Author Archive

Continuous Lifecycle 2013: Talk submitted

Continuous Lifecycle 2013:  Your contribution

I just submitted my talk for the Call for Papers for “continuous Lifecycle 2013” conference in November. Great topics, have a look here http://www.continuouslifecycle.de/call_en.php

So fingers crossed. Would be a great opportunity to speak there and also come back to Karlsruhe where I used to live for 6 years. Meet up with friends and just have a good time.

Koji RPM Build System Configuration and Usage

In the previous short article series I’ve shown you how to install Koji and all its components like Kojid, Kojira, Koji-Hub. However to fully use it we need to do some initial configuration that can only be persisted for a fresh install by a early DB Backup, I’ll remind you of that later.

To understand what we are doing here you need to know a bit more about Kojis philosophy:

Koji uses Tags to identify and mark various stages in the RPM building workflow. Some tags are logically linked together to the same flow, like building for a certain target distribution, e.g. CentOS6. We will call this target tag dist-centos6. But you can maintain multiple distribution-builds on the same Koji instance, just add more tags then according to this article.

We also need a tag that is used for builds and inherits the build target. We call this tag dist-centos6-build
Koji is building RPMs in a chroot with the mock tool. It also installs basic packages to those buildroots from the virtual yum package groups named build and srpm-build. So we need to tell Koji which packages we need. You can extend that list to your needs but choose wise: These packages are pulled in for every build then.
Also, Koji needs to know where to find/pull packages from, therefore we add external repositories, the base repo as the very first !!

Read more

Fix “App can’t be opened because it is from an unidentified developer” error on Mac OS X

You might have gotten this error saying

“.. can’t be opened because it is from an unidentified developer” / “.. kann nicht geöffnet werden, da es von einem nicht verifizierten Entwickler stammt.”

can't be opened because it is from an unidentified developer

Instead of turning off the security feature GateKeeper entirely which is suggested by most websites on this topic, you should rather make an exception for those applications that produce this error but you got them from a trusted source!

This is done fairly simple: Read more

Koji RPM Build System Installation Part 4

Lets see what we have running so far by the last articles of this series:

  • Postgresql DB
  • Koji-Hub
  • Koji CLI
  • Koji-Web

Thats all nice but useless unless we add something that actually does all the work, the actual RPM building…

Kojid

Kojid, also called Koji-Builder, is the service that takes care of building your SRPM and RPMs. You can have dozens of builders, each on their own host, if you need to build alot of RPM. Fedoras own Koji instance is using around 50-60 build hosts ! So lets get started

Read more

Updating a git submodule from a forked repo on GitHub

Git submodules are a great way of adding 3rd-party libraries/modules to your project.
Basically you are forking the 3rd-party repo and add your own fork as submodule to your projects.

The benefits are that you can modify the fork to your needs and even open pull requests to the maintainer. If the maintainer updates his code you can then merge/update everything you want into your fork and keep your patches that didnt make it upstream.

Read more

Howto resume SCP transfer

From time to time you will end up with an incomplete scp transfer. That gets annoying when the total transfer was high. The solution is to use rsync for resuming like so:

rsync -partial -progress --rsh=ssh user@host:/path/to/remote/file /path/local/file

# short version
rsync -P --rsh=ssh user@host:/path/to/remote/file /path/local/file

You can also add an alias so you dont have to remember all those flags. Add to your .bashrc or .bash_aliases

alias scpresume="rsync -P --rsh=ssh"

Git-Flow | How it’s used and why you should

What is Git-Flow about?

Git-Flow is a workflow for using Git in a way that makes continuous software development and lifecycle much better. It was first proposed by Vincent Driessen in early 2010. He then released some scripts that integrate into the git command. However many people / companies still havent heard of it.

It incorporates the typical software lifecycle steps: feature development, releasing a version, hotfixing.
Internally, its “just” a branching model, so it works with every git repo be it only local or with the big remote ones like Github, Gitorious.

Git-Flow concept

At first Git-Flow might be a bit confusing, but once you get the hang of it you won’t want to develop without it anymore. Have a look at this image while you are reading the explanation beneath and all should come clear.

Git branching model

Git branching model

Read more

iptables settings for outgoing FTP

Getting FTP to fully work with iptables can be a pain in the ass. Thinking of active and passive mode here. Even if you are familiar with iptables, its easier to copy/paste this rather than writing this down out of your head. (I am here refering to outgoing FTP connections, meaning you are acting as the client). So here are the rules you were looking for:

-A INPUT -p tcp --sport 21 -m state --state ESTABLISHED -j ACCEPT
-A INPUT -p tcp --sport 20 -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p tcp --sport 1024: --dport 1024: -m state --state ESTABLISHED -j ACCEPT

-A OUTPUT -p tcp --dport 21 -m state --state NEW,ESTABLISHED -j ACCEPT
-A OUTPUT -p tcp --dport 20 -m state --state ESTABLISHED -j ACCEPT
-A OUTPUT -p tcp --sport 1024: --dport 1024: -m state --state ESTABLISHED,RELATED,NEW -j ACCEPT

Basically what this does is tell iptables to open up FTP command port 21 and data port 20 for connection related to ones established on 21. It also allows the random ports >=1024 for related connections.
These rules apply for both active and passive connections.

Koji RPM Build System Installation Part 3

If you followed my previous articles you should by now have a rudimentary Koji system running.

Lets now proceed and add more components.

Koji-Web

As the name suggests, Koji-Web is a webinterface to Koji. It lets you view all your builds, packages, rpms, tasks and other useful info. However you cannot control everything about Koji with it. Its nonetheless good to have. So lets go:

yum install koji-web mod_ssl

Read more

Koji RPM Build System Installation Part 2

So in Part1 we started with setting up the SSL certificates. Now we are going deeper

Database Setup

Start with installing postgresql and setting up Koji users and schema.

yum install postgresql-server koji
service postgresql initdb
service postgresql start
useradd koji;passwd -d koji
su postgres;createuser koji;createdb -O koji koji
su koji; psql koji koji < /usr/share/doc/koji*/docs/schema.sql

Read more