Open main menu

CDOT Wiki β

Winter 2011 SBR600 Weekly Schedule

Revision as of 13:06, 18 January 2011 by Chris Tyler (talk | contribs) (mock: Testing BuildRequires)
Important.png
Tentative Schedule - Winter 2011
Please note that the schedule here is tentative. Week-by-week details will be filled in as the course progresses. This content is also being refactored for easier navigation.

Previous semester: Fall 2010 SBR600 Weekly Schedule

Week 1 (Jan 10) - Introduction, Building from Source, and Creating RPM Packages

Tuesday

Welcome

  • About this course
  • Introductions

Intro to SBR600 - Software Build & Release

To Do

By Wednesday, January 12:

  1. Communication Lab
  2. Fedora Installation
  3. Build-from-Source Lab

Thursday

Using make

RPM Packages

  • Differences between managing RPMS and Installing from Source
    • RPMS provide a database of installed software
      • Let you determine what's installed
      • Automatic management of dependencies
      • Identify the origin of files
      • Permit easy update or removal
      • Enable you to verify installation (useful for spotting file corruption and intrusions)
  • Contents of an RPM Package

The RPM Database

Layout of a specfile

Creating Packages

Demo: Creating a Simple Package

  • Writing the specfile
  • Testing the specfile
    • Using rpmlint

Resources

To Do

By Monday, January 17:

  1. RPM-Writing Lab
  2. Send your SSH public key to your professor so he can create accounts for you on the CDOT Development Systems.

Week 2 (January 17) - Using Mock and Koji

Tuesday

Project Selection

This is a project-based course. These projects involve participation in an open-source community.

  • Projects are listed on the SBR600 Potential Projects page.
  • Select two or three projects that are of interest to you.
    • Do some initial research into what the project involves.
      • Find out who to talk to in the community (start with the initial contacts listed on the project description)
      • See what work has already been done related to that project. Check the Seneca wiki for work by previous SBR600 semesters, the upstream project's wiki and mailing list archives for information about the current state of the project, and the web for related information (similar projects being done by other groups).
      • Join the mailing lists and IRC channels of the upstream community.
    • Update the Winter 2011 SBR600 Participants table with your project information, according to the instructions at the top of that page.
  • Your professor will approve your project selection via the |participants page.
  • Link your project title on the |participants page to a page of the same name to create a project page. Copy the contents of the Sample Project page to your project page and fill in the details.

Over the next 2 weeks, finalize your project plans and get started on your project:

  • The project page must be filled in, including your 0.1, 0.2, and 0.3 targets.
    • Release 0.1: Proof of concept (e.g., a first draft of a package, a basic script, infrastructure set up on a test system) - Note that this must include the release of something, not just research, and must be done in consultation with the community.
    • Release 0.2: Initial working state - Whatever you are working on -- package, script, infrastructure configuration -- should be working, although it may not be feature-complete, fully deployed, or fully documented. Feedback from the community should be solicited. If there is a review process required to submit upstream, it should be started.
    • Release 0.3: Completed working state - The work is complete and documented. Any upstream review, whether formal or informal, has been completed, feedback has been incorporated into the project, and the work has been committed been
  • You must have a strategy in place for reaching your targets.

You will make a brief (3-5 minute) presentation of your project plans on Thursday, February 3.

ToDo

Thursday

mock: Testing BuildRequires

It's often difficult to get the BuildRequires in a spec file exactly right, because it's easy to overlook packages that are coincidentally installed on the machine. mock is a tool that uses the chroot system call to create a "cleanroom" environment for the build, so that any missing BuildRequires cause the build to fail.

The mock Group
To use mock, you must first add yourself to the mock group: usermod -G mock yourUserName

To build with mock:

mock -r fedora-13-x86_64 --rebuild foo*.src.rpm

The value fedora-13-x86_64 may be changed to any of the config files found in /etc/mock in order to test building based on the libraries and available packages for a specific architecture and Fedora release.

If errors are reported:

  1. Review the log files (see the mock output to determine the directory containing the log files) to see what dependencies are missing.
  2. Add these dependencies to the BuildRequires in your spec file.
  3. Rebuild your SRPM and repeat the mock test.

koji: Testing multiple architectures

koji is a client-server system which allows you to queue builds within the Fedora build farm. This permits you to test whether your package builds on several different architectures, which is especially useful when you don't otherwise have access to the machines of that architecture.

Koji Setup
Note that koji requires some setup, particularly for certificate-based authentication. See the UsingKoji page on the Fedora wiki for setup instructions.

To queue a build for all four Fedora-supported architectures (currently i386, x86_64, ppc, and ppc64):

koji build dist-f14 --scratch foo*.src.rpm

In this example, dist-f14 selects the package repository (similar to the -r option for mock, except that the build arch is not specified); --scratch specifies that this is a scratch build (the results are not kept or fed to Bodhi).

To perform a build that will be passed to Bodhi for distribution, substitute --rebuild for --scratch (do not do this until you have passed the package review and sponsor procedures).

ARM Build
You can queue an ARM build by substituting the arm-koji command for the koji command. Alternately, you can specify the server "arm.koji.fedoraproject.org" on the Koji command line (or in /etc/koji.conf).

Resources

ToDo

  • Test your RPM from last week with:
    • rpmlint
    • mock
    • koji
  • Blog about your experience.

Week 3 (January 24) - Solving Build Issues

Week 4 (January 31) - Repositories/Distributing

Signing RPM packages

An RPM signature, like the digital signature used on many other software-signing systems, is a private key encryption of a checksum. RPM uses the GPG libraries for signing.

  1. Create a GPG key: gpg --gen-key
  2. Add the e-mail address associated with your gpg key to the %_gpg_name macro in ~/.rpmmacros -- the line will look like this: %_gpg_name "e-mail-address
  3. Find (or make) some packages to put in your repository. Make sure that the epoch-version-release is higher than that of any package with the same name in the Fedora repositories.
  4. Sign those packages with: rpm --addsign packagefile

Creating a YUM repository

A yum repository is just a directory of packages and some metadata.

  1. Create a directory that can be served. The protocol used to serve that directory could be http, ftp, nfs, or something else (the files can be served by putting them on a DVD too!). For http, create the directory within /var/www/html
  2. Put your signed packages in that directory.
  3. Create the repository metadata for that directory: createrepo /name/of/directory

Notice that the repository metadata will be placed in a directory named repodata

Testing

  1. Create a new repository file in /etc/yum.repos.d by copying and modifying an existing file in that directory. Keep gpgcheck=1 but comment out the gpgkey file.
  2. Confirm that you cannot install from that repository using yum.
  3. Uncomment the gpgkey line, and point it to a new file within /etc/pki/rpm-gpg/
  4. Create that file by running (as your regular user): gpg --export --armour e-mail-address and saving the output
  5. Confirm that you can now install from your repository. You should be asked whether you wish to import the key for your repo.

Repository-release RPM

To make it easier for users to access your repository, create a RPM containing:

  1. Your repo file
  2. Your GPG key

Take a look at the RPMFusion release RPM for an example.

ToDo

Project

  1. Make sure your entry in the Fall 2010 SBR600 Project Table is complete, and that your project plan on your project page is filled in (including 0.1, 0.2, and 0.3 targets).

Lab

  1. Create an RPM package that will install your repository configuration file and the key.
  2. Test it.
  3. Blog about this lab, and include a link to your repository RPM package.

Week 5 (February 7) - Repositories/Distributing

Weeks 6 - 13

  • Project work


Exam Week