If I build a snap with Snapcraft on one computer and then build the snap again on another computer with the same
snapcraft.yaml file should I get identical (same md5 or sha hash)
I mostly wanted to know in the case of building with the core18 base, but I would also be interested to know how to make a Snapcraft build deterministic.
The simple answer is not, snapcraft today is not setup for reproduceable builds, there are many factors for this, these come to mind without further thought:
- use of
stage-packages which have the
<release>-updates pockets enabled so if there is an update in between builds you will see a different result if any package from those lists changes.
- file timestamps are not in sync between different environments.
Builds however are always executed in the same prescribed order and a
manifest.yaml can be made part of the snap (default on build.snapcraft.io) to compare what made it into the package. From plugins that allow it, and
build-packages, you can request specific versions and get a build failure if those items cannot be satisfied, but you will need to crawl the dependency chain a close approximation.