I’m helping to revamp the build infrastructure here. Until now, we’ve been using a bunch of home-rolled scripts and [[http://autobuild.org/ Test::AutoBuild]].

We decided to look at Fedora’s build system and processes, since we’re developing RHEL and using RHN Satellite, didn’t want to re-invent the wheel, and Red Hat would similarly be trying to keep closely aligned with Fedora’s processes also. Yum repository support is official in RHEL5 and supported by RHN Satellite 5.

Mock was relatively simple. Create a Yum repository (extract latest version information from Satellite and copy the RPMS and comps.xml to a directory, then run createrepo), create a group and the directory structures, the configuration files for our build targets (x86_64 and i386) and it’s a go.

Koji’s a different story. Koji doesn’t support straight Username/Password logins – it uses SSL certificates and/or Kerberos to authenticate. I tried to follow the instructions for the [[http://fedoraproject.org/wiki/Koji/ServerHowTo Koji Server HowTo]] but my setup is a bit different in that I’m installing everything on one machine. For me it meant that I didn’t need (and couldn’t use) a separate cert for kojiweb and kojihub..

For the ClientCert’s, you need a combined PEM file containing both the cert and the private key. If you don’t have that, you will see a python error with PEM something-or-other in it. This applies for ~/.fedora.cert (whatever path’s mentioned in $HOME/.koji/config for the cert), as well as for the WebCert in /etc/httpd/conf.d/kojiweb.conf, that used by kojid (cert= in /etc/kojid/kojid.conf), and of course that used by kojira (as explained in the [[http://fedoraproject.org/wiki/Koji/ServerHowTo Koji Server HowTo]].)

The “Python ProxyDNs” option should correspond to the DN of the web host (or maybe hub, but for me it’s the same) .. if you get this wrong, don’t worry, you will (when the rest is correctly setup) receive an error from the web interface with the proper string.

Now that I can login, I just have to learn how to use Koji. :-)

Update: Koji turned out to be too much of a pain. It really is a complete distribution management solution, and we already use RHN Satellite for that.. so I built my own distributed build system based around Mock. It works quite well, although it lacks a lot of the pizazz of Koji.

— by Robert Thomson, created 25th Oct, 2007, last modified 18th Jun, 2009 | Tags: Tech