Hi, Am Donnerstag, den 06.06.2019, 14:32 -0400 schrieb Kyle Edwards: > Hello all, > > I have been preparing Ubuntu releases for CMake on our own APT > repository for several months now. We did this by preparing our own > repository infrastructure - we have a machine that builds packages, > and > a machine that hosts an Aptly instance and pushes the repository to > our > web server. However, all of these things had a lot of manual steps to > set up and use, and I'm wondering how Debian handles this problem. > Here > are some of my questions: > > 1. What software do the official Debian repositories use? Do they use > Aptly or reprepro or something else? Is there a downloadable OS image > which comes with this pre-set up? Does it run on a cron job or does > it > have some sort of continuous monitoring? (We have ours run on a cron > job every 10 minutes.) > 2. According to https://wiki.debian.org/BuilddSetup, there seems to > be > a distinction between the build broker (wanna-build) and the build > workers (buildd). Do either of these roles have their own OS images > one > can download? > 3. I understand that source packages are signed by developers before > being sent to the build farm, but what about the binary packages > built > by the build farm and uploaded to the repository? Do the build farm > servers have their own GPG keys? Does the repository server recognize > these keys? > > Thanks in advance, all this info would be helpful for me as I expand > our Ubuntu build infrastructure.
You already got a bunch of responses. I was responsible for our inhouse Debian build chain and faced similar questions than you - except that I took over the maintenance of the existing setup. Here are some tips: * We use sbuild to build the packages (for using the same tool than Debian and for the nice looking logs). To speed up, use an overlay placed it on tmpfs. * I had to patch reprepro to support multiple versions: https://github.com/profitbricks/reprepro * The build bots upload the binary packages to the repository host with dput. The repository host uses restricted-ssh-commands to allow only the upload. * We use gluing code in lot of places, e.g. as wrapper around sbuild, for package approval, etc. When I had to start from scratch, I would probably have a look at laniakea, because things like testing migration with britney and autopkgtest is something useful to have. -- Benjamin Drung System Developer Debian & Ubuntu Developer 1&1 IONOS Cloud GmbH | Greifswalder Str. 207 | 10405 Berlin | Germany E-mail: [email protected] | Web: www.ionos.de Head Office: Berlin, Germany District Court Berlin Charlottenburg, Registration number: HRB 125506 B Executive Management: Christoph Steffens, Matthias Steinberg, Achim Weiss Member of United Internet
