Andrew Leonard
Andrew Leonard
Verify that: num_in_keystore=$("$KEYTOOL" -v -list -storepass changeit -keystore jdk/lib/security/cacerts | grep -c "Alias name:") matches the number of unique Certificates listed by security/mk-ca-bundle.pl
A reproducible build investigation task to determine the what the complete input bill of materials are for building just a single native library. For this task I suggest using a...
https://ci.adoptopenjdk.net/job/build-scripts/job/jobs/job/jdk17u/job/jdk17u-windows-x64-temurin/95/consoleFull ``` 17:03:46 * Boot JDK: openjdk version "16.0.2" 2021-07-20 OpenJDK Runtime Environment Temurin-16.0.2+7 (build 16.0.2+7) OpenJDK 64-Bit Server VM Temurin-16.0.2+7 (build 16.0.2+7, mixed mode, sharing) (at /cygdrive/e/jenkins/tmp/jdk-16) ``` ==>...
Currently it is not easy or possible to build a pipeline using a specific SHA commit level of temurin-build and ci-jenkins-pipelines. For reproducible builds and also the ability to continue...
- Test reproducible builds for Windows x64/x32 jdk-19 via Jenkins - Ensure reproducible across multiple nodes and build directories
Looking at published nightly build: https://github.com/adoptium/temurin18-binaries/releases/tag/jdk18u-2022-06-30-09-20-beta The binaries should all be renamed to the same build publish timestamp, matching the release tag name, so for this build: Tag: jdk18u-2022-06-30-09-20-beta Timestamp...
Temurin builds are now producing SBOM artifacts, eg. https://github.com/adoptium/temurin18-binaries/releases/download/jdk18u-2022-06-30-09-20-beta/OpenJDK18U-sbom_x64_linux_hotspot_2022-06-29-23-30.json These are based upon the CycloneDX schema : https://cyclonedx.org/capabilities/ This issue is to discuss the future format and content.
In order for full reproducible builds we need to determine and store the full set of source, dependency and tooling inputs that determine a reproducible build. This epic will provide...
https://ci.adoptopenjdk.net/job/build-scripts/job/jobs/job/jdk/job/jdk-alpine-linux-x64-temurin_SmokeTests/
The current SBOM is based upon the existing metadata file, and is missing some basic information and tooling information. We also need to perform analysis to make it better encompass...