitrepo.freebsd.org> <e827f951-e747-45d6-b4d8-a74a18734bae@FreeBSD.org> <CAPyFy2BC3Nn%2B7t3kNqhpjUJbdFG3SV4EErs0xS9kR0ufOiQ3XA@mail.gmail.com> <e9cf66e6-e43a-4ee4-a622-b1c5e0c1aa75@FreeBSD.org> <CAPyFy2CxNkcA93P-3q-WSNiCXv4DxaBx6YP1p1s=VAhOaaKGMw@mail.gmail.com> <Z2MChH8931gQACQ7@cell.glebi.us> <9afbf270-0cc0-4fd0-8975-6b88aadd3903@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
It occurred to me to see what Linux distros do. I spot-checked several dist= ros that we have in our lab (several versions of Debian, RHEL, Rocky, SLES, = OpenSuSE, Ubuntu), and it looks like only SLES and OpenSuSE embed a Git hash= in their 'uname -a' output. For both those distros, it uses just seven char= acters. -Ravi (rpokala@) =EF=BB=BF-----Original Message----- From: <owner-src-committers@freebsd.org <mailto:owner-src-committers@freebs= d.org>> on behalf of John Baldwin <jhb@FreeBSD.org <mailto:jhb@FreeBSD.org>> Date: Thursday, December 19, 2024 at 07:03 To: Gleb Smirnoff <glebius@freebsd.org <mailto:glebius@freebsd.org>>, Ed Ma= ste <emaste@freebsd.org <mailto:emaste@freebsd.org>> Cc: <src-committers@freebsd.org <mailto:src-committers@freebsd.org>>, <dev-= commits-src-all@freebsd.org <mailto:dev-commits-src-all@freebsd.org>>, <dev-= commits-src-main@freebsd.org <mailto:dev-commits-src-main@freebsd.org>> Subject: Re: git: a1097094c4c5 - main - newvers: Set explicit git revision = length On 12/18/24 12:12, Gleb Smirnoff wrote: > On Wed, Dec 18, 2024 at 10:22:24AM -0500, Ed Maste wrote: > E> That said, it doesn't matter what Git's algorithm chooses as the short > E> hash length; specifying --short bypasses that algorithm. `git > E> rev-parse --verify --short=3D12 HEAD` will give us a 12-character short > E> hash as long as that hash is unique. The reproducibility concern is > E> thus: what is the probability that the 12-character short hash is > E> unique at the time and in a repo from which an image is built, but is > E> not unique for the attempt to reproduce it, or vice-versa. This > E> probability is rather small. > E> > E> If you look at arbitrary commits 6 or 7 characters are usually > E> sufficient for a unique hash today. For instance, some latest -pX from > E> recent releng/ branches: > E> > E> 13.3: 72aa3d > E> 13.4: 3f40d5 > E> 14.0: f10e32 > E> 14.1: 74b6c98 > E> 14.2: c8918d6 > E> > E> The status quo of --short=3D12 should be fine for quite some time. >=20 > AFAIU John's concern is that you can't guarantee a reproducible build fro= m a > "dirty" repository. A repository that has more branches than just the off= icial > ones. I just make a quick check on Netflix repo, that has both the curren= t > FreeBSD history and the before-the-official-git history together, as well= as > splitted ports subdirectories and of course our own stuff. For short hash= es > there are roughly 2x more ambiguities than for a "clean" repo. Apparently > chance of collision on a long hash is also doubled. >=20 > We can of course say that we don't provide reproducible builds from a "di= rty" > repo. But would be a real limitation. That would cancel a legitimate > scenario: >=20 > git subtree add FreeBSD && cd FreeBSD && make a reproducible build In particular, the dirty repository scenario I imagine is FreeBSD's officia= l repository at some point in the future. A question though is how far in the future would it have to be to matter. If we would need 100+ years at our current commit rate to matter, then this is probably moot. The other point I guess is that how many other user git settings can affect the build? Shou= ld we not require an empty global git config as a prereq for someone who wants= a reproducible build (and use the same setup for our official builds) and say that if you adjust your user config to impact the build that's kind of your problem? --=20 John Baldwin
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?58382B1B-DE05-4C46-997E-175F74B5A018>