SAC software procedures

From PDP/Grid Wiki
Jump to navigationJump to search

Software release procedure for Grid Security Middleware

The grid security middleware components developed at Nikhef are released as source tarballs, which form the basis of further packaging and distribution methods such as RPM (Red Hat) and DEB (Debian).

The main source repository for these components is https://ndpfsvn.nikhef.nl/cgi-bin/viewvc.cgi/mwsec/, which can be used with SVN in the following ways:

SVN with SSH public key authentication (NB. username is always svn):

svn+ssh://svn@ndpfsvn.nikhef.nl/repos/mwsec/

SVN with https access:

https://ndpfsvn.nikhef.nl/repos/mwsec/

SVN with http access:

http://ndpfsvn.nikhef.nl/ro/mwsec/

The released software tarballs should be placed on http://software.nikhef.nl/security. The exact procedure is as follows:

  1. Create a tag in SVN under .../mwsec/tags/<component>/<version>/
  2. Do a clean build from the software from the freshly checked out tag on a Red Hat 5 (compatible) system, by running ./bootstrap. This is required to have consistency in the versions of the autotools that are used in the distributed software.
  3. Do a 'make dist' to generate a release tarball
  4. copy the tarball to software.nikhef.nl:/project/srv/www/site/software/html/security/<component>/release-candidate/
  5. generate a SHA1 checksum of the tarball and place it in a file with the same name but with the .sha1 extension. Record the checksum in an e-mail to <grid-mw-security@nikhef.nl>,
  6. verify that this tarball can be used for packaging, and that the packaged software works.
  7. After sufficient certification, release the software by moving it to to the parent directory, and have the release manager sign the tarball with GPG.

Creating a tag in Grid Security Middleware

We take the example for glexec, but this will be a valid set of sets for any component:

Go to the trunk, and make sure it's up to date:

# For glexec:
cd mwsec/trunk
svn update
cd ..

Check out the tags directory for the component exclusively:

svn co --depth=empty svn+ssh://svn@ndpfsvn.nikhef.nl/repos/mwsec/tags
cd tags
svn co --depth=immediates svn+ssh://svn@ndpfsvn.nikhef.nl/repos/mwsec/tags/glexec
cd glexec

Copy the HEAD from trunk into the tag directory, the directory name is only named by it's version:

svn copy ../../trunk/glexec 0_8_2
cd 0_8_2

Make a list of the used SVN externals: Resolve the externals as local files for each tag:

svn propget svn:externals > my_externals.txt

Make a list of the files associated to each external and remove the externals in the current SVN directory:

svn propdel svn:externals

For each entry in the my_externals.txt file and each file associated to them do something like:

rm -rf m4
rm -rf src/{safefile-1.0,environ,realpath,fileutil}
svn copy --parents ../../../trunk/m4/lcmaps.m4 m4/lcmaps.m4
svn copy ../../../trunk/cgul/{safefile-1.0,environ,realpath,fileutil} src/
rm my_externals.txt
cd ..

Commit!

svn commit