14614
Comment:
|
17771
Enhance the text about moving build to testing and update repos. Add info about RSA key syncing.
|
Deletions are marked like this. | Additions are marked like this. |
Line 1: | Line 1: |
## page was renamed from OldContributorsPage ## page was renamed from Contributors |
|
Line 21: | Line 23: |
Once this is done, join the [[http://lists.rpmfusion.org/mailman/listinfo/rpmfusion-developers|Developers Mailing Lists]] and introduce yourself there. Include a link to the review request for your first package in your introduction, and if you're a newcomer also mention that you need someone to sponsor you. | Once this is done, join the [[https://lists.rpmfusion.org/archives/list/rpmfusion-developers@lists.rpmfusion.org/|Developers Mailing Lists]] and introduce yourself there. Include a link to the review request for your first package in your introduction, and if you're a newcomer also mention that you need someone to sponsor you. |
Line 25: | Line 27: |
Also join the RPM Fusion [[http://lists.rpmfusion.org/mailman/listinfo/rpmfusion-commits|GIT commits]] mailing list. The GIT commits mailing list is used for commit messages from the GIT repository. You should subscribe to this list to track the changes to all the packages. | Also join the RPM Fusion [[https://lists.rpmfusion.org/archives/list/rpmfusion-commits@lists.rpmfusion.org/|GIT commits]] mailing list. The GIT commits mailing list is used for commit messages from the GIT repository. You should subscribe to this list to track the changes to all the packages. |
Line 77: | Line 79: |
* Visit the account system home: https://fas.rpmfusion.org/ | * Visit the account system home: https://admin.rpmfusion.org/accounts/ |
Line 79: | Line 81: |
* fas email must be the same of bugzilla email (to allow be added as PoC). | |
Line 80: | Line 83: |
* Edit your account and upload your Public RSA SSH Key (see `man ssh-keygen` for more information) which is required for CVS authorization. | * Edit your account and upload your Public RSA SSH Key (see `man ssh-keygen` for more information) which is required for CVS authorization.<<BR>> . {i} It takes up to 24 hours before the new key is synced with the rest of the infrastructure. |
Line 82: | Line 86: |
* Apply for the cvsextras group ==> https://fas.rpmfusion.org/accounts/group/view/cvsextras. | * Apply for the packager group ==> https://admin.rpmfusion.org/accounts/group/view/packager . |
Line 89: | Line 93: |
removes the blocker `RF_REVIEW` bug and sets the review request to block the tracker bug `RF_ACCEPT` (bug #4). After that, you can ask for the creation of a directory for your package in the GIT repository by adding a comment as follow {{{ Package CVS request ====================== Package Name: Short Description: Owners: Branches: InitialCC: ---------------------- License tag: [free|nonfree] }}} The license tag specifies the repository in which you want to import your package: |
removes the blocker `RF_REVIEW` bug and sets fedora-review flag to "+". (only RPM Fusion packagers can do this). After that, you can submit a package admin request in [[https://admin.rpmfusion.org/pkgdb/|RPM Fusion pkgdb]] as in Fedora. As a reminder, the namespace tag specifies the repository in which you want to import your package: |
Line 110: | Line 102: |
And also set to your review to block the bug tracker '''RF_CVSsync''' by adding bug number #33 to the blocks list. If you have a new CVS request in the future, then you have to add #33 to the blocks list again. #33 is used as a list of bugs which currently require GIT. |
|
Line 121: | Line 110: |
dnf install rfpkg (grab it from http://koji.rpmfusion.org/koji/packageinfo?packageID=447 ) | dnf install rfpkg |
Line 139: | Line 128: |
rfpkg import ~/*.src.rpm | rfpkg import ~/foo.src.rpm rfpkg ci -c |
Line 147: | Line 137: |
If during import you get the following error: {{{ Could not execute import_srpm: (35, 'Peer reports failure of signature verification or key exchange.') }}} You must manually download a client-side certificate from: https://fas.rpmfusion.org/accounts/ and make sure to save it as ~/.rpmfusion.cert |
|
Line 158: | Line 141: |
sudo dnf install rpmfusion-packager (grab it from http://koji.rpmfusion.org/koji/packageinfo?packageID=207) }}} This provides a set of utilities that automatically helps a RPM Fusion packager in setting up their environment and access to the build server. It already includes the rfpkg command and does everything else you would need to do manually. Type: rpmfusion-packager-setup after its installed. |
sudo dnf install rpmfusion-packager }}} This provides a set of utilities that helps a RPMFusion packager in setting up automatically their environment to access to the git-dist and build server. The package already includes installation of others useful packages like the rfpkg. And after, just run rpmfusion-packager-setup with no options as a non-root user. |
Line 177: | Line 161: |
Then request a build to the koji server (not working yet) | Then request a build to the koji server |
Line 188: | Line 172: |
=== If SSL certificate expired === If during import you get the following error: {{{ Could not execute import_srpm: (35, 'Peer reports failure of signature verification or key exchange.') }}} Since rpmfusion-packager-0.6.1 we got rpmfusion-cert rpmfusion-cert -v for verify rpmfusion-cert -n to create a new certificate If ~/.rpmfusion-server-ca.cert or ~/.rpmfusion-upload-ca.cert were generated before Apr 24 2018 (due these certificates has expired), you need update them, first remove them with rm ~/.rpmfusion-upload-ca.cert and ~/.rpmfusion-server-ca.cert, next run fedora-package-setup and after renew your client cert with rpmfusion-cert -n The old method which is download manually a client-side certificate from: https://admin.rpmfusion.org/accounts/user/gencert and save it as ~/.rpmfusion.cert still working, if you need it for some reason as alternative. |
|
Line 225: | Line 229: |
# Create a changelog entry (clog): rfpkg clog # Commit the changes: rfpkg commit -F clog # Remove clog: rm clog |
# Create a changelog entry (clog) and commit the changes: rfpkg ci -c |
Line 239: | Line 237: |
we may also do: rfpkg tag (but not required) | #we may also do: rfpkg tag (but not required) |
Line 243: | Line 242: |
rfpkg resubmit <job id> | koji-rpmfusion resubmit <taskID> (note is not the buildID) # or as alternative git checkout f24; rfpkg build; git checkout master #"rfpkg build" is safe because check before if we already built it, if build is already #done, reply something like: #Could not execute build: Package mpgtx-1.3.1-9.fc23 has already been #built #Note: You can skip this check with --skip-nvr-check. See help for more #info. |
Line 251: | Line 261: |
== Requesting a new branch for a package == You can request new branches for a package at https://admin.rpmfusion.org/pkgdb |
|
Line 254: | Line 267: |
Once that's done, the maintainer must file a [[https://bugzilla.rpmfusion.org/enter_bug.cgi?product=Infrastructure&component=Repo|bugzilla ticket in the '''Infrastructure''' product and '''Repo''' component]]. | A package cannot be retired in stable branches, only in master (rawhide) and branched (e.g. f31 until Fedora 31 is released). An EL branch can be retired at any time. Once that's done, the maintainer must file a [[https://bugzilla.rpmfusion.org/enter_bug.cgi?product=Infrastructure&component=Repo|bugzilla ticket in the '''Infrastructure''' product and '''Repo''' component]] asking the package to be blocked in koji. |
Line 259: | Line 276: |
At this time, the command cannot retire the package in [[https://admin.rpmfusion.org/pkgdb/|pkgdb]]. You need to orphan then retire it manually from the web interface on the related branches. Then file a ticket for the package to be properly retired in koji. |
|
Line 265: | Line 285: |
FIXME : This is only a placeholder. It is said to be possible, but is not documented anywhere. | You can use the following command to request a buildroot override : {{{ koji-rpmfusion tag-build f2?-{,non}free-override your_rpmfusion_build_nvr }}} After wait for repo be ready: {{{ koji-rpmfusion wait-repo f2?-{,non}free-build --build=your_rpmfusion_build_nvr }}} Exemplify {{{ koji-rpmfusion tag-build f25-free-override VirtualBox-5.1.4-3.fc25 koji-rpmfusion wait-repo f25-free-build --build=VirtualBox-5.1.4-3.fc25 }}} It's not possible to tag a fedora package, that's a manual task. In this case, please file a bug in product "Infrastructure" and component "Build System". It is currently not possible to expire a buildroot override, but that is being worked on. == Requesting a buildroot override but for one package from Fedora == As we do not build with updates-testing repos enabled, it's sometime needed for a package to be build and pushed in sync with others fedora packages. Please submit a specific bug for the package you want to build and block this bug: https://bugzilla.rpmfusion.org/show_bug.cgi?id=4501 == Making the build available in the repository == RPM Fusion doesn't use Bodhi like Fedora to request moving package to testing repository then stable repository.<<BR>> Packages are '''pushed manually by the admins''' from time to time. == Manually moving a package from testing repository to updates repository == In some rare cases, packages needs to be moved in sync with packages in Fedora. For example, chromium, qt-webengine, etc.... For such cases, and only such cases, one can move a package using '''koji-rpmfusion move-build''' command. Here is an example : {{{ koji-rpmfusion move-build f29-free-updates-testing f29-free-updates package-version-release }}} {X} WARNING: Never move a package from candidate to testing, or from updates to stable. Only testing to stable is safe, because packages in candidate have not been signed yet. |
1. Contributing to RPM Fusion
So, you've decided to become a contributor to RPM Fusion? This guide will lead you through your first package submission and teach you how to update your package(s) in the future.
Contents
- Contributing to RPM Fusion
- Becoming a RPM Fusion contributor
- Submitting a new package
- Co-maintaining an existing package
- Updating an existing package
- Requesting a new branch for a package
- Retiring a package
- Orphaning a package
- Requesting a buildroot override
- Requesting a buildroot override but for one package from Fedora
- Making the build available in the repository
- Manually moving a package from testing repository to updates repository
2. Becoming a RPM Fusion contributor
Having packaging experience in Fedora is much preferred, but newcomers are welcome too. However if you are a newcomer (i.e. you're not a Fedora sponsored packager) you must first get sponsored, which means find someone to guide you while you learn the procedures.
2.1. Create a Bugzilla Account
In either scenario you should create your first RPM Fusion package and submit it for review as described below. The review process is handled through Bugzilla, as will be any bugs reported against your packages.
Make sure you have an account in Bugzilla.
The email address that you use for your Bugzilla account should be the same email address as you use for all other things related to RPM Fusion.
2.2. Join the Mailing List
Once this is done, join the Developers Mailing Lists and introduce yourself there. Include a link to the review request for your first package in your introduction, and if you're a newcomer also mention that you need someone to sponsor you.
If you have questions about the packaging process, this is the place to ask.
Also join the RPM Fusion GIT commits mailing list. The GIT commits mailing list is used for commit messages from the GIT repository. You should subscribe to this list to track the changes to all the packages.
3. Submitting a new package
3.1. Read the packaging guidelines
RPM Fusion follows the Fedora packaging guidelines, make sure you've read and understood these:
It is also a good idea to read the items which will be checked during the review of your package and to verify yourself that these are all ok:
Please read the Kmod standard if you will be packaging an external kernel module:
3.2. Create a package review request
Before posting a review request, you should upload your SRPM and SPEC file to any accessible location on the internet.
Before your package can become part of RPM Fusion it must first be reviewed, create a new bug report as follows :
- Choose "Package Reviews" as Product.
- Choose "Review Requests" as Component.
Set Summary to: "Review request: %{name} - %{summary}", with %{name} and %{summary} from the package.
- Put the following in the Description:
- Full URLs to the spec file and source rpm of the package.
- A short description for the package (usually, the %description from the spec file).
- Why this package is not eligible to be included in Fedora.
The output rpmlint gives on both the source and binary packages. Explain for each message why you've chosen to ignore it.
- Mention if this is your first RPM Fusion package.
- Mention that you are seeking a sponsor if you are not a Fedora sponsored packager or an RPM Fusion sponsored packager.
The request should also be set to block the tracker bug: RF_NEW (bug #2). This way, other contributors can easily check for packages that need reviewing. If you want to help others by doing reviews yourself go to bug #2.
If you are seeking a sponsor you must also be set to block the tracker bug: NEEDSPONSORS (bug #30). Thus, some potential sponsors will look at the NEEDSPONSORS bug to find packages to review. The only allowed sponsors in RPM Fusion are Fedora sponsors.
Please do not submit more than one package per per Bugzilla entry. It would be very very difficult to follow the review otherwise. If you have related packages, it can be handy to trace all the dependencies using the "Depends On" or "Block" Bugzilla features.
3.3. Wait for your package to be reviewed
As time permits, a reviewer will review your package. A reviewer is either a Fedora sponsored packager or an RPM Fusion only sponsored packager. If you need a sponsor, the reviewer must be a Fedora sponsors. Sometimes other people add a few comments, this does not constitute a review.
When a proper review gets done the reviewer will assign the bug to him, remove the blocker on RF_NEW and set it to block the tracker bug RF_REVIEW (bug #3). This indicates that a review is in progress.
The reviewer should follow the Fedora Review Guidelines as close as possible, obviously taking into account any differences between Fedora and RPM Fusion. As RPM Fusion is more permissive with the content it allows, exceptions to these guidelines are allowed in some circumstances but care and common sense should prevail. The reviewer should ensure that any deviations from the Fedora Packaging Guidelines are sane and justified in the package they are reviewing. If in doubt, please ask on the RPM Fusion mailing list. The reviewer should inform the contributor of any changes that need to be made to their package, if any. The contributor should update their package as necessary, including bumping the release version and submit the new SPEC file and source rpm URL. The reviewer should verify the changes. This is repeated as many times as necessary until the contributor and reviewer are happy with the final package.
3.4. Get an RPM Fusion Account
Create an account in the RPM Fusion Account System
Visit the account system home: https://admin.rpmfusion.org/accounts/
Click on New account and fill in the blanks.
- fas email must be the same of bugzilla email (to allow be added as PoC).
After you create your account, please be sure to sign the CLA (if you click on the "My Account" link in the top right, you should see CLA: CLA Done).
Edit your account and upload your Public RSA SSH Key (see man ssh-keygen for more information) which is required for CVS authorization.
It takes up to 24 hours before the new key is synced with the rest of the infrastructure.
Once you get email confirmation that your account has been created and you're a member of the cla_done group, return to edit your account:
Apply for the packager group ==> https://admin.rpmfusion.org/accounts/group/view/packager .
- Once this is done, your account will show up as "pending" to all of the RPM Fusion sponsors (who will receive an email).
When you are sponsored, you will be automatically added/approved to the rpmfusionbugs group as well. This will allow you to make changes to the state of bugs in Bugzilla, which is what you'll need to do to get them checked in. It will also allow you to do complete package reviews, including approving packages yourself!
3.5. Your package gets approved
When the reviewer approves the package, he adds a comment saying that the package has been approved, he removes the blocker RF_REVIEW bug and sets fedora-review flag to "+". (only RPM Fusion packagers can do this).
After that, you can submit a package admin request in RPM Fusion pkgdb as in Fedora.
As a reminder, the namespace tag specifies the repository in which you want to import your package:
free for Open Source Software (as defined by the Fedora Licensing Guidelines) which the Fedora project cannot ship due to other reasons
nonfree for redistributable software that is not Open Source Software (as defined by the Fedora Licensing Guidelines); this includes software with publicly available source-code that has "no commercial use"-like restrictions. A free package that depends on a nonfree package goes to this repository too.
3.6. Import your package
Once the git module has been created, the package must be imported.
The only file that you have to import is the "src.rpm" file, no more and one at a time.
First, set your environment :
dnf install rfpkg
Start ssh-agent to ensure that git uses your id_rsa key:
ssh-agent $SHELL
or
keychain -q ~/.ssh/id_rsa
Then, checkout the common tool and import your SRPM as follow :
rfpkg clone <namespace>/<my_new_package> cd <my_new_package> rfpkg import ~/foo.src.rpm rfpkg ci -c
During the GIT import procedure, your source files will be automatically tagged for the requested branch.
<namespace> is the section where your git module should be imported/go (free or nonfree).
3.7. Request a build
First of all, install rpmfusion-packager
sudo dnf install rpmfusion-packager
This provides a set of utilities that helps a RPMFusion packager in setting up automatically their environment to access to the git-dist and build server. The package already includes installation of others useful packages like the rfpkg. And after, just run rpmfusion-packager-setup with no options as a non-root user.
rpmfusion-packager-setup
If you have already done that, go on and request a build. Move to the directory where the source files are:
rfpkg clone free/my_package cd my_package vim my_package.spec rfpkg new-sources my_packager-1.0.tar.gz rfpkg commit rfpkg push
Then request a build to the koji server
rfpkg build
This will trigger a build request for the branch. Easy! You can check the status of the build process from the koji web interface.
Once the package built successfully, go back to your bug review and add a comment to the review to notify the import and build have been done correctly. Then close the bug as RESOLVED FIXED.
If there is a request for your package in the RPM Fusion Wishlist, please remove the related entry and commit the change in the wiki with a comment saying that the package is now in RPM Fusion.
3.8. If SSL certificate expired
If during import you get the following error:
Could not execute import_srpm: (35, 'Peer reports failure of signature verification or key exchange.')
Since rpmfusion-packager-0.6.1 we got rpmfusion-cert
rpmfusion-cert -v for verify
rpmfusion-cert -n to create a new certificate
If ~/.rpmfusion-server-ca.cert or ~/.rpmfusion-upload-ca.cert were generated before Apr 24 2018 (due these certificates has expired), you need update them, first remove them with rm ~/.rpmfusion-upload-ca.cert and ~/.rpmfusion-server-ca.cert, next run fedora-package-setup and after renew your client cert with rpmfusion-cert -n
The old method which is download manually a client-side certificate from: https://admin.rpmfusion.org/accounts/user/gencert and save it as ~/.rpmfusion.cert still working, if you need it for some reason as alternative.
4. Co-maintaining an existing package
You can offer to co-maintain a package in RPM Fusion. Please see Fedora's documentation on co-maintainership. To get commit privileges to an existing package, see "Package Change Requests for existing packages" in the CVS Requests documentation.
Even if you don't have an RPM Fusion account, it can be useful to anonymously checkout a package's GIT module for various reasons. In such case, you can use the following command :
rfpkg clone -a <namespace>/<module>
where <namespace> is either free or nonfree and <module> is the package's name.
5. Updating an existing package
Make sure you have your environment set as in the Import your package subsection. You can then follow the Fedora Package Update HOWTO.
Example:
# Set the environment: rfpkg clone <namespace>/<module> # Download the new upstream source and save it to the branch directory you are updating (if applies): cd module wget -N http://dl.sf.net/foo/foo-0.0.2.tar.bz2 # Upload the tarball to an external lookaside cache (not yet working) rfpkg new-sources "foo-0.0.2.tar.bz2" # Small patches, initscripts or otherwise plain text files can be commited directly to GIT: git add foo-fix-the-bar.patch # Change the required things in the specfile: emacs foo.spec # Check that the changes you made are correct: git diff # Create a changelog entry (clog) and commit the changes: rfpkg ci -c # check what you going to push git show # Tag and request build (ex make tag build ) : rfpkg push #we may also do: rfpkg tag (but not required) rfpkg build # Resubmit a failed build: koji-rpmfusion resubmit <taskID> (note is not the buildID) # or as alternative git checkout f24; rfpkg build; git checkout master #"rfpkg build" is safe because check before if we already built it, if build is already #done, reply something like: #Could not execute build: Package mpgtx-1.3.1-9.fc23 has already been #built #Note: You can skip this check with --skip-nvr-check. See help for more #info.
A package built for devel (i.e. rawhide) will directly go to the "devel" repository.
A package built for a stable release (e.g. f24, f23) will go to the "updates-testing" repository. You'll have to wait a period ranging from 10 to 14 days for your package to be transferred to the "updates" repository. It's a manual action, somebody real actually does that, so don't panic.
You can also find packages which are built but not yet pushed here: http://koji.rpmfusion.org/mash/
6. Requesting a new branch for a package
You can request new branches for a package at https://admin.rpmfusion.org/pkgdb
7. Retiring a package
In order to retire a branch of a package, the maintainer needs to delete all but a dead.package file containing an explanation of why the package/branch has been retired.
A package cannot be retired in stable branches, only in master (rawhide) and branched (e.g. f31 until Fedora 31 is released). An EL branch can be retired at any time.
Once that's done, the maintainer must file a bugzilla ticket in the '''Infrastructure''' product and '''Repo''' component asking the package to be blocked in koji.
This can be done using the following command:
rfpkg retire
At this time, the command cannot retire the package in pkgdb. You need to orphan then retire it manually from the web interface on the related branches.
Then file a ticket for the package to be properly retired in koji.
8. Orphaning a package
FIXME : Work out and describe the process to orphan a package.
9. Requesting a buildroot override
You can use the following command to request a buildroot override :
koji-rpmfusion tag-build f2?-{,non}free-override your_rpmfusion_build_nvr
After wait for repo be ready:
koji-rpmfusion wait-repo f2?-{,non}free-build --build=your_rpmfusion_build_nvr
Exemplify
koji-rpmfusion tag-build f25-free-override VirtualBox-5.1.4-3.fc25 koji-rpmfusion wait-repo f25-free-build --build=VirtualBox-5.1.4-3.fc25
It's not possible to tag a fedora package, that's a manual task. In this case, please file a bug in product "Infrastructure" and component "Build System".
It is currently not possible to expire a buildroot override, but that is being worked on.
10. Requesting a buildroot override but for one package from Fedora
As we do not build with updates-testing repos enabled, it's sometime needed for a package to be build and pushed in sync with others fedora packages.
Please submit a specific bug for the package you want to build and block this bug: https://bugzilla.rpmfusion.org/show_bug.cgi?id=4501
11. Making the build available in the repository
RPM Fusion doesn't use Bodhi like Fedora to request moving package to testing repository then stable repository.
Packages are pushed manually by the admins from time to time.
12. Manually moving a package from testing repository to updates repository
In some rare cases, packages needs to be moved in sync with packages in Fedora. For example, chromium, qt-webengine, etc.... For such cases, and only such cases, one can move a package using koji-rpmfusion move-build command.
Here is an example :
koji-rpmfusion move-build f29-free-updates-testing f29-free-updates package-version-release
WARNING: Never move a package from candidate to testing, or from updates to stable. Only testing to stable is safe, because packages in candidate have not been signed yet.