This new classic is making the rounds on HN again: https://www.vitavonni.de/blog/201503/2015031201-the-sad-state-of-sysadmin-in-the-age-of-containers.html
The article is centered around the observation that no one knows how to build Hadoop from source. One comment says that reproducible builds exist now and that Nix provides a reproducible Hadoop package.
There's a problem, however. Contrary to what many think, Nix isn't particular rigorous about build reproducibility. Their Hadoop package just patches pre-built binaries from the Apache project!
https://github.com/NixOS/nixpkgs/blob/master/pkgs/applications/networking/cluster/hadoop/default.nix
@dthompson
I'm not sure what you mean here. Patching a binary extracted from a sha256 identified tarball seems as reproducible as you can get (for a pre-built binary).
Sure it's not from source, but it is entirely reproducible. Now... I wouldn't call that a build 😋
@nixy it doesn't satisfy the definition of a reproducible build: https://reproducible-builds.org/docs/definition/
"A build is reproducible if given the same source code, build environment and build instructions, any party can recreate bit-by-bit identical copies of all specified artifacts."
so, starting from a binary doesn't count as a reproducible build.