Reproducible/Deterministic Builds

Best practices, code snippets for common functionality, examples, and guidelines.
brodrigues
Posts: 4
Joined: Tue May 11, 2021 9:56 am

Reproducible/Deterministic Builds

Post by brodrigues » Thu May 20, 2021 11:23 am

Hello everyone.

My company has an interest in making sure that compiling the same source code multiple times, yields always the same result byte for byte. Is this possible using Ranorex?

I tried doing this by adding the property

Code: Select all

<Deterministic>true</Deterministic>
to my csproj file, but to no avail. Examining the SHA1 checksum of several compiled files, has different results between compilations.

Jacob
Certified Professional
Certified Professional
Posts: 120
Joined: Mon Mar 22, 2021 10:01 pm

Re: Reproducible/Deterministic Builds

Post by Jacob » Fri May 28, 2021 8:27 pm

Hi brodrigues,

My name is Jacob and I'm one of the engineers here at Ranorex. I didn't have an issue using the Deterministic flag in the .csproj file as below:
<Deterministic>true</Deterministic>
I did make sure to set the compiler from Debug to Release, though. I hope this helps!

--Jacob
Image

brodrigues
Posts: 4
Joined: Tue May 11, 2021 9:56 am

Re: Reproducible/Deterministic Builds

Post by brodrigues » Fri Jun 25, 2021 1:53 pm

Still I had no success.

I am using these lines to compile my code in a Jenkins pipeline
%WINDIR%\\Microsoft.NET\\Framework\\v4.0.30319\\MSBuild.exe Ranorex-Project\\Project.sln /t:Clean
%WINDIR%\\Microsoft.NET\\Framework\\v4.0.30319\\MSBuild.exe /p:Deterministic=True /p:Configuration=Release Ranorex-Project\\Project.sln

The only way for me to get the same sha1 for the compiled executables is if I skip the Project Clean. Which results in the compiler skipping the compilation and leaving the previously compiled executables unchanged.

For a time, I thought that the file's creation time might have been influencing this. I developed a powershell script to set every file in the project folder to the same creation/modification date. Still, the compiled executables had a different sha1.

I have been using the sha1sum command to test the sha1 values.