From Fedora Project Wiki

(Remove reference to the deprecated fedrepo-req tool)
(223 intermediate revisions by 74 users not shown)
Line 1: Line 1:
{{autolang|base=yes}}
= Contributing roles =
{{admon/tip|Contributing roles|These are only suggestions for contributing roles. Only your imagination sets the limits. }}
{|class="nobordersplz"
|-
|
[[Image:Join_OSDeveloper.png]]<BR>
[[Join#OS_Developer|OS Developer]]
|}
= How to join the Fedora Package Collection Maintainers? =
= How to join the Fedora Package Collection Maintainers? =


So, you've decided to become a package maintainer in the Fedora Project?  This guide will lead you through your first package submission.
So, you have decided to become a package maintainer in the Fedora Project?  This guide will lead you through your first package submission.
 


[[file:fedora-submit-package.png|750x214px]]


== Becoming a Fedora Package Collection Maintainer ==
== Becoming a Fedora Package Collection Maintainer ==
Line 9: Line 21:
=== Read the Guidelines ===
=== Read the Guidelines ===


Read the [[Packaging/Guidelines|  Packaging Guidelines]]  and [[Packaging/NamingGuidelines|  Package Naming Guidelines]] .
If you don't know how to create an RPM package, refer to the tutorial at [[How_to_create_a_GNU_Hello_RPM_package]] or the more advanced and much more detailed [[how to create an RPM package]].


You need to be thoroughly familiar with these.  They govern all package submissions.  If you have questions, ask on the [https://www.redhat.com/mailman/listinfo/fedora-packaging Fedora Packaging List] .
Read the [[Packaging:Guidelines|  Packaging Guidelines]] and [[Packaging:NamingGuidelines|  Package Naming Guidelines]] .
 
You need to be thoroughly familiar with these.  They govern all package submissions.  If you have questions, ask on the Fedora {{fplist|packaging}} List.


=== Create a Bugzilla Account ===
=== Create a Bugzilla Account ===
Line 17: Line 31:
Make sure you have an account in [https://bugzilla.redhat.com/ Red Hat Bugzilla] .
Make sure you have an account in [https://bugzilla.redhat.com/ Red Hat Bugzilla] .


The email address that you use for your bugzilla account should be the same email address as you use for all things related to Fedora Packaging.
The email address that you use for your Bugzilla account should be the same email address as you use in the [[#Get_a_Fedora_Account| Fedora Account System]] for all things related to Fedora Packaging.
 
{{admon/important|Do not use your @fedoraproject.org address if you already have one.|You should not use your @fedoraproject.org email address in Bugzilla, because you will not get your Bugzilla privileges once you are sponsored. If you want to use your @fedoraproject.org address, you might try to request at the [https://fedorahosted.org/fedora-infrastructure/ Fedora Infrastructure Ticket System] for an administrator to manually override the Bugzilla address connected with your Fedora Account.}}
 
{{Anchor|GetAFedoraAccount}}
=== Create a Fedora Account ===
 
Create an account in the [[Infrastructure/AccountSystem |Fedora Account System]] (this is ''not'' the same as the Bugzilla account)
 
# Visit the account system home: https://admin.fedoraproject.org/accounts/
# Click on 'New account' and fill in the blanks.  Note that the email you give should be the same as the one you gave Bugzilla.  This allows the system to link privileges between the two accounts.
# After you create your account, please be sure to sign the CLA (if you click on the "My Account" link in the top right, you should see CLA: CLA Done).
# You will also need to upload a public RSA SSH key. You need to use the matching private key to access Fedora machines via SSH.  You can read more about this [[Cryptography | here]].


=== Join the important Mailing Lists ===
=== Join the important Mailing Lists ===


You must join the [https://www.redhat.com/mailman/listinfo/fedora-devel-announce fedora-devel-announce@redhat.com]  mailing list. It is a low traffic announcements only list, where important development information is posted.
You must join the fedora {{fplist|devel-announce}} mailing list. It is a low traffic announcements only list, where important development information is posted.
 
You can join the fedora {{fplist|devel}} mailing list, where discussions about the development of Fedora are held. This is a high traffic mailing list.
 
You can also consider joining the {{fplist|package-announce}} mailing list -- The commits mailing list gets notifications on all commits in any package in the Fedora repository. This is a very high traffic mailing list. The Fedora package database sends commit mails for packages you (co-)maintain.
 
Another mailing list you might consider (at least to view the archives) is {{fplist|packaging}}. This is the mailing list of the [[Packaging/Committee | Fedora Packaging Committee]], who determine the official packaging guidelines for Fedora projects.
 
=== Ensure the software you wish to package is suitable ===
 
{{admon/note||Note that there's other methods for getting sponsored into the packager group than submitting a new package.  check the [[How_to_get_sponsored_into_the_packager_group| How to get sponsored page]] for more info.}}


You can join the [https://www.redhat.com/mailman/listinfo/fedora-devel-list fedora-devel-list@redhat.com]  mailing list, where discussions about the development of Fedora are held. This is a high traffic mailing list.
The package you are submitting can be of any free and open source project that is not already packaged in Fedora. Before creating your package, make sure that the software is not already in the Fedora repository, or waiting for review.


You can also consider joining the [https://www.redhat.com/mailman/listinfo/fedora-extras-commits fedora-extras-commits@redhat.com] mailing list -- The commits mailing list gets notifications on all commits in any package in the Fedora repository. This is a very high traffic mailing list. The Fedora package database sends commit mails for packages you (co-)maintain.
* Search the [https://apps.fedoraproject.org/packages/ Fedora packages] for packages already in the repository.
* Search in the [http://fedoraproject.org/PackageReviewStatus/ Review Tracker] for packages under review.
* Also check the [[Deprecated_packages | deprecated packages]] list.
* Be aware of [[forbidden items]].
 
=== Understand your responsibilities ===
 
Software components included in Fedora need to be maintained actively, and bugs - especially security issues - need to be fixed in a timely manner. As a Fedora package maintainer,  it is your primary [[Package_maintainer_responsibilities | responsibility]] to ensure this.  We encourage you to get [[Policy_for_encouraging_comaintainers_of_packages | co-maintainers]] and seek the help of the Fedora community via the development mailing list whenever needed.


=== Read Other Submissions ===
=== Read Other Submissions ===
Line 31: Line 74:
Read some other package submissions to learn about packaging and gain familiarity with the process and requirements.
Read some other package submissions to learn about packaging and gain familiarity with the process and requirements.


One way of doing this is to join the [http://www.redhat.com/mailman/listinfo/fedora-package-review  fedora-package-review@redhat.com mailing list] ;
One way of doing this is to join the {{fplist|package-review}} mailing list;All comments on Fedora package reviews are sent to this (read-only from your point of view) list.
all comments on Fedora package reviews are sent to this (read-only) list.


=== Make a Package ===
=== Configure Your Git ===
 
First thing to do when you set up Fedora packaging is to configure your user name and email address for Git. These are linked in each commit you do to Fedora packages.


You should make sure that it is a new package. The package you are submitting can be of any Free and open source project that is not already packaged in Fedora. You can find a list of existing packages in Fedora Package Collection in the [https://admin.fedoraproject.org/pkgdb/packages/ Fedora Package Database] . Please check also the [wiki:Self:PackageMaintainers/InProgressReviewRequests list of packages, that are currently reviewed]  and the [wiki:Self:PackageMaintainers/RetiredPackages list of retired packages] .
<pre>
git config --global user.name "John Doe"
git config --global user.email johndoe@example.com
</pre>


* Make sure that your package meets the [[Packaging/Guidelines|  Packaging Guidelines]]  and [[Packaging/NamingGuidelines|  PackageNamingGuidelines]] .
=== Install the developer client tools ===
* Be aware of ForbiddenItems and [[Packaging/ReviewGuidelines| Package Review Guidelines]]  (they will be used during the package review).


=== Upload Your Package ===
To build Packages for the Fedora Collection or [[EPEL]] in the Fedora build system you need [[Using_the_Koji_build_system|Koji]].


Upload your SRPM and SPEC files onto the Internet somewhere. This can be anywhere accessible by a URL.
The {{package|fedora-packager}} package provides tools to help you setup and work with fedora; it will bring in everything necessary for general packaging work.  Run the following as root:
  dnf install fedora-packager


{{Anchor|CreateYourReviewRequest}}
After installation set your Fedora Account System username in {{filename|~/.fedora.upn}} (do this as your normal user, not root).  You can do this via:
=== Create Your Review Request ===
echo "yourfasid" > ~/.fedora.upn
(replacing "''yourfasid''", of course.)


Fill out this form:
{{admon/tip|Kerberos|You will need to have a Kerberos ticket in order to use Koji. To get a ticket, use the following command in a Terminal: "kinit yourfasid@FEDORAPROJECT.ORG". The domain is case-sensitive, so keep FEDORAPROJECT.ORG upper case.}}


{| border="1"
You can now use "koji" to try to build your RPM packages in the Fedora build system, even on platforms or Fedora versions you don't have.  Note that you can (and definitely should) test out builds ("scratch" builds) even before your package has been approved and you have been sponsored.  A simple way to do a scratch build using koji is to do this at the command line:
|-
koji build --scratch TARGET path_to_source_RPM
| https://bugzilla.redhat.com/bugzilla/enter_bug.cgi?product=Fedora&format=extras-review
Where:
|}
* TARGET is a distribution keyword such as f25 (for Fedora 25).  You can run "koji list-targets" to see all targets.  To build for the next release (rawhide), ''don't'' use "dist-rawhide" - use "fX" where X is one more than the latest stable or branched release.
* Note that you need to supply the ''path'' to the source RPM (which ends in .src.rpm), and '''not''' a URL. (If you only have the spec file, use <code>rpmbuild --nodeps -bs SPECFILE</code> to create the new source RPM).


* Make sure that you put the '''name of the package''' (excluding version and release numbers) in the '<code>Review Summary</code>' field, along with a very '''brief summary''' of what the package is.
Your koji builds can only depend on packages that are actually in the TARGET distribution repository.  Thus, you can't use koji to build for released distributions if your package depends on other new packages that  [[Bodhi | Bodhi]] hasn't released yet.  You ''can'' use koji to build for rawhide (the next unreleased version), even if it depends on other new packages, as long as the other packages were built for the "rawhide" as described below.  If you need to build against a package that is not yet a stable released
* Put a '''description''' of your package (usually, this can be the same thing as what you put in the spec %description) in the '<code>Review Description</code>' field.  Include the '''URLs''' to your '''SRPM''' and '''SPEC''' files. Also, explain that this is your first package and you need a sponsor.
update, you can file a ticket with rel-eng at: https://fedorahosted.org/rel-eng/newticket and request that that package be
added as a buildroot override. For packages in EPEL, you have to use the component ''epel'' to get the request to the right persons.


{| border="1"
You can learn more about koji via:
|-
koji --help            # General help
| {{Template:Caution}} Make sure that you mention in the '<code>Review Description</code>' field that this is your first package, and you are seeking a sponsor. In Fedora Package Collection, all new contributors must be sponsored. Some potential sponsors will look at the [https://bugzilla.redhat.com/bugzilla/showdependencytree.cgi?id=FE-NEEDSPONSOR FE-NEEDSPONSOR] bug in bugzilla to find packages to review. You can add your package to this list by editing your review request bug and adding <code>FE-NEEDSPONSOR</code> in the '<code>Bug </code>''xyz''<code> blocks</code>' field (where ''xyz'' is the bug number for your review request).
koji --help-commands  # list of koji commands
|}
  koji COMMAND --help    # help on command COMMAND


The review process is described in detail on the [[PackageReviewProcess| Package Review Process]] page.
[[Using the Koji build system]] has more information about using Koji.


{{Anchor|WatchForFeedback}}
=== Make a Package ===
=== Watch for Feedback ===


Watch the Bugzilla report for your first package. You should get notifications of changes by email. Fix any blockers that the reviewer(s) point out.
* If you don't know how to create an RPM package, see the [[How to create an RPM package]].
* Make sure that your package meets the [[Packaging:Guidelines|  Packaging Guidelines]]  and [[Packaging:NamingGuidelines|  PackageNamingGuidelines]] .
* Be aware of the [[Packaging:ReviewGuidelines| Package Review Guidelines]]  (they will be used during the package review).
* Make sure your package builds.  This is surprisingly important, because a significant number of submissions don't.


{{Anchor|GetAFedoraAccount}}
=== Upload Your Package ===
=== Get a Fedora Account ===


Create an account in the [[Infrastructure/AccountSystem| Fedora Account System]]
Upload your SRPM and SPEC files onto the Internet somewhere so that others can retrieve them. This can be anywhere accessible by a URL, but it is important that the files be directly accessible, not hidden behind some service that makes people wait to download things or redirects through advertising pages.
1. Visit the account system home:


{| border="1"
If you want to make ad-hoc builds available for users while you are getting the package into the official repositories, consider using [https://copr.fedorainfracloud.org Copr].  It is a light weight automated build system that can create repositories using the SRPM you upload. You can use this Copr space to point reviewers to your src.rpm and spec.
|-
| https://admin.fedoraproject.org/accounts/
|}


1. Click on 'New account' and fill in the blanks.
{{Anchor|CreateYourReviewRequest}}


1. After you create your account, please be sure to sign the CLA (if you click on the "My Account" link in the top right, you should see CLA: CLA Done)
=== Create Your Review Request ===


Note: Red Hat employees should apply for <code>cla_redhat</code> instead. From the Account System, Apply for a New Group, put <code>cla_redhat</code> in the group field, and click Apply. Then ask TomCallaway to approve you.
Fill out this form: https://bugzilla.redhat.com/bugzilla/enter_bug.cgi?product=Fedora&format=fedora-review.


1. Once you get email confirmation that your account has been created and you're a member of the <code>cla_done</code> group, return to edit your account:
* Before submitting your request, be sure there’s not a previous request for the same package. There is a convenient search box on the [http://fedoraproject.org/PackageReviewStatus/ package review status page].
* Make sure that you put the '''name of the package''' (excluding version and release numbers) in the '<code>Review Summary</code>' field, along with a very '''brief summary''' of what the package is.
* Put a '''description''' of your package (usually, this can be the same thing as what you put in the spec %description) in the '<code>Review Description</code>' field.  Include the '''URLs''' to your '''SRPM''' and '''SPEC''' files.
* Explain in the ticket that this is your first package and you need a sponsor.  Also include any information that may help prospective sponsors.  If you've been active in other review work, include links.  If you're the upstream maintainer, be sure to say so.
* For bonus points, include a link to a successful koji build so that everyone knows you did all of your homework.


{| border="1"
{{Admon/warning | Make sure that you mention in the '<code>Review Description</code>' field that this is your first package, and you are seeking a sponsor. In Fedora Package Collection, all new contributors must be sponsored. Some potential sponsors will look at the [https://bugzilla.redhat.com/bugzilla/showdependencytree.cgi?id&#61;FE-NEEDSPONSOR FE-NEEDSPONSOR]  bug in Bugzilla to find packages to review. You can add your package to this list by editing your review request bug (which will be created once you click 'Commit' on the form) and adding <code>FE-NEEDSPONSOR</code> in the '<code>Blocks</code>' field.}}
|-
 
| https://admin.fedoraproject.org/accounts/group/list?search=cvsextras*
The review process is described in detail on the [[Package Review Process| Package Review Process]]  page.
|}


a. In the table, look for the <code>cvsextras</code> group, and click <code>Apply</code> under Status.
{{Anchor|WatchForFeedback}}
a. Once this is done, your account will show up as "pending" to all of the Fedora Package Collection sponsors (who will receive an email).
a. When you are sponsored, you will be automatically added/approved to the fedorabugs group as well.  This will allow you to make changes to the state of bugs in Bugzilla, which is what you'll need to do to get them checked in.  It will also allow you to do complete package reviews, including approving packages yourself!


{{Anchor|GetSponsored}}
=== Inform Upstream ===
=== Get Sponsored ===


When the package is APPROVED by the reviewer, you must separately obtain member sponsorship in order to check in and build your package. Sponsorship is not automatic and may require that you further participate in other ways in order to demonstrate your understanding of the packaging guidelines. Key to becoming sponsored is to convince an existing sponsor-level member that you understand and follow the project's guidelines and processes.
Fedora as a project prefers to [[Staying_close_to_upstream_projects | stay close to upstream]]. Inform the developers that you are packaging the software. You can do that by sending them an email introducing yourself and pointing out the review request. This sets up the stage for future conversations. They will usually advertise the fact that their software is now part of Fedora or might want to inform you of important bugs in the existing release, future roadmaps etc.


See ["PackageMaintainers/HowToGetSponsored"]  for more information on the process of becoming sponsored.
=== Introduce yourself ===


{| border="1"
When a new package maintainer joins the Fedora Project, we request that he/she introduces themselves on the Fedora {{fplist|devel}} mailing list. To sign up for the list, visit the {{fplist|devel}} list's signup page. The primary purpose of this is to begin the process of building trust by allowing the Fedora community members to get to know you a bit more and increase the chances of your review request being processed sooner.  
|-
| {{Template:Caution}} First reviews for new packagers '''must''' be done by registered sponsors. Informal reviews can be done by anyone interested.
|}


1.Your sponsor can approve your request and move you from "pending" to "sponsored". You should receive email confirmation of your sponsorship.
We want to break anonymity and foster real-world community within the project. You are under no obligation to reveal personal secrets. The objective is to establish a level of trust with yourself and the other members of the project. But you should at least use your real name when communicating with us. Also a brief description of who you are, your motivations and perhaps a description of the software you have submitted for review is advisable.


1. Generate a client side certificate:
<pre>


{| border="1"
Subject: Self Introduction:  <Your name>
|-
| https://admin.fedoraproject.org/accounts/user/gencert
|}


Place the file in <code>~/.fedora.cert</code>, where the Fedora CVS configuration will look for it by default.
Body:  Add any information you believe is applicable
including past experience in free and open source projects,  
a link to the review request you have filed and
a brief description of yourself. You can also post
your GPG key information if you want to.


You'll also need two more certs: The certificate for the Certificate Authority used to sign the user keys (that's available from [https://admin.fedoraproject.org/accounts/fedora-upload-ca.cert fedora-upload-ca.cert]  save that as <code>~/.fedora-upload-ca.cert</code>) and the certificate for the Certificate Authority used to sign the buildsystem's server keys (that's available from [https://admin.fedoraproject.org/accounts/fedora-server-ca.cert fedora-server-ca.cert]  save that as <code>~/.fedora-server-ca.cert</code>)
</pre>


=== Install the Client Tools ===
=== Watch for Feedback ===
fedora-packager provides tools to help you setup and work with fedora.  to install fedora-packager run
<pre>


yum install fedora-packager
Watch the Bugzilla report for your first package. You should get notifications of changes by email. Fix any blockers that the reviewer(s) point out.


</pre>
{{Anchor|GetSponsored}}
=== Get Sponsored ===


To build Packages for Fedora ["EPEL"] , you need [[Projects/Plague| Plague]] and for Fedora 7 and later (including devel) you need [[PackageMaintainers/UsingKoji|  Koji]] .
When the package is APPROVED by the reviewer, you must separately obtain member sponsorship in order to check in and build your package. Sponsorship is not automatic and may require that you further participate in other ways in order to demonstrate your understanding of the packaging guidelines. Key to becoming sponsored is to convince an existing sponsor-level member that you understand and follow the project's guidelines and processes.


After installation as your user run fedora-packager-setup to setup your user environment.  This will get you ready to use koji.  To use plague follow [[PackageMaintainers/UsingPlagueClientFaq|  Plague]] instructions.
See [[how to get sponsored into the packager group]] for more information on the process of becoming sponsored.


* This is important. Without this, you won't be able to request package builds.
Your sponsor can add you to the packager group. You should receive email confirmation of your sponsorship.


To checkout from cvs run fedora-cvs <module names seperated by spaces> for example
=== Add Package to Source Code Management (SCM) system and Set Owner ===
<pre>
fedora-cvs konversation mysql-gui-tools snort
</pre>


{| border="1"
Before proceeding, please sync your account by login on https://src.fedoraproject.org/ using your FAS credentials.
|-
| {{Template:Tip}} Running <code>ssh-add</code> before doing any cvs operations is a very good idea. It will save you from having to type your key password for every operation. You only have to run ssh-add once per session, it will remember it until you log out or reboot.
|}


=== Add Package to CVS and Set Owner ===
If you are becoming a maintainer for a new package, instead of being a co-maintainer, use [https://pagure.io/fedpkg fedpkg] to request a new git repository for your package. The sub-command is "fedpkg request-repo" which includes help text for setting up the Pagure API token the command requires. You must specify the repository name using the "--module-name" flag. For example: "fedpkg --module-name python-prometheus_client request-repo 1590452".


Follow [[PackageMaintainers/CVSAdminProcedure | CVSAdminProcedure]] to get a CVS module for your new package and branches for recent releases.
The request will be reviewed and processed by an admin, usually within 24 hours. Once the ticket is processed, you will have access to commit and build the package.


This will be used to set up the proper records in the owners database, which is used for access to build the package, bugzilla population, and other features.  This step creates a CVS module for your new package, with empty directories for each requested distribution.
=== Check out the module ===


=== Import Your Package ===
You ''could'' check out your module now, but before doing that, consider doing <code>mkdir ~/fedora-scm ; cd ~/fedora-scm</code> - that way, all your files are inside a single directory.  Also, run <code>ssh-add</code>, so that you won't have to keep typing in your key password.


Use cvs to check out your now empty package module:
{{Admon/tip | Running <code>ssh-add</code> before doing any SCM operations is a very good idea. It will save you from having to type your key password for every operation. You only have to run <code>ssh-add</code> once per session, it will remember it until you log out or reboot. If <code>ssh-add</code> reports "Could not open a connection to your authentication agent.", start a new shell under it using <code>exec ssh-agent bash</code>.}}


Now you are ready to checkout your module from the SCM:
<pre>
<pre>
fedora-cvs packagename
fedpkg clone <packagename>
</pre>
</pre>


~-It might not be a bad idea to make a "cvs" directory, then check out your files inside of that.-~
Where <code><packagename></code> should be replaced with the name of your package.


{| border="1"
{{Admon/caution | If this step fails, be sure your private ssh key (<code>~/.ssh/id_rsa</code>) mode is set to 0400. You might have to wait for up to an hour after your request for a new git module has been approved to get write access. Make sure your public key is the same as in the [[Account_System|Fedora Account System]] (FAS). Key propagation may take an hour or so after uploading into FAS.}}
|-
 
| {{Template:Warning}} If this step fails, be sure your private ssh key (<code>~/.ssh/id_rsa</code>) mode is set to 0400. You might have to wait for up to an hour after your request for a new CVS module has been approved to get write access. Make sure your public key is the same as in the Fedora Accounts system.
{{Admon/important| Note that fedpkg does not set the user config for your new git repo automatically. Make sure to have these set globally or locally in your new repo before you do your first commit (see [[Git_Quickref#Configure_your_global_git_settings|Configure your global git settings]]).}}
|}
{{Admon/important| Note: If you are not a member of the fedora packager group, you will receive a "permission denied" error. Use the <code>-a</code> flag to clone anonymously. }}


After you have checked out your module, find the common/cvs-import.sh script and run:
===  Test Your Package ===


<pre>
Refer to [[Using_Mock_to_test_package_builds]] and [[Using_the_Koji_build_system#Scratch_Builds]] for more information on testing your package. Mock uses your local system while Koji command line tool uses the Fedora build system server.
./common/cvs-import.sh <nameofyour.src.rpm>
</pre>


~-Obviously, replace <code><nameofyour.src.rpm></code> with the full path to your approved SRPM.-~
=== Import, commit, and build your package ===


This imports into only the '''devel''' branch. You will want to use the -b parameter in order to import into other distribution branches like '''FC-6'''.
Now that you've checked out your (empty) package module with fedpkg,
cd into the module's master branch:
  cd <packagename>
Run fedpkg to import the contents of the SRPM into the SCM:
fedpkg import PATH_TO_SRPM


=== Checkout the module ===
# Review Changes, press 'q' to stop; Revert with: git reset --hard HEAD
git commit -m "Initial import (#XXXXXX)."
git push
fedpkg build


You are ready to checkout your module from CVS:
Obviously, replace <code>PATH_TO_SRPM</code> with the full path (not URL) to your approved SRPM, and <code>XXXXXX</code> with the package review bug number.


<pre>
This imports into, commits, and builds only the '''master''' ([[Releases/Rawhide|Rawhide]])  branch. 
fedora-cvs <packagename>
</pre>


~-Where <code><packagename></code> should be replaced with the name of your package.-~
If the push fails with this kind of message:
W access for why DENIED to YOUR_ACCOUNT
fatal: The remote end hung up unexpectedly
Could not push: Command '['git', 'push']' returned non-zero exit status 128
Then you don't have the necessary rights to modify that package branch;
view https://src.fedoraproject.org/rpms/PACKAGE_NAME
to request those rights.


You should now have a directory named after your package with a directory for each branch inside of it.
For more information on using the Fedora package maintenance system, see the [[Package maintenance guide]].


=== Tag Your Branches ===
=== Update Your Branches (if desired) ===


Branches are <code>FC-</code>#, <code>devel</code>, etc.
Branches are <code>f</code># (formerly <code>F-</code># and before that <code>FC-</code>#), <code>master</code>, etc.  So ''f{{FedoraVersion}}'' is the branch for Fedora {{FedoraVersion}}.


Before a branch can be built in the Fedora Package build system, the files in that branch must be tagged in CVS. When you're happy with the source, go into the branch directory (e.g. <code>cd devel/</code>) and run:
To switch to a branch first:
fedpkg switch-branch BRANCH (e.g. f{{FedoraVersion}})


<pre>
Merge the initial commit from master, creating an identical commit in the branch:
make tag
git merge master
</pre>


You should see it tag the branch with the version and release from the SPEC file. You need to tag all of the branches that you want to build.
Push the changes to the server:
git push


=== Request Builds ===
Build the package:
fedpkg build


For each tagged branch that you'd like to request a build for, go into the branch directory (e.g. <code>cd devel/</code>) and run:
If there is another branch to work with repeat "To switch to a branch" and import and commit to each branch.


<pre>
{{Admon/warning | Be sure that you build for rawhide (master) branch before pushing updates for any other branches! Otherwise, those updates will get inherited into rawhide, which is almost certainly not what you want.}}
make build
{{Admon/warning | Sync to buildsys is an hourly thing. So, sometimes you might have to wait for an hour to get access of the build server to give "fedpkg build".}}
</pre>
{| border="1"
|-
| {{Template:Caution}} Sync to buildsys is a daily thing. So, sometimes you might have to wait for a day to get access of the build server to give "make build"
|}
If everything goes well, it should queue up your branch for building, the package will cleanly build, and you're done!
If everything goes well, it should queue up your branch for building, the package will cleanly build, and you're done!


If it fails to build, the build system will send you an email to report the failure and show you to the logs. Commit any needed changes to cvs, bump the SPEC release number, retag the branch, and request a new build.
If it fails to build, the build system will send you an email to report the failure and show you to the logs. Commit any needed changes to git, bump the SPEC release number, and request a new build.


=== Submit Package as Update in Bodhi ===
=== Submit Package as Update in Bodhi ===


Use [https://admin.fedoraproject.org/updates/new/ the Web interface for Bodhi] to request enhancement updates for each released Fedora you are bringing a new package to.
The Fedora update system called [[Bodhi]] is used for pushing updates, classifying packages etc. Do not submit Rawhide (master branch) builds via Bodhi.


The first field asks for the name of the "Package". This field will auto-complete the package name found in the Koji build system, e.g. <package-name>-<version>-<release>.fc9. If completion doesn't work, just enter the package build name yourself.
You can push an update using Bodhi via the command line using this in each branch:
fedpkg update


For new packages, choose "enhancement" as the "type" of update.
See the [[Package_update_HOWTO|update submission guide]] for more details.


Put the "Request" as "testing" if you want to put the package through testing first, see [[QA|  Fedora Quality Assurance]] . Put "stable" if you want to push the package directly to stable.
=== Make the package available in "comps" files ===


Put the bug number of the package's Review Request in the "Bugs" field blank. Bodhi will automatically close it as NEXTRELEASE when it gets pushed to the requested update status.
If appropriate for the package, make it available in "comps" files so that it can be selected during installation and included in dnf's|yum's package group operations. See [[PackageMaintainers/CompsXml|How to use and edit comps.xml for package groups]] for more info.


For new packages, add a copy of the package's description in the "Notes" section, so end users will know what the package is.
=== Watch for updates ===


[[Infrastructure/UpdatesSystem/Bodhi-info-DRAFT|  More information on Bodhi]] .
Fedora has infrastructure available for monitoring new upstream releases of the software you are packaging. Refer to [[Upstream Release Monitoring]] for more details.


== Getting Help  ==
== Getting Help  ==


We know that this process can be as clear as mud sometimes, and we're always trying to make it better. If you run into any problems, or have any questions, please ask on the [https://www.redhat.com/mailman/listinfo/fedora-devel-list fedora-devel-list]  mailing list or in #fedora-devel on [http://freenode.net/ freenode] . See the ["Communicate"]  page for details.
We know that this process can be as clear as mud sometimes, and we're always trying to make it better. If you run into any problems, or have any questions, please ask on the {{fplist|devel}} mailing list or in {{fpchat|#fedora-devel}} on freenode.net.


The Fedora Mentors Project has people willing to help new contributors in their packaging efforts. See the ["Mentors"] page for more information.
== Getting a new package into Fedora Package Collection for existing maintainers ==


There is also a helpful CVS FAQ here: ["PackageMaintainers/UsingCvsFaq"]  
If you already maintain a package in Fedora and want to maintain another, follow the [[new package process for existing contributors]] .


== Getting a new package into Fedora Package Collection for existing maintainers  ==
= One-off contributions =
 
Changes to [https://src.fedoraproject.org/browse/projects/ existing packages] can be suggested by submitting [https://docs.pagure.org/pagure/usage/pull_requests.html pull requests].
You must have a [[Join_the_package_collection_maintainers#Create_a_Fedora_Account|Fedora account]] to create a pull request.
 
If [https://pagure.io/fedora-infrastructure/issue/6361 your account is not in the 'packager' group, you cannot push changes to forks on src.fedoraproject.org] so you must use an external Git hosting platform (e.g. https://pagure.io/new) and use [https://docs.pagure.org/pagure/usage/pull_requests.html#remote-git-to-pagure-pull-request remote pull-requests].


If you already maintain a package in Fedora and want to maintain another, follow the [[PackageMaintainers/NewPackageProcess|  new package process]] .
[[Category:Package Maintainers]] [[Category:Join]]

Revision as of 17:38, 13 June 2018

Contributing roles

Idea.png
Contributing roles
These are only suggestions for contributing roles. Only your imagination sets the limits.

Join OSDeveloper.png
OS Developer

How to join the Fedora Package Collection Maintainers?

So, you have decided to become a package maintainer in the Fedora Project? This guide will lead you through your first package submission.

Fedora-submit-package.png

Becoming a Fedora Package Collection Maintainer

Read the Guidelines

If you don't know how to create an RPM package, refer to the tutorial at How_to_create_a_GNU_Hello_RPM_package or the more advanced and much more detailed how to create an RPM package.

Read the Packaging Guidelines and Package Naming Guidelines .

You need to be thoroughly familiar with these. They govern all package submissions. If you have questions, ask on the Fedora packaging List.

Create a Bugzilla Account

Make sure you have an account in Red Hat Bugzilla .

The email address that you use for your Bugzilla account should be the same email address as you use in the Fedora Account System for all things related to Fedora Packaging.

Important.png
Do not use your @fedoraproject.org address if you already have one.
You should not use your @fedoraproject.org email address in Bugzilla, because you will not get your Bugzilla privileges once you are sponsored. If you want to use your @fedoraproject.org address, you might try to request at the Fedora Infrastructure Ticket System for an administrator to manually override the Bugzilla address connected with your Fedora Account.

Create a Fedora Account

Create an account in the Fedora Account System (this is not the same as the Bugzilla account)

  1. Visit the account system home: https://admin.fedoraproject.org/accounts/
  2. Click on 'New account' and fill in the blanks. Note that the email you give should be the same as the one you gave Bugzilla. This allows the system to link privileges between the two accounts.
  3. After you create your account, please be sure to sign the CLA (if you click on the "My Account" link in the top right, you should see CLA: CLA Done).
  4. You will also need to upload a public RSA SSH key. You need to use the matching private key to access Fedora machines via SSH. You can read more about this here.

Join the important Mailing Lists

You must join the fedora devel-announce mailing list. It is a low traffic announcements only list, where important development information is posted.

You can join the fedora devel mailing list, where discussions about the development of Fedora are held. This is a high traffic mailing list.

You can also consider joining the package-announce mailing list -- The commits mailing list gets notifications on all commits in any package in the Fedora repository. This is a very high traffic mailing list. The Fedora package database sends commit mails for packages you (co-)maintain.

Another mailing list you might consider (at least to view the archives) is packaging. This is the mailing list of the Fedora Packaging Committee, who determine the official packaging guidelines for Fedora projects.

Ensure the software you wish to package is suitable

Note.png
Note that there's other methods for getting sponsored into the packager group than submitting a new package. check the How to get sponsored page for more info.

The package you are submitting can be of any free and open source project that is not already packaged in Fedora. Before creating your package, make sure that the software is not already in the Fedora repository, or waiting for review.

Understand your responsibilities

Software components included in Fedora need to be maintained actively, and bugs - especially security issues - need to be fixed in a timely manner. As a Fedora package maintainer, it is your primary responsibility to ensure this. We encourage you to get co-maintainers and seek the help of the Fedora community via the development mailing list whenever needed.

Read Other Submissions

Read some other package submissions to learn about packaging and gain familiarity with the process and requirements.

One way of doing this is to join the package-review mailing list;All comments on Fedora package reviews are sent to this (read-only from your point of view) list.

Configure Your Git

First thing to do when you set up Fedora packaging is to configure your user name and email address for Git. These are linked in each commit you do to Fedora packages.

git config --global user.name "John Doe"
git config --global user.email johndoe@example.com

Install the developer client tools

To build Packages for the Fedora Collection or EPEL in the Fedora build system you need Koji.

The Package-x-generic-16.pngfedora-packager package provides tools to help you setup and work with fedora; it will bring in everything necessary for general packaging work. Run the following as root:

dnf install fedora-packager

After installation set your Fedora Account System username in ~/.fedora.upn (do this as your normal user, not root). You can do this via:

echo "yourfasid" > ~/.fedora.upn

(replacing "yourfasid", of course.)

Idea.png
Kerberos
You will need to have a Kerberos ticket in order to use Koji. To get a ticket, use the following command in a Terminal: "kinit yourfasid@FEDORAPROJECT.ORG". The domain is case-sensitive, so keep FEDORAPROJECT.ORG upper case.

You can now use "koji" to try to build your RPM packages in the Fedora build system, even on platforms or Fedora versions you don't have. Note that you can (and definitely should) test out builds ("scratch" builds) even before your package has been approved and you have been sponsored. A simple way to do a scratch build using koji is to do this at the command line:

koji build --scratch TARGET path_to_source_RPM

Where:

  • TARGET is a distribution keyword such as f25 (for Fedora 25). You can run "koji list-targets" to see all targets. To build for the next release (rawhide), don't use "dist-rawhide" - use "fX" where X is one more than the latest stable or branched release.
  • Note that you need to supply the path to the source RPM (which ends in .src.rpm), and not a URL. (If you only have the spec file, use rpmbuild --nodeps -bs SPECFILE to create the new source RPM).

Your koji builds can only depend on packages that are actually in the TARGET distribution repository. Thus, you can't use koji to build for released distributions if your package depends on other new packages that Bodhi hasn't released yet. You can use koji to build for rawhide (the next unreleased version), even if it depends on other new packages, as long as the other packages were built for the "rawhide" as described below. If you need to build against a package that is not yet a stable released update, you can file a ticket with rel-eng at: https://fedorahosted.org/rel-eng/newticket and request that that package be added as a buildroot override. For packages in EPEL, you have to use the component epel to get the request to the right persons.

You can learn more about koji via:

koji --help            # General help
koji --help-commands   # list of koji commands
koji COMMAND --help    # help on command COMMAND

Using the Koji build system has more information about using Koji.

Make a Package

Upload Your Package

Upload your SRPM and SPEC files onto the Internet somewhere so that others can retrieve them. This can be anywhere accessible by a URL, but it is important that the files be directly accessible, not hidden behind some service that makes people wait to download things or redirects through advertising pages.

If you want to make ad-hoc builds available for users while you are getting the package into the official repositories, consider using Copr. It is a light weight automated build system that can create repositories using the SRPM you upload. You can use this Copr space to point reviewers to your src.rpm and spec.

Create Your Review Request

Fill out this form: https://bugzilla.redhat.com/bugzilla/enter_bug.cgi?product=Fedora&format=fedora-review.

  • Before submitting your request, be sure there’s not a previous request for the same package. There is a convenient search box on the package review status page.
  • Make sure that you put the name of the package (excluding version and release numbers) in the 'Review Summary' field, along with a very brief summary of what the package is.
  • Put a description of your package (usually, this can be the same thing as what you put in the spec %description) in the 'Review Description' field. Include the URLs to your SRPM and SPEC files.
  • Explain in the ticket that this is your first package and you need a sponsor. Also include any information that may help prospective sponsors. If you've been active in other review work, include links. If you're the upstream maintainer, be sure to say so.
  • For bonus points, include a link to a successful koji build so that everyone knows you did all of your homework.
Warning.png
Make sure that you mention in the 'Review Description' field that this is your first package, and you are seeking a sponsor. In Fedora Package Collection, all new contributors must be sponsored. Some potential sponsors will look at the FE-NEEDSPONSOR bug in Bugzilla to find packages to review. You can add your package to this list by editing your review request bug (which will be created once you click 'Commit' on the form) and adding FE-NEEDSPONSOR in the 'Blocks' field.

The review process is described in detail on the Package Review Process page.

Inform Upstream

Fedora as a project prefers to stay close to upstream. Inform the developers that you are packaging the software. You can do that by sending them an email introducing yourself and pointing out the review request. This sets up the stage for future conversations. They will usually advertise the fact that their software is now part of Fedora or might want to inform you of important bugs in the existing release, future roadmaps etc.

Introduce yourself

When a new package maintainer joins the Fedora Project, we request that he/she introduces themselves on the Fedora devel mailing list. To sign up for the list, visit the devel list's signup page. The primary purpose of this is to begin the process of building trust by allowing the Fedora community members to get to know you a bit more and increase the chances of your review request being processed sooner.

We want to break anonymity and foster real-world community within the project. You are under no obligation to reveal personal secrets. The objective is to establish a level of trust with yourself and the other members of the project. But you should at least use your real name when communicating with us. Also a brief description of who you are, your motivations and perhaps a description of the software you have submitted for review is advisable.


Subject: Self Introduction:  <Your name>

Body:  Add any information you believe is applicable 
including past experience in free and open source projects, 
a link to the review request you have filed and 
a brief description of yourself. You can also post 
your GPG key information if you want to.

Watch for Feedback

Watch the Bugzilla report for your first package. You should get notifications of changes by email. Fix any blockers that the reviewer(s) point out.

Get Sponsored

When the package is APPROVED by the reviewer, you must separately obtain member sponsorship in order to check in and build your package. Sponsorship is not automatic and may require that you further participate in other ways in order to demonstrate your understanding of the packaging guidelines. Key to becoming sponsored is to convince an existing sponsor-level member that you understand and follow the project's guidelines and processes.

See how to get sponsored into the packager group for more information on the process of becoming sponsored.

Your sponsor can add you to the packager group. You should receive email confirmation of your sponsorship.

Add Package to Source Code Management (SCM) system and Set Owner

Before proceeding, please sync your account by login on https://src.fedoraproject.org/ using your FAS credentials.

If you are becoming a maintainer for a new package, instead of being a co-maintainer, use fedpkg to request a new git repository for your package. The sub-command is "fedpkg request-repo" which includes help text for setting up the Pagure API token the command requires. You must specify the repository name using the "--module-name" flag. For example: "fedpkg --module-name python-prometheus_client request-repo 1590452".

The request will be reviewed and processed by an admin, usually within 24 hours. Once the ticket is processed, you will have access to commit and build the package.

Check out the module

You could check out your module now, but before doing that, consider doing mkdir ~/fedora-scm ; cd ~/fedora-scm - that way, all your files are inside a single directory. Also, run ssh-add, so that you won't have to keep typing in your key password.

Idea.png
Running ssh-add before doing any SCM operations is a very good idea. It will save you from having to type your key password for every operation. You only have to run ssh-add once per session, it will remember it until you log out or reboot. If ssh-add reports "Could not open a connection to your authentication agent.", start a new shell under it using exec ssh-agent bash.

Now you are ready to checkout your module from the SCM:

 fedpkg clone <packagename>

Where <packagename> should be replaced with the name of your package.

Stop (medium size).png
If this step fails, be sure your private ssh key (~/.ssh/id_rsa) mode is set to 0400. You might have to wait for up to an hour after your request for a new git module has been approved to get write access. Make sure your public key is the same as in the Fedora Account System (FAS). Key propagation may take an hour or so after uploading into FAS.
Important.png
Note that fedpkg does not set the user config for your new git repo automatically. Make sure to have these set globally or locally in your new repo before you do your first commit (see Configure your global git settings).
Important.png
Note: If you are not a member of the fedora packager group, you will receive a "permission denied" error. Use the -a flag to clone anonymously.

Test Your Package

Refer to Using_Mock_to_test_package_builds and Using_the_Koji_build_system#Scratch_Builds for more information on testing your package. Mock uses your local system while Koji command line tool uses the Fedora build system server.

Import, commit, and build your package

Now that you've checked out your (empty) package module with fedpkg, cd into the module's master branch:

cd <packagename>

Run fedpkg to import the contents of the SRPM into the SCM:

fedpkg import PATH_TO_SRPM
# Review Changes, press 'q' to stop; Revert with: git reset --hard HEAD
git commit -m "Initial import (#XXXXXX)."
git push
fedpkg build

Obviously, replace PATH_TO_SRPM with the full path (not URL) to your approved SRPM, and XXXXXX with the package review bug number.

This imports into, commits, and builds only the master (Rawhide) branch.

If the push fails with this kind of message:

W access for why DENIED to YOUR_ACCOUNT
fatal: The remote end hung up unexpectedly
Could not push: Command '['git', 'push']' returned non-zero exit status 128

Then you don't have the necessary rights to modify that package branch; view https://src.fedoraproject.org/rpms/PACKAGE_NAME to request those rights.

For more information on using the Fedora package maintenance system, see the Package maintenance guide.

Update Your Branches (if desired)

Branches are f# (formerly F-# and before that FC-#), master, etc. So f39 is the branch for Fedora 39.

To switch to a branch first:

fedpkg switch-branch BRANCH (e.g. f39)

Merge the initial commit from master, creating an identical commit in the branch:

git merge master

Push the changes to the server:

git push

Build the package:

fedpkg build

If there is another branch to work with repeat "To switch to a branch" and import and commit to each branch.

Warning.png
Be sure that you build for rawhide (master) branch before pushing updates for any other branches! Otherwise, those updates will get inherited into rawhide, which is almost certainly not what you want.
Warning.png
Sync to buildsys is an hourly thing. So, sometimes you might have to wait for an hour to get access of the build server to give "fedpkg build".

If everything goes well, it should queue up your branch for building, the package will cleanly build, and you're done!

If it fails to build, the build system will send you an email to report the failure and show you to the logs. Commit any needed changes to git, bump the SPEC release number, and request a new build.

Submit Package as Update in Bodhi

The Fedora update system called Bodhi is used for pushing updates, classifying packages etc. Do not submit Rawhide (master branch) builds via Bodhi.

You can push an update using Bodhi via the command line using this in each branch:

fedpkg update

See the update submission guide for more details.

Make the package available in "comps" files

If appropriate for the package, make it available in "comps" files so that it can be selected during installation and included in dnf's|yum's package group operations. See How to use and edit comps.xml for package groups for more info.

Watch for updates

Fedora has infrastructure available for monitoring new upstream releases of the software you are packaging. Refer to Upstream Release Monitoring for more details.

Getting Help

We know that this process can be as clear as mud sometimes, and we're always trying to make it better. If you run into any problems, or have any questions, please ask on the devel mailing list or in #fedora-devel[?] on freenode.net.

Getting a new package into Fedora Package Collection for existing maintainers

If you already maintain a package in Fedora and want to maintain another, follow the new package process for existing contributors .

One-off contributions

Changes to existing packages can be suggested by submitting pull requests. You must have a Fedora account to create a pull request.

If your account is not in the 'packager' group, you cannot push changes to forks on src.fedoraproject.org so you must use an external Git hosting platform (e.g. https://pagure.io/new) and use remote pull-requests.