Major changes coming to procedure for uploading to sourceware (long)

Christopher Faylor
Sat Oct 12 20:22:00 GMT 2013

I think I now have a system set up which will allow maintainers to
upload their own packages to sourceware.  This system means that package
maintainers won't have to find a public web server to make their
packages available for the cygwin release.  Every package maintainer
will be able to upload their own stuff.  General login access to
sourceware will no longer be required to update the cygwin release.

The system relies on your providing a ssh key.  Once we have that,
you'll have limited 'sftp' access to sourceware where you will be able
to upload packages.  Your home directory on sourceware will look like

Christopher Faylor		# Directory is currently your full name (you won't actually see this)
    !packages			# read-only file containing valid packages
    x86        x86_64		# arch-specific dir
    release    release		# release dir
      pkg			# package directory
       pkg-debuginfo		# package subdirectories

So, to release, say, grep, I would do the following:

    % lftp sftp://cygwin
    cd ok, cwd=/                                    

    lftp> ls
    -rw-rw-r--   1 root     cygstage      179 Sep  1 05:12 !packages
    drwxrwsr-x   4 root     cygstage     4096 Sep  1 05:16 .
    drwxrwxr-x  61 cygwin   root         4096 Sep  1 05:12 ..
    drwxrwsr-x   3 cygwin   cygstage     4096 Oct 12 19:35 x86
    drwxrwsr-x   3 cygwin   cygstage     4096 Aug 10 19:04 x86_64

    lftp> cd x86/release
    cd ok, cwd=/x86/release                     

    lftp> ls
    drwxrwsr-x   3 cygwin   cygstage     4096 Oct 12 18:28 .
    drwxrwsr-x   3 cygwin   cygstage     4096 Oct 12 19:35 ..
    drwxrwsr-x   3 cygwin   cygstage     4096 Oct 12 19:36 grep

    lftp> mirror -eR grep
    Total: 2 directories, 3 files, 0 symlinks                                                  
    New: 3 files, 0 symlinks
    2311396 bytes transferred in 14 seconds (166.2K/s)

    lftp> ls grep
    drwxrwsr-x   3 cygwin   cygstage     4096 Oct 12 19:47 .
    drwxrwsr-x   3 cygwin   cygstage     4096 Oct 12 18:28 ..
    -rw-r--r--   1 cygwin   cygstage  1204708 Oct 12 19:46 grep-2.14-3-src.tar.xz
    -rw-r--r--   1 cygwin   cygstage   229284 Oct 12 19:47 grep-2.14-3.tar.xz
    drwxrwsr-x   2 cygwin   cygstage     4096 Oct 12 19:47 grep-debuginfo

    lftp> ls grep/grep-debuginfo
    drwxrwsr-x   2 cygwin   cygstage     4096 Oct 12 19:47 . 
    drwxrwsr-x   3 cygwin   cygstage     4096 Oct 12 19:47 ..
    -rw-r--r--   1 cygwin   cygstage   877404 Oct 12 19:47 grep-debuginfo-2.14-3.tar.xz

    lftp> put /dev/null -o !ready

The package directories should exactly mirror what is currently in the
release directory.  The !ready file is used to tell upset that any files
older than this file in or under the given directory should be
processed.  The intent is that you create !ready when you have finished
uploading everything that you plan on uploading.

upset will periodically scan our home directories for packages, and, if
there are no errors, move the packages into the real release area.  New
directories will be created as needed.  If there are errors then
setup.ini will not be updated and the release area will remain pristine.

Although not shown above, you can also create a !mail file which
contains a list of email address (one per line) where any upset errors
should be sent.  If that isn't specified then you won't get email when
upset finds issues with what was uploaded.  Currently, this is not a
"per-directory" thing since upset parsing doesn't work that way so, if
you add a !email tag you will get all errors from upset - not just ones
associated to your uploaded files.

(Eventually, I'll fix this so that you only get errors if you actually
did upload something rather than all of the time)

To start this system going, I'd like people to start sending their public
ssh keys to cygwin-apps using this format:

Subject: SSH key for upload access

Name: Your name
Package: The name of one of the packages that you are responsible for
SSHkey: Your *public* ssh key

When specifying your name, use your exact name as shown here:

I'll have an automated way of pulling this info into sourceware (after
first verifying it for accuracy).

So, in my case I would send mail to cygwin-apps with:

Subject: SSH key for upload access

Name: Christopher Faylor
Package: grep
SSHkey: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEArEBaxIX8MpBhJioygtOziwXb19w0vLnAHQcOEVgjjoStjCNZ0iAaX7+Ae7Jv78p7XAXZyrtFbvJ22siKKc0FG5z1DhE28sIFP2RxyF4F4ENIrqtlz4R8sFbuv16r91ZyLzMwpk5LAQGb/iSF+fU9KDpAohvvC5B8ZZ8dywQCXEE= cgf

Note that the SSHkey stuff may have something which looks like an email
address and that may be flagged by the spam filter so it makes sense to
remove the <at>address part.  Make sure that you send your PUBLIC key,
not your private key.  The public keys are located in your .ssh
directory and have a .pub extension.  Only send one.

The Package: key is just there for validation.  It shouldn't contain the
complete list of all of the packages you maintain.  The cygwin-pkg-maint
file is the master list for that information.

Hopefully I haven't made this sound more complicated than it really is.
It should be really simple.  You provide an ssh key.  We add it to
sourceware.  You send your packages to sourceware via sftp or
(preferred) lftp.  Create a "!ready" file.  You're done.

I hope that this will go live when I return from a brief vacation by mid
next week.


More information about the Cygwin-apps mailing list