Creating a Reproducible Build System for Docker Images



Currently the defacto standard for teams following a DevOps working model to deliver containerized applications is Docker. Docker provides many advantages and new workflows but it also introduces many new challenges. One of those challenges is providing a build environment that is Reproducible, Auditable, and Definable. This effectively means that we may reproduce the same output given the same set of inputs and we know what those inputs are, we can audit the build pipeline in order to verify our content, and the content is well defined such that it is predictable. In this session we will discuss an open source build system that delivers on these criteria. We will also explore a real world example of it in use by the Fedora Project which is using it to deliver Docker Images as a first class citizen right along side RPMs under the Fedora.Next initiative.