Winter 2012 SBR600 Weekly Schedule
Previous semester: Fall 2011 SBR600 Weekly Schedule
Week 1 (Jan 10) - Introduction
Tuesday
Welcome
- About this course
- Introductions
Intro to SBR600 - Software Build & Release
- Brief overview of the Build & Release process
- Introduction to the Fedora Project
- Fedora Project
- Fedora ARM Secondary Architecture project at Seneca and at the Fedora Project
- Course Layout
- Project-based course
- Working with Open Source
- Working with the Fedora Project
- Course Outline
- How this Course Works
- SBR600 Communication Tools
- How coursework is submitted in SBR600
To Do
By Tuesday, January 17:
Week 2 (Jan 17) - RPM Packaging, Mock, and Koji
Tuesday
Using make
Building from Source
- Obtaining source code
- Configuring the build
- Performing the build
- Testing the build
- Installing the built software
RPM Packages
- Differences between managing RPMS and Installing from Source
- RPMS provide a database of installed software
- Let you determine what's installed
- Automatic management of dependencies
- Identify the origin of files
- Permit easy update or removal
- Enable you to verify installation (useful for spotting file corruption and intrusions)
- RPMS provide a database of installed software
- Contents of an RPM Package
The RPM Database
Creating an RPM Package
Resources
- Two simple makefile examples
- Fedora Package Maintainers page
- Fedora Linux chapter 5 (see Seneca Library website > eBooks > View All > Safari > Fedora Linux).
- rpmlint
To Do
By Thursday, January 19:
- Build-from-Source Lab
- RPM-Writing Lab
- Send your SSH public key to your professor so he can create accounts for you on the CDOT Development Systems.
Thursday
Mock: Testing BuildRequires
It's often difficult to get the BuildRequires in a spec file exactly right, because it's easy to overlook packages that are coincidentally installed on the machine. Mock is used to test that the BuildRequires for a package are complete and accurate, by creating a bare-bones chroot environment containing only the basic build packages plus any packages indicated by BuildRequires lines in the spec file.
Koji: Testing on Multiple Architectures
Most developers and packagers have access to only a small number of system architectures (for example, a developer might have access to 64-bit AMD/Intel, but not have access to 32-bit AMD/Intel, s390 mainframe, PowerPC, or ARM systems). The Koji build system provides a mechanism for building a package in mock on one or more remote systems.
To Do
By Tuesday, January 24:
Week 3 (Jan 24) - The Fedora Build System
Tuesday
Guest Lecturer: Dennis Gilmore, Fedora Release Engineer, Red Hat, Inc.
Dennis is Fedora's release engineer. He will be visiting Seneca Centre for Development of Open Technology (CDOT) this week and has agreed to give a guest lecture on Tuesday.
The Fedora Build System
How Koji Works
Thursday
- Work on packages
Week 4 (Jan 31)
Tuesday/Thursday
Project Selection
This is a project-based course. These projects involve participation in an open-source community.
- Projects are listed on the SBR600 Potential Projects page.
- Select two or three projects that are of interest to you.
- Do some initial research into what the project involves.
- Find out who to talk to in the community (start with the initial contacts listed on the project description)
- See what work has already been done related to that project. Check the Seneca wiki for work by previous SBR600 semesters, the upstream project's wiki and mailing list archives for information about the current state of the project, and the web for related information (similar projects being done by other groups).
- Join the mailing lists and IRC channels of the upstream community.
- Update the Winter 2012 SBR600 Participants table with your project information, according to the instructions at the top of that page.
- Do some initial research into what the project involves.
- On Thursday we'll sort out project conflicts.
- Your professor will approve your project selection via the participants page.
- Link your project title on the participants page to a page of the same name to create a project page. Copy the contents of the Sample Project page to your project page and fill in the details.
Over the next 2 weeks, finalize your project plans and get started on your project:
- The project page must be filled in, including your 0.1, 0.2, and 0.3 targets.
- Release 0.1: Proof of concept (e.g., a first draft of a package, a basic script, infrastructure set up on a test system) - Note that this must include the release of something, not just research, and must be done in consultation with the community.
- Release 0.2: Initial working state - Whatever you are working on -- package, script, infrastructure configuration -- should be working, although it may not be feature-complete, fully deployed, or fully documented. Feedback from the community should be solicited. If there is a review process required to submit upstream, it should be started.
- Release 0.3: Completed working state - The work is complete and documented. Any upstream review, whether formal or informal, has been completed, feedback has been incorporated into the project, and the work has been committed been
- You must have a strategy in place for reaching your targets.
You will make a brief (3-5 minute) presentation of your project plans on Thursday, February 9.
Week 5 (Feb 7)
Tuesday
Signing RPM packages
An RPM signature, like the digital signature used on many other software-signing systems, is a private key encryption of a checksum. RPM uses the GPG libraries for signing.
- Create a GPG key:
gpg --gen-key
- Add the e-mail address associated with your gpg key to the
%_gpg_name
macro in~/.rpmmacros
-- the line will look like this:%_gpg_name "e-mail-address"
- Find (or make) some packages to put in your repository. Make sure that the epoch-version-release is higher than that of any package with the same name in the Fedora repositories.
- Sign those packages with:
rpm --addsign packagefile
Creating a YUM repository
A yum repository is just a directory of packages and some metadata.
To create a yum repository:
- Create a directory that can be served. The protocol used to serve that directory could be http, ftp, nfs, or something else (the files can be served by putting them on a DVD too!). For http, create the directory within
/var/www/html
- Put your signed packages in that directory.
- Create the repository metadata for that directory:
createrepo /name/of/directory
(typically:createrepo .
)
Notice that the repository metadata will be placed in a subdirectory named repodata
Testing
- Create a new repository file in
/etc/yum.repos.d
by copying and modifying an existing file in that directory. Keepgpgcheck=1
but comment out thegpgkey
file. - Confirm that you cannot install from that repository using yum.
- Uncomment the
gpgkey
line, and point it to a new file within/etc/pki/rpm-gpg/
- Create that file by running (as your regular user):
gpg --export --armour e-mail-address
and saving the output to the new filename (note: you'll need to be your regular user to perform the export, but the root user to install the file). - Confirm that you can now install from your repository. You should be asked whether you wish to import the key for your repo the first time you use a package from that repo.
Creating a Repository-release RPM
To make it easier for users to access your repository, create a RPM containing:
- Your repo file
- Your GPG key
You can link to this repository-release RPM from a web page, and users can install access to your repository by simply clicking on that link. You can also include this package in a Spin or Remix. If you ever need to move your repository's location or make other adjustments, you can provide an updated repository-release package which will be installed when your users perform a yum update
.
Take a look at the RPMFusion release RPM for an example.
ToDo
Lab
- Create a signed repository containing your RPM package.
- Create an RPM package that will install your repository configuration file and the key (repository-release package).
- Test it.
- Blog about this lab, and include a link to your repository-release package and the repository URL.
Thursday
Project Plan Presentations (0.0)
- Project pages are due. Link from the Projects column of the Winter 2012 SBR600 Participants table to a page for your project; use the Sample Project template for your project page, and fill in as much detail as possible.
- Be prepared to give a professional, detailed, but very brief (2- to 4-minute) presentation on your project plan. Include:
- Your approach to the problem.
- Contacts and resources you've identified.
- Your plans for each release. Note that at each release you will be expected to actually release something -- an RPM, a script, test results -- as appropriate to your project. Identify what you are intending to release at each stage:
- 0.1 Release - proof of concept
- 0.2 Release - initial functionality
- 0.3 Release - tested and usable
- Challenges and potential pitfalls that you have identified, and your approach to mitigating those challenges so that you can complete your project on time regardless of things beyond your control.
- Time for a brief Q&A/Feedback session at the end.
Week 6 (Feb 14
Tuesday
Using GIT
Resources:
Thursday
To Do
GIT Lab
- Clone the repository at ssh://sbr600@scotland.proximity.on.ca/~/certs/
- Add your cert using the instructions in the readme.txt file.
- Blog about your experience.