From Fedora Project Wiki

翻譯中...

貢獻角色

貢獻角色
這些只是貢獻角色上的建議而已,你可以做的不只這些。只有你的想像力可以綁住你!


OS 開發者

如何成為 Fedora 軟體包集合的維護者?

哦,你已決定要成為一位 Fedora 專案中的軟體包維護者?那麼本篇指引會帶你走過第一次提交軟體包的流程。

成為一位 Fedora 軟體包集合的維護者

閱讀規約

若你還不知道如何建立 RPM 軟體包,請參考 How_to_create_a_GNU_Hello_RPM_package 教程,或是另一份更深入且有更多細節的 how to create an RPM package/zh-tw

請閱讀 打包規約 軟體包命名規約

你需要對這些規約仔細且澈底的熟悉,因為所有的軟體包都受這些規約規範。如果你有任何問題,請在 Fedora Packaging 郵遞清單上詢問。

建立 Bugzilla 帳號

請先確認你有 Red Hat Bugzilla 的帳號。

你在 bugzilla 帳號中使用的電子郵件位址應該要和你在 Fedora Account System 中使用的相同,而且任何與 Fedora 打包相關的事務都應該使用同個帳號。

如果你已經有 @fedoraproject.org 電子郵件位址,請不要使用它!
你不應該在 Bugzilla 中使用你的 @fedoraproject.org 電子郵件。如果你用了該帳號,一旦得到他人的支助後便無法取得你的 bugzilla 特別權限。如果你真的很想使用你的 @fedoraproject.org 郵件位址,你大概得向 Fedora Infrastructure Ticket System 提出申請,請管理員手動用設定凌駕與你 Fedora 帳號連結的 bugzilla 電子信箱。

建立 Fedora 帳號

Fedora Account System 中建立帳號 (這「不是」bugzilla 帳號)

  1. 請先造訪帳號系統主頁: https://admin.fedoraproject.org/accounts/
  2. 點按「New account」,並填入對應資料。注意,你給的電子郵件應該要與 bugzilla 上申請的郵件相同。這樣系統才可以將相關權力在兩帳號之間相互連接起來。
  3. 在你建立帳號之後,請確認有簽署 CLA (若您點按右上方的「My Account」連結,應該可以看到 CLA: CLA Done)。CLA 是 Contributors License Agreement,代表你身為一位貢獻者,對於本專案相關授權協議同意之書。
  4. 你也需要上傳一份公開的 RSA SSH 金鑰。你需要使用相對應的私人金鑰以透過 SSH 存取 Fedora 機器。你可以前往 此處 閱讀其他相關資料。

參與重要郵遞清單

你必須訂閱 fedora devel-announce 郵遞清單。這是個低流量的郵遞清單,僅供發布消息之用,重要的開發資訊都會張貼到這裡。

你可以訂閱 fedora devel 郵遞清單,Fedora 的主要開發討論都在這裡。這是高流量的郵遞清單。

你可以考慮訂閱 package-announce 郵遞清單 -- 本郵遞清單提供 Fedora 軟體庫中任何軟體包相關的所有提交通知。這是超高流量的郵遞清單。當你是軟體包的維護者 (或共同維護者) 時,若有提交動作,Fedora 軟體包資料庫便會寄送郵件給你。

另一個你可以考慮 (至少看看過去的封存內容) 的郵遞清單是 packaging。這是 Fedora 打包委員會 的郵遞清單,他們訂立了 Fedora 專案的官方打包規約。

確認你想要打包的軟體是否適當

請注意,除了提交新軟體包的方式之外,還可以藉由其他方式獲得打包者群組的支助。請看看 如何取得支助 了解更多相關資訊。

你打算提交的軟體包必須是 Fedora 中尚未打包的任何自由與開源軟體專案。在你建立出軟體包之前,請確認該軟體是否真的不在軟體庫中,又或者其實已經進到等候校閱的階段但尚未發布而已。

瞭解你應負的責任

Fedora 納入的軟體組件都需要勤於維護,至於臭蟲,尤其是安全性議題相關的臭蟲更需要即時修正。身為一位 Fedora 軟體包維護員,你的首要 責任 就是確保上述事情能確實施行。我們鼓勵你找一些 共同維護員 來維護軟體包,並透過開發用郵遞清單適時尋求幫助。

看看其他人提交的軟體包

看看一些其他人提交的軟體包來學習打包,並對流程與要求更熟悉。

達成此事的方式之機就是參與 package-review 郵遞論壇;所有的 Fedora 軟體包校閱評註都會一併寄送到此 (從你的角度來看應該是唯讀) 清單。

安裝客戶端工具 (Koji) 並設置你的憑證

若要為 Fedora Collection (Fedora 軟體集) 或是為 Fedora 建置系統中的 EPEL 建置軟體包,你需要採用 Koji

fedora-packager 軟體包提供一些可幫助你設置好 fedora 上相關打包工作的工具;它會幫你帶入一般打包所需的每樣必備工具。請以 root 身份執行下列指令:

yum install fedora-packager

在安裝後,請以一般使用者身份 (非 root) 執行下列指令以 設置你的憑證與與 koji 客戶端組態

fedora-packager-setup
憑證過期
這個動作所產生的憑證會在 6 個月後過期。接著你就必須再次執行 fedora-packager-setup 來申請另一個憑證。每次你申請新憑證時,舊的憑證就會變無效而無法再使用。

你現在可以使用「koji」來嘗試在 Fedora 建置系統上打造 RPM 軟體包,即使是你沒有的平臺或你沒有的 Fedora 版本,該系統都能打造出對應的軟體包。請注意,你可以 (而且絕對應該) 在軟體包被批准且被支助之前,先測試一下建置成果 (這裡指的是「scratch」建置版,也就是從最基本系統打造出的版本)。

koji build --scratch TARGET path_to_source_RPM

其中的

  • TARGET 是指散布版本關鍵字,例如 f17 (代表 Fedora 17)。你可以執行「koji list-targets」來查看所有可用的目標版本有哪些。若要為下個發行版本 (rawhide) 建置軟體包的話,請 不要 使用「dist-rawhide」 - 請改用「fX」,此處的 X 是代表最新穩定版再下一版,或是分支後的發行版。
  • 請注意,你需要提供前往源碼 RPM (檔名結尾為 .src.rpm) 的 路徑,而路徑 不可以 是 URL。 (如果你只有 spec 檔,請使用 rpmbuild --nodeps -bs SPECFILE 來建立新的源碼 RPM)。

你的 koji 軟體包建置僅可以依賴 TARGET 散布版軟體庫中實際擁有的軟體包。因此,若你的軟體包依賴 Bodhi 尚未發行的新軟體包的話,你就無法使用 koji 為發行的散布版建置軟體包。你可以 用 koji 為 rawhide (下個還未發行的版本) 建置軟體包,即使它依賴其他新的軟體包,只要其他軟體包以下方描述方式為「rawhide」建置即可。如果你需要對尚未有穩定的發行更新的軟體包做建置,你可以提交一張請單,請單上加上 rel-eng : https://fedorahosted.org/rel-eng/newticket ,並申請該軟體包加為 buildroot override (建置根基的凌駕之意)。至於 EPEL 中的軟體包,你必須使用 epel 作為 componet 才能讓請求發送給對的負責人。

你可以透過以下指令更深入瞭解 koji:

koji --help            # 一般的幫助說明
koji --help-commands   # 列出 koji 指令
koji COMMAND --help    # 對於某 COMMAND 指令的幫助說明

Using the Koji build system 有更多 Koji 使用上的相關資訊。

製作軟體包

  • 如果你還不知道怎麼製作 RPM 軟體包,請見 How to create an RPM package
  • 請確認你的軟體包有符合 打包規約 軟體包命名規約
  • 請注意 軟體包校閱規約 (這些規則會在軟體包校閱時使用)。
  • 請確認你的軟體包確實可以成功建置。這個要求非常基本,但似乎很多人忘記。這令人訝異地重要,因為很多人提交的成品竟然都無法成功建置。

上傳你的軟體包

上傳你的 SRPM 和 SPEC 檔案到網際網路上的某個地方,好讓他人可以擷取。存放位置可以是任何 URL 能存取的地方,但更重要的是你的檔案應該要可以直接存取,不要躲在某些服務的後方,讓大家還得等候倒數才能下載,又或者將他們重新導向至廣告頁面,那就太糟糕了。 如果你至少有參與一組專案群組,那麼你可以使用 http://fedorapeople.org 來儲放檔案。如果你的帳號除了設好還有簽署 CLA 之外沒做過其他更動,那麼你可以申請 fedorapeople 空間的存取權,請造訪 支助者 trac 實體,並針對「Initial package hosting request」部件提交一份請單。

申請軟體包校閱

Fill out this form: https://bugzilla.redhat.com/bugzilla/enter_bug.cgi?product=Fedora&format=fedora-review.

  • Before submitting your request, be sure there’s not a previous request for the same package. There is a convenient search box on the package review status page.
  • Make sure that you put the name of the package (excluding version and release numbers) in the 'Review Summary' field, along with a very brief summary of what the package is.
  • Put a description of your package (usually, this can be the same thing as what you put in the spec %description) in the 'Review Description' field. Include the URLs to your SRPM and SPEC files.
  • Explain in the ticket that this is your first package and you need a sponsor. Also include any information that may help prospective sponsors. If you've been active in other review work, include links. If you're the upstream maintainer, be sure to say so.
  • For bonus points, include a link to a successful koji build so that everyone knows you did all of your homework.
Make sure that you mention in the 'Review Description' field that this is your first package, and you are seeking a sponsor. In Fedora Package Collection, all new contributors must be sponsored. Some potential sponsors will look at the FE-NEEDSPONSOR bug in bugzilla to find packages to review. You can add your package to this list by editing your review request bug and adding FE-NEEDSPONSOR in the 'Bug xyz blocks' field (where xyz is the bug number for your review request).

The review process is described in detail on the Package Review Process page.

知會上游

Fedora as a project prefers to stay close to upstream. Inform the developers that you are packaging the software. You can do that by sending them an email introducing yourself and pointing out the review request. This sets up the stage for future conversations. They will usually advertise the fact that their software is now part of Fedora or might want to inform you of important bugs in the existing release, future roadmaps etc.

自我介紹

When a new package maintainer joins the Fedora Project, we request that he/she introduces themselves on the Fedora Devel mailing list. To sign up for the list, visit the devel list's signup page . The primary purpose of this is to begin the process of building trust by learning about the package maintainer and increase the chances of your review request being processed sooner.

The purpose of all this is to break anonymity and foster real-world community within the project. You are under no obligation to reveal personal secrets. The objective is to establish a level of trust with yourself and the other members of the project.

Subject: Self Introduction

Body: Add any information you believe is applicable including past experience, a link to the review request you have filed and a brief description of yourself. You can also post your GPG key information if you want to.

持續關注別人給你的反饋

關注你第一個軟體包的 Bugzilla 回報。你應該會透過電子郵件收到通知。修正任何檢閱者指出的發行阻擋議題 (blocker,即未經修正則不應發行的阻擋關卡)。

取得他人支助

When the package is APPROVED by the reviewer, you must separately obtain member sponsorship in order to check in and build your package. Sponsorship is not automatic and may require that you further participate in other ways in order to demonstrate your understanding of the packaging guidelines. Key to becoming sponsored is to convince an existing sponsor-level member that you understand and follow the project's guidelines and processes.

See how to get sponsored into the packager group for more information on the process of becoming sponsored.

Review and approval for the first package for new packagers must be done by registered sponsors. Subsequent reviews can be done by any package maintainer. Informal reviews can always be done by anyone interested.

Your sponsor can add you to the packager group. You should receive email confirmation of your sponsorship.

將軟體包加入源碼管理 (SCM, Source Code Management) 系統中並設定擁有者

If you are becoming a maintainer for a new package, instead of being a co-maintainer, follow Package SCM admin requests to get a module for your new package and branches for recent releases.

This will be used to set up the proper records in the owners database, which is used for access to build the package, bugzilla population, and other features. This step creates a module in the repository your new package, with branches for each requested distribution.

檢出模組

You could check out your module now, but before doing that, consider doing "mkdir ~/fedora-scm ; cd ~/fedora-scm" - that way, all your files are inside that. Also, run ssh-add, so that you won't have to keep typing in your key password.

Running ssh-add before doing any SCM operations is a very good idea. It will save you from having to type your key password for every operation. You only have to run ssh-add once per session, it will remember it until you log out or reboot. If "ssh-add" reports "Could not open a connection to your authentication agent.", start a new shell under it using "exec ssh-agent bash".

Now you are ready to checkout your module from the SCM:

 fedpkg clone <packagename>

Where <packagename> should be replaced with the name of your package.

If this step fails, be sure your private ssh key (~/.ssh/id_rsa) mode is set to 0400. You might have to wait for up to an hour after your request for a new git module has been approved to get write access. Make sure your public key is the same as in the Fedora Accounts System (FAS). Key propagation may take an hour or so after uploading into FAS
Note that fedpkg does not set the user config for your new git repo automatically. Make sure to have these set globally or locally in your new repo before you do your first commit (see Configure your global git settings).
Note: If you are not a member of the fedora packager group, you will receive a "permission denied" error. Use the -a flag to clone anonymously.

測試你的軟體包

請參考 Using_Mock_to_test_package_builds 以及 Using_the_Koji_build_system#Scratch_Builds 瞭解更多測試軟體包的相關資訊。Mock 使用的是你的本地端系統,而 Koji 命令列工具則使用 Fedora 建置系統伺服器。

匯入、提交、建置你的軟體包

Now that you've checked out your (empty) package module with fedpkg, cd into the module's master branch:

cd <packagename>

Run fedpkg to import the contents of the SRPM into the SCM:

fedpkg import PATH_TO_SRPM
# Review Changes, press 'q' to stop; Revert with: git reset --hard HEAD
git commit -m "Initial import (#XXXXXX)."
git push
fedpkg build

Obviously, replace PATH_TO_SRPM with the full path (not URL) to your approved SRPM, and XXXXXX with the package review bug number.

This imports into, commits, and builds only the master (rawhide) branch.

If the commit fails with this kind of message:

W access for why DENIED to YOUR_ACCOUNT
fatal: The remote end hung up unexpectedly
Could not push: Command '['git', 'push']' returned non-zero exit status 128

Then you don't have the necessary rights to modify that package branch; view https://admin.fedoraproject.org/pkgdb/acls/name/PACKAGE_NAME to request those rights.


更新你的分支 (如果想要的話)

Branches are f# (formerly F-# and before that FC-#), master, etc. So f41 is the branch for Fedora 41.

To switch to a branch first:

fedpkg switch-branch BRANCH (e.g. f41)

Merge the initial commit from master, creating an identical commit in the branch:

git merge master

Push the changes to the server:

git push

Build the package:

fedpkg build

If there is another branch to work with repeat "To switch to a branch" and import and commit to each branch

Be sure that you build for rawhide (master) branch before pushing updates for any other branches! Otherwise, those updates will get inherited into rawhide, which is almost certainly not what you want.
Sync to buildsys is an hourly thing. So, sometimes you might have to wait for an hour to get access of the build server to give "fedpkg build"

If everything goes well, it should queue up your branch for building, the package will cleanly build, and you're done!

If it fails to build, the build system will send you an email to report the failure and show you to the logs. Commit any needed changes to git, bump the SPEC release number, and request a new build.

用 Bodhi 提交軟體包更新

Fedora 更新系統稱為 Bodhi (即中文之菩提),用於推送更新、分類軟體包等。 請不要透過 bodhi 提交「master」版的 (即 rawhide 版) 軟體包。

你可以透過下列指令使用 Bodhi 來推送任何 branch 分支中的更新:

 fedpkg update

You can also use "bodhi" command directly as described in the Bodhi Instruction.

You can also use the Web interface for Bodhi to request enhancement updates for each released Fedora you are bringing a new package to.

The first field asks for the name of the "Package". This field will auto-complete the package name found in the Koji build system, e.g. <package-name>-<version>-<release>.fc41. If completion doesn't work, just enter the package build name yourself.

For new packages, choose "newpackage" as the "type" of update.

Put the "Request" as "testing" if you want to put the package through testing first, see Fedora Quality Assurance . Put "stable" if you want to push the package directly to stable.

For new packages, put the bug number of the package's Review Request in the "Bugs" field blank. Bodhi will automatically close it as NEXTRELEASE when it gets pushed to the requested update status.

For new packages, add a copy of the package's description in the "Notes" section, so end users will know what the package is.

Here is the Bodhi Instruction.

After you have submitted an upgrade through bodhi, your package is placed in a queue. Periodically, an administrator will check the queue and push all of the packages into the appropriate repositories.

讓軟體包列在「comps」檔案中

如果軟體包適當,讓它列在「comps」檔案中,這樣一來就可以在安裝時選擇該軟體包,而且也可納入 yum 的軟體包群組操作中。請見 How to use and edit comps.xml for package groups 以瞭解更多資訊。

持續查看更新狀況

Fedora 有可用的基礎設施可監控你打包的軟體是否有新的上游發行版本。請參考 上游發行監控 瞭解更多細節資訊。若要學習如何處理更新,請閱讀 軟體包更新指南

取得幫助

我們了解這套流程有時可能讓你如入五里霧中,但我們總試著讓情況變得更好。如果你遇到任何問題,或是有任何疑問,請不要遲疑前往 devel 郵遞清單發問,或是上 freenode.net 的 #fedora-devel[?] 頻道上討論。

Fedora Mentors Project 中有許多願意幫助新手打包的導師。請查看 Mentors 頁面了解更多相關資訊。

也請見 Using_git_FAQ_for_package_maintainers

若你已是維護者且還想要製作新的軟體包推入 Fedora 軟體包集合

若你已有維護 Fedora 的軟體包,並且想要維護新的一個,請遵循 既有貢獻者的新軟體包流程