Overview#
This page describes the process for a package maintainer to release PKI Fedora packages.
This page assumes that the PKI source code has been checked out into pki folder as described in this document.
See also:
Authentication#
Obtain a Kerberos ticket for FEDORAPROJECT.ORG account and COPR authentication token.
Getting Source Packages#
NOTE: dogtag-pki package needs to be built only if there is a change in ${version} of pki (ie) individual ${release} can be skipped unless there is a theme level/”Requires” level changes.
To get the source packages:
$ fedpkg clone pki-core ``\ ``Fedora/pki-core$ fedpkg clone dogtag-pki ``\ ``Fedora/dogtag-pkiThe above command will create a new Fedora/pki-core and Fedora/dogtag-pki folders.
If necessary, a forked repository can be added as a remote repository:
Updating Version and Release Numbers#
In pki, update the version numbers and release numbers in the spec templates.
Pre-release (i.e. alpha, beta) where x is major version and y is minor version:
x.y.0-0.n
Initial release:
x.y.0-1
Updates (i.e. upstream bug fixes) where z is 1, 2, and so on:
x.y.z-1
Downstream patch (e.g. Fedora-specific patches) where r is 2, 3, and so on:
x.y.z-r
See also:
Merging Spec Changes#
In pki, generate a spec file for the pki-core package, then merge it with actual spec file:
$ ./build.sh \$ meld ~/build/pki-core/SPECS/pki-core.spec ``\ ``Fedora/pki-core``/pki-core.spec ``Generate a spec file for the dogtag-pki package, then merge it with actual spec file:
$ ./build.sh \$ meld ~/build/dogtag-pki/SPECS/dogtag-pki.spec ``\ ``Fedora/dogtag-pki/dogtag-pki.specNote: Do not override changes that were done downstream unless they were done improperly.
In the actual spec files, add a change log entry for the new release in downstream spec file (unless there is one already that has not been released):
* Mon Mar 29 2018 Dogtag PKI Team <pki-devel@redhat.com> - 10.6.0-1- Rebased to PKI 10.6.0Note: Do not add a change log entry in the upstream spec template.
Committing Upstream Changes#
In pki, commit all changes to upstream:
$ git commit -a -m "Updated version number to x.y.z-r"
Create a local tag with the following commands:
$ git tag v10.6.0
For pre-releases, append the phase name to the version number, e.g. v10.6.0-a1.
Updating Source Tarball#
In pki, generate a source tarball. To generate a tarball from the latest commit:
$ ./build.sh --source-tag=HEAD src
To generate a tarball from a tag:
$ ./build.sh --source-tag=v10.6.1 src
Do not use the following command without –source-tag since it may generate a tarball with inconsistent checksum:
$ ./build.sh src
Import the same source tarball into each package with the following commands:
$ cd ``\ ``Fedora/pki-core$ fedpkg new-sources pki-10.6.1.tar.gz$ cd ``\ ``Fedora/dogtag-pki$ fedpkg new-sources pki-10.6.1.tar.gzIf the release uses patch files, update the list of patch files in the spec file:
Patch1: patch1.patchPatch2: patch2.patch...Add new patch files with this command:
``$ git add ``
Remove unused patch files with this command:
``$ git rm ``
Then verify with the following commands:
$ fedpkg local$ fedpkg lintCreating Test Build#
For each package, create a COPR build with the following commands:
$ cd ``\ ``Fedora/pki-core$ fedpkg copr-build @pki/10.6 --nowait$ cd ``\ ``Fedora/dogtag-pki$ fedpkg copr-build @pki/10.6 --nowaitOnce the test builds are complete, push the tag upstream:
$ cd ``\ ``pki$ git push origin v10.6.0Committing Source Package Changes#
For each package, commit package changes to master (i.e. rawhide):
$ cd ``\ ``Fedora/pki-core$ git commit -m "Rebased to PKI 10.6.0"$ git push origin master$ cd ``\ ``Fedora/dogtag-pki$ git commit -m "Rebased to PKI 10.6.0"$ git push origin masterCreating Koji Build for Rawhide#
For each package, create a Koji build:
$ cd ``\ ``Fedora/pki-core$ fedpkg build --nowait$ cd ``\ ``Fedora/dogtag-pki$ fedpkg build --nowaitIf necessary, the task can be monitored with the following command:
``$ koji watch-task ``
Once the build is complete, tag package repository:
$ cd ``\ ``Fedora/pki-core$ git tag pki-core-10.6.0-1.fc29$ git push origin pki-core-10.6.0-1.fc29$ cd ``\ ``Fedora/dogtag-pki$ git tag dogtag-pki-10.6.0-1.fc29$ git push origin dogtag-pki-10.6.0-1.fc29Creating Koji Build for Current Branch#
For each package, cherry pick the changes from master into the current branch (e.g. f28):
$ cd ``\ ``Fedora/pki-core$ git cherry-pick ``\ ``..$ cd ``\ ``Fedora/dogtag-pki$ git cherry-pick ``\ ``..If necessary, create BuildRoot overrides for unpublished dependencies, for example:
$ bodhi overrides save jss-4.4.4-1.fc28
$ koji wait-repo f28-build --build=jss-4.4.4-1.fc28
$ bodhi overrides save tomcat-8.5.29-1.fc28
$ koji wait-repo f28-build --build=tomcat-8.5.29-1.fc28
$ bodhi overrides save tomcatjss-7.3.0-1.fc28
$ koji wait-repo f28-build --build=tomcatjss-7.3.0-1.fc28
Then create a Koji build:
$ fedpkg build --nowait
If necessary, the task can be monitored with the following command:
``$ koji watch-task ``
Tag package repository:
$ cd ``\ ``Fedora/pki-core$ git tag pki-core-10.6.0-1.fc28$ git push origin pki-core-10.6.0-1.fc28$ cd ``\ ``Fedora/dogtag-pki$ git tag dogtag-pki-10.6.0-1.fc28$ git push origin dogtag-pki-10.6.0-1.fc28Creating Bodhi Update for Current Branch#
If updating multiple packages at the same time (e.g., tomcatjss), wait to push all of them together
To submit package update:
$ bodhi updates new \pki-core-10.6.0-1.fc28,\dogtag-pki-10.6.0-1.fc28To submit module update:
$ bodhi updates new \pki-10.6-20180711014825.9c690d0eCreating GitHub Release#
Go to dogtagpki/pki and edit the release.
Include links to the new releases:
Sending Announcements#
Send an email similar to the following to pki-devel, pki-users, and pki-announce:
PKI 10.6.0 is now available upstream:
https://github.com/dogtagpki/pki/releases/tag/v10.6.0
Fedora 28 builds are available via the following update:
https://bodhi.fedoraproject.org/updates/FEDORA-2018-xxxxxx
Fedora Rawhide builds are available in Koji.
Fedora 27 builds are available in this COPR repository:
https://copr.fedorainfracloud.org/coprs/g/pki/10.6/