ci: move towards fully reproduceable builds

[rjaegers]

Pull Request

Description of changes

This PR sets the environment variable SOURCE_DATE_EPOCH as documented here to enable better build reproducibility.

When docker/metadata-action#403 is implemented, the same variable should be used for the metadata as well.

Checklist

• I have followed the contribution guidelines for this repository
• I have added tests for new behavior, and have not broken any existing tests
• I have added or updated relevant documentation
• I have verified that all added components are accounted for in the SBOM

[github-actions]

🦙 MegaLinter status: ✅ SUCCESS

Descriptor	Linter	Files	Fixed	Errors	Elapsed time
✅ ACTION	actionlint	15		0	0.07s
✅ DOCKERFILE	hadolint	2		0	0.53s
✅ JSON	prettier	11	0	0	0.6s
✅ JSON	v8r	10		0	4.56s
✅ MARKDOWN	markdownlint	8	0	0	1.02s
✅ MARKDOWN	markdown-table-formatter	8	0	0	0.24s
✅ REPOSITORY	checkov	yes		no	16.37s
✅ REPOSITORY	gitleaks	yes		no	0.31s
✅ REPOSITORY	git_diff	yes		no	0.01s
✅ REPOSITORY	grype	yes		no	12.5s
✅ REPOSITORY	secretlint	yes		no	1.37s
✅ REPOSITORY	trivy	yes		no	8.63s
✅ REPOSITORY	trivy-sbom	yes		no	0.99s
✅ REPOSITORY	trufflehog	yes		no	3.58s
✅ SPELL	lychee	48		0	1.21s
✅ YAML	prettier	20	0	0	0.99s
✅ YAML	v8r	20		0	16.79s
✅ YAML	yamllint	20		0	0.41s

See detailed report in MegaLinter reports

MegaLinter is graciously provided by

[github-actions]

Compressed layer size comparison

Comparing ghcr.io/philips-software/amp-devcontainer-rust:latest to ghcr.io/philips-software/amp-devcontainer-rust@sha256:845d0d6561343e626c0c8d4234e2a97888a76591c88c53b04f513b078092a548

OS/Platform	Previous Size	Current Size	Delta
linux/amd64	432.86M	432.87M	17.34K (+0.00%)
linux/arm64	572.09M	572.11M	21.07K (+0.00%)

[github-actions]

Test Results

 2 files  ±0   2 suites  ±0   50s ⏱️ -1s
26 tests ±0  26 ✅ ±0  0 💤 ±0  0 ❌ ±0 
28 runs  ±0  28 ✅ ±0  0 💤 ±0  0 ❌ ±0 

Results for commit 2b09d13. ± Comparison against base commit 73613cc.

♻️ This comment has been updated with latest results.

[github-actions]

Compressed layer size comparison

Comparing ghcr.io/philips-software/amp-devcontainer-cpp:latest to ghcr.io/philips-software/amp-devcontainer-cpp@sha256:b742d8b2cac8b366b543d78261abef215cefd9ec475e93b93c0108a13e088481

OS/Platform	Previous Size	Current Size	Delta
linux/amd64	640.74M	640.77M	26.37K (+0.00%)
linux/arm64	633.10M	633.13M	22.62K (+0.00%)

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud

[rjaegers]

There is still this docker/metadata-action#403 that needs to be solved first.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

[github-actions]

Pull Request Report (#417)

Static measures

Description	Value
Number of added lines	5
Number of deleted lines	0
Number of changed files	1
Number of commits	6
Number of reviews	1
Number of comments (w/o review comments)	7
Number of reviews that contains a comment to resolve	0
Number of reviews that requested a change from the author	0
Number of reviews that approved the Pull Request	1
Get the total number of participants of a Pull Request	5

Time related measures

Description	Value
PR lead time (from creation to close of PR)	68.8 Days
Time that was spend on the branch before the PR was created	3.1 Min
Time that was spend on the branch before the PR was merged	68.8 Days
Time to merge after last review	46.9 Days

Status check related measures

Description	Value
Total runtime for last status check run (Workflow for PR)	13.1 Min
Total time spend in last status check run on PR	35.9 Min

[github-actions]

🎉 Hooray! The changes in this pull request went live with the release of v5.1.4 🎉