build: additional checks for source tree

[jkloetzke]

Re-hash the src workspace after the build step to detect inadvertent changes. Only useful when building outside of a sandbox. Should probably only be done in release mode and Jenkins builds by default.

[rhubert]

Maybe it's also useful to rehash the dist workspace of dependencies. I had a bad gpr file of a ADA-Library resulting in a rebuild of that library in it's dist when the lib was used by another component. 😢 🙈

[DevelAngel]

@rhubert If the dist has not the same hash anymore, bob should throw an error in my humble opinion because it leads to unexpected builds in the case the dependency is used more than once.

Shortly, I prepared test data in a package for test runs and I used the dist path directly. But I noticed that the test would change those test files.. (Now, I made a copy of it when I execute the tests.)

What would happen if a second test is using the dist folder?!

Rerunning the packageScript for each use of a dependency is maybe a solution without errors but it would slow down the overall build time. I would be confused if the package step runs more than once but I am unsure how easy it is to detect that misbehavior.

[jkloetzke]

My idea was to make this an optional check and fail the build if changes to the dependency workspaces are detected. The initial idea was to check just src workspaces but given your input we should check all dependencies. These are all mounted read-only anyway when using a sandbox. It is simply not allowed to change dependency workspaces and there is no reasonable way to allow that.

I would only enable the check in "bob build" mode by default. For "bob dev" it should be a user choice to enable it. And when we have a sandbox the check is superfluous anyway because these workspaces are all read-only for the script...