Opened 5 months ago
Closed 5 months ago
#36461 closed Cleanup/optimization (duplicate)
Sort keys in staticfiles.json to support reproducible builds
| Reported by: | Matthew Stell | Owned by: | |
|---|---|---|---|
| Component: | contrib.staticfiles | Version: | 5.1 |
| Severity: | Normal | Keywords: | |
| Cc: | Triage Stage: | Unreviewed | |
| Has patch: | no | Needs documentation: | no |
| Needs tests: | no | Patch needs improvement: | no |
| Easy pickings: | yes | UI/UX: | no |
Description
I am attempting to implement a build process whereby all my docker builds are reproducible.
I am running the collectstatic management command (using the ManifestStaticFilesStorage backend) as the final step of the Dockerfile, however the ordering of the key-value pairs in the staticfiles.json are not consistent across builds.
I propose that the keys in the staticfiles.json "paths" section are sorted alphabetically to ensure that the staticfiles.json file generated for a given set of static files is always consistent.
I do not believe that this will introduce a breaking change.
I am happy to submit a PR to implement this if accepted.
Here is the relevant code block:
https://github.com/django/django/blob/1ba5fe19ca221663e6a1e9391dbe726bb2baaf8a/django/contrib/staticfiles/storage.py#L498
def save_manifest(self):
self.manifest_hash = self.file_hash(
None, ContentFile(json.dumps(sorted(self.hashed_files.items())).encode())
)
payload = {
"paths": self.hashed_files,
"version": self.manifest_version,
"hash": self.manifest_hash,
}
if self.manifest_storage.exists(self.manifest_name):
self.manifest_storage.delete(self.manifest_name)
contents = json.dumps(payload).encode()
self.manifest_storage._save(self.manifest_name, ContentFile(contents))
Thank you for the ticket, this is a duplicate of #35846. To progress this we need a way to reproduce so that we can later confirm the behavior is fixed