SAC software procedures

Software release procedure for Grid Security Middleware

The [[Site Access Control][grid security middleware components developed at Nikhef] are released as source tarballs, which form the basis of further packaging and distribution methods such as RPM (Red Hat) and DEB (Debian).

The main source repository for these components is https://ndpfsvn.nikhef.nl/cgi-bin/viewvc.cgi/mwsec/, which can be used with SVN in the following ways:

SVN with SSH public key authentication (NB. username is always svn):

svn+ssh://svn@ndpfsvn.nikhef.nl/repos/mwsec/

SVN with https access:

https://ndpfsvn.nikhef.nl/repos/mwsec/

SVN with http access:

http://ndpfsvn.nikhef.nl/ro/mwsec/

The released software tarballs should be placed on http://software.nikhef.nl/security. The exact procedure is as follows:

1. Create a tag in SVN under .../mwsec/tags/<component>/<version>/
2. Do a clean build from the software from the freshly checked out tag on a Red Hat 5 (compatible) system, by running ./bootstrap. This is required to have consistency in the versions of the autotools that are used in the distributed software.
3. Do a 'make dist' to generate a release tarball
4. copy the tarball to software.nikhef.nl:/project/srv/www/site/software/html/security/<component>/release-candidate/
5. generate a SHA1 checksum of the tarball and place it in a file with the same name but with the .sha1 extension. Record the checksum in an e-mail to <grid-mw-security@nikhef.nl>,
6. verify that this tarball can be used for packaging, and that the packaged software works.
7. After sufficient certification, release the software by moving it to to the parent directory, and have the release manager sign the tarball with GPG.