Versions Compared

Old Version 95

changes.mady.by.user Evans Ye

Saved on

compared with

New Version 96

changes.mady.by.user Evans Ye

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Building binary packages is an easy feast now, thanks to well-oiled Bigtop CI Ideally, the build job to produce the package will be created during the release preparation and the vote. If not, you can copy and make adjustment to the release job just like this one Bigtop 1.1.0 Once the build is over you should have packages ready for signing.
  • Sign packages

    • On Debian systems create the signature for the top-level Release fil

      Code Block
      gpg -u <you key ID> -ab o Release.gpg Release


    • On RPM-bases distros create ~/.rpmmacors files (due to a bug, RPM can not use DSA keys longer than 1024 bytes, so you better use a buggy RSA for that)

      Code Block
      % cat > ~/.rpmmacros <<_EOF
%_signature gpg
%_gpg_name <you signing key ID>
_EOF

% rpmsign --resign [fedora,centos,opensuse,sles]/*/x86_64/**/**/*rpm
# recreate the repos
% for r in fedora centos opensuse sles; do pushd; cd $r; createrepo -v *; popd; done


    • Sign *.repo and *list files

      Code Block
      % gpg --sign -u <you key ID> -a [fedora,redhat,opensuse,sles]/*/x86_64/**/bigtop.[repo,list]


    • Sync signed packages to bigtop- repos.s3bigtop.amazonawsapache.com org (ask a previous release manager about the details and credentials). Be aware: just sync apt/ directory for *.deb distributions, otherwise you'll copy two versions of the packages.

    • Commit the repo files to the svn next to the X.Y.Z release sources (refer to the last release for the structure of the repos directory)

    • Add your signed armored GPG key to repos directory to ease the key import for the users

...