Difference between revisions of "User:Dennisvd@nikhef.nl/SoftwareOverview"

• the software is maintained in a Subversion repository.
  • Access to SVN is configured in the central LDAP database.
• The software packages loosely follow the GNU coding standards, and use automake/autoconf.

• Before tagging, go through the mandatory checklist:
  • Update configure.ac with the right version
  • make distcheck
  • Update the files BUGS, INSTALL, NEWS, README
  • svn update ; svn log -v > ChangeLog
  • commit to SVN
• Prior to preparing a release, the software should be tagged.

Releasing the tarball requires interaction with several testbed machines. Make good use of the fact that they share the home directories.

• svn export svn+ssh://svn@ndpfsvn.nikhef.nl/repos/mwsec/tags/component/tag component_tag
• Run bootstrap on fc17.testbed, to use the newest possible automake/autoconf
• Run 'make dist' on mwsecbuild.testbed; this machine has all the required dependencies for a build

• make a tarball
• record the sha1 and sha256 checksums
• upload to software.nikhef.nl
• write a signed e-mail with the name of the tarball and the checksums

• SPEC files are maintained in SVN
  • Update the changelog
• The local koji instance automatically triggers builds on committing a SPEC file to a tag
  • a SVN commit hook on sikkel.nikhef.nl will start the build
  • Koji has a central hub, koji-hub.testbed that may be visited locally through a proxy or externally through another.
  • There are two builders, koji-builder.testbed and koji-boulder.testbed that run all the builds.
  • There are nightly builds for all components based on the latest SVN revision.

Generating RPM packages

• update the SPEC file,
• Starting the Koji build by creating a new tag for the SPEC file,

To do Debian packaging you need to set up a work environment with the right toolchain. This can be on a local Debian machine, such as a Virtual machine, or through a testbed machine such as debian.testbed.

• The debian directories are maintained separately from their components in SVN. svn-buildpackage will merge the directory with the source tarball.
• The central build machine for Debian is ref-debian6-64.testbed. It has a cowbuilder configuration to build for various Debian-style distributions.

See SAC_Debian_packaging.

Generating Debian packages

• check out the component directory
• download the original tarball
• generate an initial source package for the UNRELEASED distribution
• prepare all required backports
• start cowpoke for each backport

The built packages are collected in repositories for automated download and installation. Besides the local Nikhef repository, the packages are integrated downstream by middleware projects such as

• EMI,
• IGE,
• UMD and
• OSG.

A subset of the packages is submitted for integration in mainline distributions such as

• Fedora,
• EPEL,
• Debian and
• Ubuntu

Packages and repositories are GPG signed where possible.

• write Release notes and announce on the announce mailing list.

The koji builds that are ready for release are tagged, so they can be automatically picked up by mash. The signing system sigul.testbed is set up to sign all the RPMs belonging to a release tag.

• tag a build either testing or release
• move a package from testing to release
• sigulsign_mwsec.py the tag
• write out the signed RPMs
• update the mash repository
• sync to software.nikhef.nl

The Debian packages are already signed by the packager. The packages are delivered to the reprepro repository on ref-debian6-64.testbed. This repository is signed with an automatic signing key.

• dput the .changes files to the right distribution
• sync to software.nikhef.nl