ci-reproducibility #2073

Workflow file for this run

.github/workflows/ci-reproducibility.yml at 8444b42

	# NOTE: This name appears in GitHub's Checks API and in workflow's status badge.
	name: ci-reproducibility

	# Trigger the workflow when:
	on:
	push:
	branches:
	- main
	- stable/*
	# Or when a pull request event occurs for a pull request against one of the
	# matched branches and at least one modified file matches the configured paths.
	pull_request:
	branches:
	- main
	- stable/*
	paths:
	- .github/actions/**
	# Besides pushes on the branches above, also check every day at 00:00 UTC.
	schedule:
	- cron: "0 0 * * *"

	# Cancel in-progress jobs on same branch.
	concurrency:
	group: ${{ github.workflow }}-${{ github.ref }}
	cancel-in-progress: true

	jobs:

	check-reproducible-build:
	# NOTE: This name appears in GitHub's Checks API.
	name: check-reproducibility
	runs-on: ubuntu-latest
	steps:
	- name: Checkout code
	uses: actions/checkout@v4

	- name: Determine tag name
	id: determine-tag
	uses: ./.github/actions/determine-tag
	with:
	use_base_for_pr: yes

	- name: Build test binaries, 1.
	id: build-1
	uses: ./.github/actions/hash-rust
	with:
	binaries: test-runtime-simple-consensus,test-runtime-simple-keyvalue
	image: ghcr.io/oasisprotocol/runtime-builder:${{ steps.determine-tag.outputs.tag }}

	- name: Build test binaries, 2.
	id: build-2
	uses: ./.github/actions/hash-rust
	with:
	binaries: test-runtime-simple-consensus,test-runtime-simple-keyvalue
	image: ghcr.io/oasisprotocol/runtime-builder:${{ steps.determine-tag.outputs.tag }}

	- name: Check result is non-empty
	run: \|
	[ "${{ steps.build-1.outputs.hashes }}" != "" ]

	- name: Check binary equality
	run: \|
	[ "${{ steps.build-1.outputs.hashes }}" == "${{ steps.build-2.outputs.hashes }}" ]

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

ci-reproducibility #2073

Workflow file

ci-reproducibility #2073

Jobs

Run details

Workflow file for this run