1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
|
<chapter id="rel-mgmt">
<title>Release Management</title>
<para>
At certain stages, the development team releases a version of &app;. The
following chapters explain the steps that are performed during this process.
</para>
<sect1 id="create-new-source-version">
<title>Creating a new source version</title>
<para>
The process of releasing a new version is to build a source tar-ball archive, verify
that &app; can be built from it and upload it to the SourceForge File Release System.
This chapter explains the steps of making sure that the version numbers are set
correctly, creating the source tar-ball, tagging the repository etc.
</para>
<para>
Note that in order to perform some of the functions associated with this procedure, you will need to:
<para>
<orderedlist>
<listitem><para>
Obtain a userid by registering with Sourceforge; this userid is represented below as <your_sf_userid>
</para></listitem>
<listitem><para>
Be registered as a &kappname; developer; this must be done by a project administrator, the names of which appear on the project home page on Sourceforge.
</para></listitem>
</orderedlist>
</para>
</para>
<para>
The first few steps of the release process should be taken some time in advance of the anticipated release date, in order to give translators a chance to 'do their thing'. The length of time required will depend on how many translatable strings have been changed since the previous release, but something like two weeks for a minor release should suffice.
<note>
<para>
The steps explained apply to both the development and the
release branches. For convenience, the examples are based on the
development branch.
</para>
</note>
</para>
<orderedlist>
<listitem>
<para>Determine the release number which will identify this release.
</para>
<para>
Two types of versions can be created at this time: a <emphasis>follow-up</emphasis> release or a <emphasis>fresh stable</emphasis>
release. The follow-up release is based on a previous release with the same major and minor release number. The fresh stable
release starts a new major and minor release number pair. In the latter case, the major and minor release numbers on the
development branch in CVS are also adjusted. More details below.
</para>
<para>
<orderedlist>
<listitem><para>
For follow-up releases increase the micro-release-number by one since the last unstable/stable release.
</para></listitem>
<listitem><para>
For a fresh stable release, increase the minor release number and set the micro-release number to 0.
</para></listitem>
</orderedlist>
</para>
</listitem>
<listitem>
<para>Create a new directory for this release
</para>
<para>
Create a new directory specifically for the release process, something like /home/me/distkmm, which will ensure that the following steps are not contaminated by other, existing versions of &app;. From this directory, check out a copy of the app from the CVS branch which forms the basis of this release, e.g. for 0.8.2, the branch will be rel-0-8-branch. The checkout process will create a sub-directory called kmymoney2. This is referred to subsequently as the TLD (top level directory).
</para>
</listitem>
<listitem>
<para>
Update the text source file for translations.
</para>
<para> This is done from the TLD by running the command:
<programlisting>
<prompt>thb: ~> </prompt><userinput>make package-messages</userinput>
</programlisting>
</para>
<para>
This will create the file kmymoney2.pot in TLD/po, and will merge all new and changed messages into the various translation files in the same directory. These files (kmymoney2.pot and *.po) should be committed to the appropriate branch of CVS. Also, an announcement should be made on the translator's mailing list that these are ready for updating, and mentioning a date a few days before the proposed release date as a deadline for translations to be submitted.
</para>
<para>
At this point also, a 'string freeze' for the base release should be declared on the developer's list. From now on until the release is complete, the only changes which should be committed to the CVS branch should be fixes which do not change translatable strings, and updated .po files submitted by translators.
</para>
<para>
As each .po file is committed, it is desirable to update the translation statistics on the project web site. This can be performed with the command
<programlisting>
make message-stats | ssh <your_sf_userid>@user.sourceforge.net "cat > /home/groups/k/km/kmymoney2/htdocs/translate-stable.xml"
</programlisting>
You should certainly make sure that this command is run at least once, after all .po files have been committed.
</para>
<para>
Once the anticipated release date is reached, you should make sure that your sandbox is up-to-date. This is probably best achieved by deleting the directory created in step 2, and re-creating it by a full CVS checkout as described there.
</para>
</listitem>
<listitem>
<para>
Check that the version number is correct.
</para>
<para>
In the TLD, check file configure.in.in for the correct version number. A line near the top should look like</para>
<programlisting>AM_INIT_AUTOMAKE(kmymoney2,0.8.3)</programlisting>
<para>If the last digits don't match the release number, then change them and commit your change to the repository with the message 'Bumped to release x.y.z'.
</para>
</listitem>
<listitem>
<para>
Verify the libtool version number
</para>
<para>Visit all subdirectories that contain a shared library. In the TLD, issue the command
<programlisting>find . -name Makefile.am -exec grep -H LIBVERSION= '{}' \;</programlisting>
(Note that the space before the backslash is necessary.)
For each match, check whether the code or interface of the shared library has been changed since the last release. If so, modify the LIBVERSION setting in each Makefile.am according to the following recipe, where the LIBVERSION setting controls the libtool versioning system for shared libraries. It is constructed out of the triplet CURRENT:REVISION:AGE.
</para>
<para>
<orderedlist>
<listitem><para>
If the library source code has changed at all since the last
release, then increment REVISION (`C:R:A' becomes `C:r+1:A').
</para></listitem>
<listitem><para>
If any interfaces have been added, removed, or changed since the
last update, increment CURRENT, and set REVISION to 0.
</para></listitem>
<listitem><para>
If any interfaces have been added since the last public release,
then increment AGE.
</para></listitem>
<listitem><para>
If any interfaces have been removed since the last public release,
then set AGE to 0.
</para></listitem>
</orderedlist>
</para>
<para>
<caution>
Make sure to modify the numbers in coordination with changes on the release- and development branch.
It could well be, that the REVISION must be incremented more than 1 if it has been changed on the other branch as well.
</caution>
</para>
</listitem>
<listitem>
<para>
Perform an initial build of the application
</para>
<para>
From the TLD, issue the commands:
</para>
<programlisting>
<prompt>thb: ~> </prompt><userinput>make -f Makefile.dist release</userinput>
<prompt>thb: ~> </prompt><userinput>./configure <emphasis><any-options-you-need></emphasis></userinput>
<prompt>thb: ~> </prompt><userinput>make</userinput>
</programlisting>
<para>
This will regenerate all files of the application and rebuild everything automatically.
</para>
</listitem>
<listitem>
<para>
Check the distribution
</para>
<para>
Before doing this, check that all desktop files conform to the freedesktop specification. From the TLD, issue the following command:
<programlisting>
<prompt>thb: ~> </prompt><userinput>find ./kmymoney2 -name '*.desktop' -exec desktop-file-validate {} \;</userinput>
</programlisting>
N.B. Any errors in file x-kmymoney2.desktop can be ignored since trinity does not conform to the specification for this file type.
</para>
<para>
Note: desktop-file-validate is part of the desktop-file-utils package, which may be installed from your distribution repository, or downloaded from
<ulink url="http://www.freedesktop.org/wiki/Software/desktop-file-utils">http://www.freedesktop.org/wiki/Software/desktop-file-utils</ulink>
</para>
<para>
Then, to check the distribution itself, from the TLD, run the command
<programlisting>
<prompt>thb: ~> </prompt><userinput>make distcheck</userinput>
</programlisting>
This will do the following things automatically and stop on any error:
</para>
<para>
<orderedlist>
<listitem><para>create a source tar-ball in tgz form</para></listitem>
<listitem><para>unpack this source tar-ball in a separate directory</para></listitem>
<listitem><para>run configure on the unpacked source tar-ball</para></listitem>
<listitem><para>compile and link the configured package</para></listitem>
<listitem><para>compile and link all testcases</para></listitem>
<listitem><para>install the compiled program in a temp directory</para></listitem>
<listitem><para>check that all files are installed</para></listitem>
<listitem><para>uninstall the package from the temp space</para></listitem>
<listitem><para>check that no files are left behind</para></listitem>
</orderedlist>
</para>
<para>
Make sure that everything builds correctly. If errors occur, correct them and
rerun <command>make distcheck</command>. Once everything is ok, a respective message, that the tar-ball is
ready for distribution is shown at the end of <command>make distcheck</command>.
</para>
</listitem>
<listitem>
<para>
Update the ChangeLog
</para>
<para>
Add a line with the text
<programlisting> * Released x.y.z
</programlisting>
to the ChangeLog file.
</para>
</listitem>
<listitem>
<para>
Commit changes to CVS
</para>
<para>
Commit the updated ChangeLog file, and any Makefiles updated in step 5 to the CVS repository before you proceed with the next step. Use the message 'Released x.y.z'.
</para>
</listitem>
<listitem>
<para>
Tag the version on CVS
</para>
<para>From the TLD, issue the command 'cvs tag rel-x-y-z', where x-y-z is the release number with dots replaced by dashes.
</para>
</listitem>
<listitem>
<para>
Update and optimize the size of the tar-ball
</para>
<para>As the content has changed since the tar-ball was created in step 7, we need to re-create it. Create a more compressed version using the command:
</para>
<programlisting>
<prompt>thb: ~> </prompt><userinput>make dist-bzip2</userinput>
</programlisting>
</listitem>
<listitem>
<para>Make a checksum of the tarball
</para>
<para>
This can be done with the following command from the TLD
</para>
<programlisting>
<prompt>thb: ~> </prompt><userinput>md5sum <emphasis>name-of-tarball.tar.bz2</emphasis> >/home/me/somewheresafe</userinput>
</programlisting>
<para>This checksum may be used to verify downloaded files at a later stage, and may be added to sourceforge at some future time.
</para>
</listitem>
<listitem>
<para>
Create a Release Note and a release ChangeLog file.
</para>
<para> The former should contain a brief description of the release and any new features which have been added. The latter should be a tidied-up version of the application ChangeLog file, though any purely internal changes may be omitted.
</para>
</listitem>
<listitem>
<para>
Upload the tarball to Sourceforge's 'incoming' directory
</para>
<para>
Upload the tar-ball (bz2-version) to ftp://anonymous:<your-email-address>@upload.sourceforge.net:incoming, making sure to use the binary transfer mode.
</para>
<para>
For GUI users: <emphasis>anonymous</emphasis> is the user-name and
<emphasis>your-email-address</emphasis> is the password.
</para>
<para>
For command line FTP, from the TLD:
<programlisting>
<prompt>thb: </prompt><userinput>ftp</userinput>
<prompt>ftp> </prompt><userinput>open upload.sourceforge.net</userinput>
Connected to osdn.dl.sourceforge.net.
<snip>
<prompt>Name (upload.sourceforge.net:tonyb): </prompt><userinput>anonymous</userinput>
331 Please specify the password.
<prompt>Password:</prompt><userinput><your_sf_userid></userinput>
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
<prompt>ftp> </prompt><userinput>cd /incoming</userinput>
250 Directory successfully changed.
<prompt>ftp> </prompt><userinput>binary</userinput>
200 Switching to Binary mode.
<prompt>ftp> </prompt><userinput>put <emphasis>name-of-tarball.tar.bz2</emphasis></userinput>
<prompt>ftp></prompt><userinput> quit</userinput>
</programlisting>
</para>
</listitem>
<listitem>
<para>
Move the tarball to the Sourceforge File Release System
</para>
<para>
Next pull the uploaded file into the &app; section
of the File Release System on SourceForge so that the file will be visible to everyone on the internet.
To do that, load the following URL in your browser
</para>
<programlisting>
https://sourceforge.net/project/admin/editpackages.php?group_id=4708
</programlisting>
<para>At the bottom of the page, click on the 'Edit releases' link. If the release (x.y.z) you've built doesn't appear in the list, go back a page and click on the 'Add release' link to add it, then return to 'Edit releases', then click the 'Edit this release' link for your release.</para>
<para>In Step 1 of the page, set the status to Hidden for now, paste the Release Notes and ChangeLog into the appropriate boxes and Submit.</para>
<para>In Step 2, select the kmymoney tarball file and Add.</para>
<para>In Step 3, set Processor to 'platform-independent', File Type to 'source .bz2', and Submit.</para>
<para/>
</listitem>
<listitem>
<para>
Activate tarball on Sourceforge
</para>
<para>Once you are happy that the tarball was uploaded okay, and the release announcements are all correct, enter the File Release system again, and set the status to Active.
</para>
</listitem>
<listitem>
<para>
Update bug lists
</para>
<para>If the ChangeLog indicates that any Sourceforge or KDE bugs have been fixed in this release, log on to the respective bug sites and ensure that they are marked as closed.
</para>
</listitem>
<listitem>
<para>
Announce the release
</para>
<para>
(At this point, you may wish to wait a few hours to allow Sourceforge to populate its mirror sites, thus avoiding complaints to the mailing lists.)
Announce the presence of the source tar-ball archive as described in
<link linkend="announce-new-version">Announce new version</link>.
</para>
</listitem>
<listitem>
<para>
Prepare for next release
</para>
<para>
Make sure that you increase the project version to the next version. This is derived as follows:
</para>
<para>
<orderedlist>
<listitem>
<para>After a follow-up release, increase the micro-release-number by one, e.g. if the release you are currently working on is called 0.7.3 then set the release number to 0.7.4. </para>
</listitem>
<listitem>
<para>After a fresh stable release, increase the minor release number and set the micro-release number to 0, e.g.if the release you are currently working on is called 0.6 then set the release number to 0.7.0. </para>
</listitem>
</orderedlist>
</para>
<para>
Make the appropriate changes to configure.in.in as described in step 4 above.
From the TLD, issue the commands:
</para>
<programlisting>
<prompt>thb: ~> </prompt><userinput>make -f Makefile.dist</userinput>
<prompt>thb: ~> </prompt><userinput>./configure <emphasis><any-options-you-need></emphasis></userinput>
<prompt>thb: ~> </prompt><userinput>make</userinput>
</programlisting>
<para>
This will regenerate all files of the application and rebuild everything.
</para>
<para>
Finally, check in the updated configure.in.in to the CVS repository.
</para>
</listitem>
</orderedlist>
<note>
<para>
The version number in the sandbox is <emphasis>always</emphasis> the
version number that is currently being developed (we're a little ahead of ourselves here).
</para>
</note>
</sect1>
<sect1 id="create-stable-procedure">
<title>Creating a new stable version</title>
<para>
At a certain time in the project's development cycle, the configuration
manager decides that a feature freeze is necessary to start a new stable
version. The exact dates when this will happen are announced on the
developers mailing list ahead of the event. When the time has come to
freeze the features, a branch will be created as described in this
section. From this time on, the stable release will only be changed to make
the current features of the software more stable. New features are not
introduced to the stable branch but can be developed on the main
branch (unstable) in parallel.
</para>
<para>
When the time has come to create a new stable branch, the following steps
have to be performed.
<orderedlist>
<listitem>
<para>
Run through all the steps explaind in <link linkend="create-stable-example">Creating a new version</link>.
The version number used in this description for the stable version is 0.4. Follow the path
for a fresh stable release.
</para>
</listitem>
<listitem><para>
Create a branch off of the tagged version. The branch name is build by appending
the word <emphasis>-branch</emphasis> to the major- and
minor-release number of the stable release version.
For our example, the branch tag for versions 0.4 is
<emphasis>rel-0-4-branch</emphasis>.
A complete example with all &cvs; commands can be found
<link linkend="create-stable-example">in the appendix</link>.
</para></listitem>
<listitem>
<para>
From this moment on, the developers working on versions 0.4.x must make
sure, that they checkout or update their sandbox using the
tag <emphasis>rel-0-4-branch</emphasis>. This gives them the head revisions of
the files on the 0.4 branch. Omitting this tag information will leave
them on the main branch. The main branch is reserved for the unstable
versions. An example how to keep multiple branches on the same machine is
presented in the <link linkend="multiple-branches">appendix</link>,
<caution>
<para>
The developers really have to
take care from this point on which version they are modifying in their
sandbox. Besides that, it is the developers responsibility to make sure
that bug-fixes are also implemented on the main-branch if applicable.
</para>
</caution>
</para>
<para>
When fixes are applied to the branch, new versions can be created by
incrementing the micro-release thus rel-0-4-1, rel-0-4-2 are the next
tags on the release branch.
</para>
</listitem>
</orderedlist>
<note>
<para>
Since &cvs; does not allow periods inside a tag, we always replace periods
(.) with dashes (-) inside a tag.
</para>
</note>
<para>
The following diagram shows the above example on two specifc files. Each
node represented by an asterisk is labelled with it's revision number
enclosed in parenthesis. If a node has one or more labels attached, then
they are enclosed in brackets. Nodes may exist without a tag. Such
revisions never went into a release neither stable nor unstable but are
valid intermediate steps in the development of the file in question.
</para>
<example>
<title>Revisions on the head of a stable branch</title>
<para>
The first file is changed rather often between the version tags. All tags
are on different revisions of the file.
</para>
<programlisting>
* (1.12) [rel-0-3-8]
|
* (1.13)
|
* (1.14) [rel-0-4]
|\__________________________
| \
| |
* (1.15) * (1.14.2.1) [rel-0-4-1]
| |
* (1.16) [rel-0-5-0] * (1.14.2.2) [rel-0-4-2]
[HEAD] [rel-0-4-branch]
</programlisting>
<para>
The second file is not changed at all between the version
tags. Nevertheless, all tags are available even though now they are on
the same revision 1.2.
</para>
<programlisting>
* (1.2) [rel-0-3-8] [rel-0-4]
| [rel-0-4-1] [rel-0-4-2] [rel-0-5-0]
|\__________________________
| \
| |
[HEAD] [rel-0-4-branch]
</programlisting>
</example>
</para>
</sect1>
<sect1 id="announce-new-version">
<title>Announce a new version</title>
<para>
Once the file is visible on the internet, people need to be informed about the new
release. Besides that, the project maintains certain pages, where information about the
current release is kept. These pages need to be updated.
</para>
<sect2 id="announce-new-version-release-system">
<title>Announce new version via File Release System</title>
<para>
The SourceForge File Release System allows to send a short mail about the release of a package to registered
recipients. On the bottom of the page where the uploaded file is moved into the file space of &app; a checkbox
can be activated to send out such a mail. This method should only be used for a new source tar-ball release.
</para>
</sect2>
<sect2 id="update-web-sites">
<title>Update information about release on web-sites</title>
<para>
Certain web-sites exist that keep version information about &app;. They need to be updated.
<orderedlist>
<listitem><para>
The news system for &app; on SourceForge.net: Create a news entry on https://sourceforge.net/projects/kmymoney2.
</para></listitem>
<listitem><para>
The &app; web-site at http://kmymoney2.sourceforge.net/: Update all version info
for the stable and development releases and update the links to the source tar-balls.
</para></listitem>
<listitem><para>
The &app; web-site at http://www.kde-apps.arg/: Add the release notes and update the version and minimum requirements.
</para></listitem>
<listitem><para>
The &app; web-site at http://kmymoney2.sourceforge.net/: Update the links to the latest stable and development release.
If you created a fresh stable release, comment the development release entry.
</para></listitem>
</orderedlist>
</para>
</sect2>
<sect2 id="announce-new-version-mail">
<title>Announce new version on mailing lists</title>
<para>
Write a short mail and send it to the developer- and user-mailing list of the project, so that all subscribed
recipients are informed about the new release. Add links to the project web-site and the www.kde-apps.org page
of the project.
</para>
</sect2>
</sect1>
<sect1 id="create-new-bin-version">
<title>Creating a new binary/installable version</title>
<para>
Additionally, installable binary versions of &app; should be provided. Since the installable binary
files differ from distribution to distribution and the generation in general requires the
target platform, the &app; project relies on the help of people not directly involved in
the application development. We greatfully appreciate any help in this area.
</para>
<para>
Multiple formats exist: RPM, DEB, e-builds, PKG just to name a few. Since the distro I use (SuSE) relies on
RPMs, I explain the creation in more detail here. If you can provide similar information about other formats,
we are more than happy to include it in this document. We assume that you follow our licence terms for any
documentation you supply. Please send your docbook formatted files to the developer mailing list.
</para>
<sect2 id="rpm">
<title>Creating an RPM file</title>
<para>
One possibility to distribute the program is to use the Red-Hat Package
manager (RPM) format. In order to be able to create such a package for
&app;, you need to have a source tar-ball as described in <link
linkend="create-new-source-version">the previous chapter</link>.
</para>
<para>
The RPM system uses a directory structure which
for my system - a SuSE distribution - is located in /usr/src/packages. This
may be different on your system. The location can be configured in
/etc/rpmrc.
I will refer to this directory as the 'RPM base directory' in the remainder
of this document.
</para>
<para>
The RPM base directory has a set of subdirectories. They all serve a
specific purpose. For us, the directories SOURCES, SPECS, SRPMS and RPMS
are important. RPMS is further divided into directories for specific
CPU architectures (e.g. i386, i486, ppc, etc.). In the remainder of this
document, I will use the names of these directories without mentioning
the RPM base directory.
</para>
</sect2>
<sect2 id="rpm-tar-ball">
<title>Copying the tar-ball to the RPM structure</title>
<para>
The first thing that needs to be done is to copy the tar-ball to a defined
place where the RPM tool will look for it. For this purpose the SOURCES
directory is used. Move or copy your <link
linkend="create-new-source-version">tar-ball</link> to this directory.
</para>
</sect2>
<sect2 id="rpm-test-building">
<title>Test building</title>
<para>
<!-- taken from RPM Howto (start) -->
The first thing you'll probably want to do is get the source to build
cleanly without using RPM. To do this, unpack the sources, and change
the directory name to $NAME.orig. Then unpack the source again. Use
this source to build from. Go into the source directory and follow the
instructions to build it. If you have to edit things, you'll need a
patch. Once you get it to build, clean the source directory. Make sure
and remove any files that get made from a configure script. Then cd
back out of the source directory to its parent. Then you'll do
something like:
<programlisting>
<prompt>thb:~> </prompt><userinput>diff -uNr dirname.orig dirname > ../SOURCES/dirname-distroname.patch</userinput>
</programlisting>
This will create a patch for you that you can use in your spec file.
Note that the "distro-name" that you see in the patch name is just an
identifier. You might want to use something more descriptive like
"MDK9" or "RPM8" to describe why you had to make a patch. It's also
a good idea to look at the patch file you are creating before using it
to make sure no binaries were included by accident.
<!-- taken from RPM Howto (end) -->
<note>
<para>
This section has been copied from the RPM-Howto and adapted where necessary
</para>
</note>
</para>
</sect2>
<sect2 id="rpm-specfile">
<title>Setting up the SPEC file</title>
<para>
The next step is to create an RPM SPEC file for the specific distribution.
The contents may vary between distribution and that is where your knowledge
is required. An example for an RPM SPEC file is contained in appendix ??.
It will work on SuSE 8.1 directly. More details on howto setup a SPEC file
including an explanation of the various sections, commands and options is
contained in the RPM-Howto.
</para>
</sect2>
<sect2 id="rpm-build-package">
<title>Building the package</title>
<para>
Once you have the spec file it's time to try and build your package. The
usual way to do this is using the following command:
<programlisting>
<prompt>thb:~> </prompt><userinput>rpmbuild -ba kmymoney.spec</userinput>
</programlisting>
Once the command finishes successfully, you have a source RPM in SRPMS and
a binary RPM for your distribution in one of the subdirectories of RPMS.
<note>
<para>
More details about this process and a description on the available options
can be found in the RPM-Howto.
</para>
</note>
</para>
</sect2>
<sect2 id="rpm-test">
<title>Testing the package</title>
<para>
<!-- taken from RPM Howto (start) -->
Once you have a source and binary rpm for your package, you need to
test it. The easiest and best way is to use a totally different
machine from the one you are building on to test. After all, you've
just done a lot of make install's on your own machine, so it should be
installed fairly well.
</para>
<para>
You can do an rpm -e packagename on the package to test, but that can
be deceiving because in building the package, you did a make install.
If you left something out of your file list, it will not get
uninstalled. You'll then reinstall the binary package and your system
will be complete again, but your rpm still isn't. Make sure and keep
in mind that just because you do a rpm -ba package, most people
installing your package will just be doing the rpm -i package. Make
sure you don't do anything in the build or install sections that will
need to be done when the binaries are installed by themselves.
<!-- taken from RPM Howto (end) -->
<note>
<para>
This section has been copied from the RPM-Howto and adapted where necessary
</para>
</note>
</para>
</sect2>
<sect2 id="rpm-sign">
<title>Signing the package</title>
<para>
Once you are confident with the RPM package, it is a good idea to sign it
with your secret &GPG; key before you distribute it. Signing the package
allows any recipient of the package to verify that it has not been altered
by an unauthorized party.
</para>
<para>
Signing will create a
separate file that contains the electronic signature for the RPM file.
In order to allow any
recipient to verify the signature, two things have to be kept in mind:
<itemizedlist>
<listitem>
<para>Always distribute both files together</para>
</listitem>
<listitem>
<para>
Make your public key available on e.g.
<ulink url="http://www.keyserver.net/">http://www.keyserver.net</ulink>.
</para></listitem>
</itemizedlist>
The following example shows the command sequence necessary to create an
ASCII armored signature.
</para>
<para>
<programlisting>
<prompt>thb:~> </prompt><userinput>gpg -b -a kmymoney2-0.5.1-1.i386.rpm</userinput>
You need a passphrase to unlock the secret key for
user: "Thomas Baumgart <[email protected]>"
1024-bit DSA key, ID B75DD3BA, created 2001-06-23
Enter passphrase: <userinput>I WON'T TELL YOU MY PASSPHRASE ;-)</userinput>
<prompt>thb:~> </prompt><userinput></userinput>
</programlisting>
</para>
<para>
Once you have entered the correct passphrase the signature file will be
created under the name kmymoney2-0.5.1-1.i386.rpm.asc. As an example, I
include it here. <command>THIS IS NOT THE REAL SIGNATURE, EVEN IF IT LOOKS LIKE
IT</command>.
</para>
<para>
<programlisting>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQA+E1DInFnbQLdd07oRAmFQAKDV0I9nzxGEIh1Mx/tzoZ4J3Iyt6gCfTXl1
LrISXXgD6xELWZlO+NsWbLw=
=qJIP
-----END PGP SIGNATURE-----
</programlisting>
</para>
<para>
These two files, the RPM and the signature, should be distributed to
the public. The receiver of these
two files can now verify if the RPM file is the one you signed or has been
modified. Therefor, he needs your public key which he gets from one of the
public key servers (e.g. <ulink
url="http://www.keyserver.net/">http://www.keyserver.net</ulink>) into his
keyring. The verification is performed using &GPG; as the following example
shows:
</para>
<para>
<programlisting>
<prompt>thb:~> </prompt><userinput>gpg --verify kmymoney2-0.5.1-1.i386.rpm.asc</userinput>
gpg: Signature made Wed 01 Jan 2003 09:16:37 PM CET using DSA key ID B75DD3BA
gpg: Good signature from "Thomas Baumgart <[email protected]>"
<prompt>thb:~> </prompt><userinput></userinput>
</programlisting>
<note>
<para>
Besides signing the RPM package, the SRPM (Source-RPM) package should be
signed as well.
</para>
</note>
</para>
</sect2>
</sect1>
</chapter>
|