Difference between revisions of "User:Dennisvd@nikhef.nl/SoftwareOverview"
Line 69: | Line 69: | ||
! scope="row" rowspan=5| Distribution | ! scope="row" rowspan=5| Distribution | ||
| | | | ||
− | + | The built packages are collected in repositories for automated download and installation. Besides the local Nikhef repository, | |
− | * EMI, IGE, UMD and | + | the packages are integrated downstream by middleware projects such as |
− | * Fedora, EPEL, Debian | + | * EMI, |
+ | * IGE, | ||
+ | * UMD and | ||
+ | * OSG. | ||
+ | A subset of the packages is submitted for integration in mainline distributions such as | ||
+ | * Fedora, | ||
+ | * EPEL, | ||
+ | * Debian and | ||
+ | * Ubuntu | ||
+ | Packages and repositories are GPG signed where possible. | ||
| | | | ||
− | + | signed repositories, dput | |
* write Release notes and announce on [https://mailman.nikhef.nl/mailman/listinfo/grid-mw-security-announce the announce mailing list]. | * write Release notes and announce on [https://mailman.nikhef.nl/mailman/listinfo/grid-mw-security-announce the announce mailing list]. | ||
|- | |- | ||
! colspan=2| RPM | ! colspan=2| RPM | ||
|- | |- | ||
− | | | + | | |
− | | | + | The koji builds that are ready for release are tagged, so they can be automatically picked up by mash. |
+ | The signing system '''sigul.testbed''' is set up to sign all the RPMs belonging to a release tag. | ||
+ | | | ||
+ | * tag a build either ''testing'' or ''release'' | ||
+ | * move a package from ''testing'' to ''release'' | ||
+ | * sigulsign_mwsec.py the tag | ||
+ | * write out the signed RPMs | ||
+ | * update the mash repository | ||
+ | * sync to '''software.nikhef.nl''' | ||
|- | |- | ||
! colspan=2| Debian | ! colspan=2| Debian | ||
|- | |- | ||
− | | | + | | |
− | | | + | The Debian packages are already signed by the packager. The packages are delivered to the reprepro repository on ref-debian6-64.testbed. This repository is signed with an automatic signing key. |
+ | | | ||
+ | * dput the .changes files to the right distribution | ||
+ | * sync to '''software.nikhef.nl''' | ||
|} | |} |
Revision as of 23:28, 17 January 2013
Cheat Sheet
The following table gives an overview of the workflow and procedures involving development and delivery of our software.
resources | procedures | |
---|---|---|
Source |
|
|
Release |
Releasing the tarball requires interaction with several testbed machines. Make good use of the fact that they share the home directories.
|
|
Packaging | RPM | |
|
||
Debian | ||
To do Debian packaging you need to set up a work environment with the right toolchain. This can be on a local Debian machine, such as a Virtual machine, or through a testbed machine such as debian.testbed.
See SAC_Debian_packaging. |
| |
Distribution |
The built packages are collected in repositories for automated download and installation. Besides the local Nikhef repository, the packages are integrated downstream by middleware projects such as
A subset of the packages is submitted for integration in mainline distributions such as
Packages and repositories are GPG signed where possible. |
signed repositories, dput
|
RPM | ||
The koji builds that are ready for release are tagged, so they can be automatically picked up by mash. The signing system sigul.testbed is set up to sign all the RPMs belonging to a release tag. |
| |
Debian | ||
The Debian packages are already signed by the packager. The packages are delivered to the reprepro repository on ref-debian6-64.testbed. This repository is signed with an automatic signing key. |
|