We have successfully created an independent, bit-by-bit-identical rebuild of the nixos-minimal ISO published by Hydra 🎉 Why is this useful? While there are a number of ‘side-benefits’, the main point of Reproducible Builds is that it gives us a reliable way to verify the binaries we ship are faithful to their sources, and have not been tampered with anywhere in the build pipeline (e.g. on Hydra). For general information on Reproducible Builds see: What exactly was reproduced? This me...
This means we’re one step closer to getting automated image building and testing for official flavours of NixOS. It’s a nice thing to have, but GODDAMN that’s a lot of work, and the build servers? Needed 65GB of storage just to build a minimal image. Can’t imagine what the entire GNOME stack would entail, even if it fetches from a binary cache.