Uploaded image for project: 'Bigtop'
  1. Bigtop
  2. BIGTOP-2736

Automate last mile of release process

    XMLWordPrintableJSON

    Details

    • Type: Improvement
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 1.2.0
    • Fix Version/s: backlog
    • Component/s: build
    • Labels:
      None

      Description

      As an RM for 1.2.0 I did a lot of it via automation (relevant tasks in release.gradle) but there also were quite a few things I had to do by hand. I'll dump my notes here and hopefully we can put those in automation for the next release:

      1. I had to sign RPM packages by:
        $ echo > ~/.rpmmacros <<__EOT__
        %_signature gpg
        %_gpg_path /ws/gnupg
        %_gpg_name 9475BD5D
        %_gpgbin /usr/bin/gpg
        __EOT__
        $ rpm --addsign `find . -name \*rpm`
        
      2. I had to sign the YUM and Zypper repos by (the last two steps were Zypper specific):
        $ for i in ./*/*/*/repodata/repomd.xml ; do  gpg --homedir /ws/gnupg --detach-sign --armor $i ; done
        $ gpg --homedir /ws/gnupg  --armor --export rvs@apache.org > opensuse/42.1/x86_64/repodata/repomd.xml.key
        $ for i in *.xml.gz repomd.xml.key ; do  gpg --homedir /ws/gnupg --detach-sign --armor $i ; done
        
      3. I had to sign APT repo by essentially rebuilding it from scratch with:
        $ cat > apt/conf/distributions <<__EOT__
        Origin: Bigtop
        Label: Bigtop
        Suite: stable
        Codename: bigtop
        Version: 1.2.0
        Architectures: amd64 source
        Components: contrib
        Description: Apache Bigtop
        SignWith: 9475BD5D
        __EOT__
        $ cat > apt/conf/options <<__EOT__
        verbose
        ask-passphrase
        __EOT__
        

      Also it helps to do this with GPG agent sine all these tools are super chatty and will keep asking you for the master password to your key:

      echo 'use-agent' >> ~/.gnupg/gpg.conf
      echo 'pinentry-program /usr/bin/pinentry-curses' > ~/.gnupg/gpg-agent.conf
      

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                rvs Roman Shaposhnik
                Reporter:
                rvs Roman Shaposhnik
              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated: