=== ctracey_ is now known as ctracey [13:26] Hello! I would like to know what is currently being used to manage the .deb packages used in Ubuntu. What developers use to publish new packages to the official repository.. [13:27] We have a ubuntu based distribution in Brazil called "Educational Linux", and we are using reprepro and some scripts made by us to control developers access to the different repositories we have, but I feel like there should be something better out there. =P [13:34] dpasqualin_: there's dak [13:34] dpasqualin_: but Ubuntu uses Launchpad [13:34] dpasqualin_: ubuntu infra is something complex. Packages are managed through launchpad. That said everything and nothing, I know, but that it. Maybe debian infra is a bit simpler: They use dak to handle packages, which is far simpler than the whole launchpad [13:34] hah [13:34] dak [13:34] simpler [13:34] you're joking right [13:34] "simpler"... [13:34] dak has hard coded release strings [13:34] etc etc [13:35] I see.. [13:35] I know, but I strong believe that deploy a new dak instance is far easier that a new launchpad... [13:35] I'll have a look at dak then [13:35] than* [13:35] I would really not recommend dak [13:36] thanks mapreri =P [13:36] can you explain why not, and what would you suggest instead? [13:36] see above wrt hard coded release strings [13:36] I would stick with reprepro, but I don't know how well it handle thousand of packages... [13:37] likewise [13:37] dpasqualin_: I'd recommend talking to ximion about dak [13:37] since he set it up for tanglu [13:39] "dak is the collection of programs used to maintain the Debian project's archives. It's not yet in a state where it can be easily used by others; if you want something to maintain a small archive and apt-ftparchive (from the apt-utils package) is insufficient, I strongly recommend you investigate mini-dinstall, debarchiver or similar. However, if you insist on trying to try using dak, please read the documentation in 'doc/README.first'." [13:39] as the non-industrial-scale ones go, reprepro is pretty good AFAICS [13:40] humm, ok [13:40] have you guys heard of aptly? [13:40] not previously [13:42] it seems pretty straightforward to use. It doesn't manage user permissions, but neither does reprepro.. [13:47] Here we manage the repos like this. In the server where the repos are we have one system user for each repo. Each user has an authorized_keys file stating who can publish in the repository, which has the same name of the user. So in order to publish in, lets say, le5-stable, the developer would do "scp le5-stable@reposerver package.deb". The server has a script called by ssh when someone does the scp, which than triggers reprepro to publish the [13:47] incoming package in the right place. [13:49] What do you think about this workflow? [13:49] umh, I hope you definitely trust the developers to do not screw up everything.... [13:50] The developers can only publish on unstable and testing repos. When I feel like the package are mature enough I than tranfer it to the stable repository. [13:50] or that you have a script that validate the .debs (checks the suites, for instance) [13:53] we do have [13:54] It's just that, this was done by some coworkers 8 years ago, I thought there would be something more automated nowadays. [13:55] ppa are pretty nice, but my research group prefers to keep the packages in our own server. [13:55] well, anyway, thank you very much for the tips! [13:56] well, 8 years... maybe it's worth taking a look at really complex infra like lp and dak... maybe, just look at them (don't dig too much, or you will get lost ;) ) [13:59] I would strongly recommend not having developers do manual binary uploads [13:59] upload source only and autobuild [14:04] good point [14:06] you obviously need a back door for bootstrapping circular build-dependencies and the like, but that's better handled by having a way for a small group of privileged people to inject binaries that satisfy build-dependencies, rather than by actually injecting binaries directly [14:08] I see === mapreri_ is now known as mapreri [14:11] I have one more question, if this is not the right place maybe someone can say where should I ask. How is the .iso the ubuntu releases build? === ctracey_ is now known as ctracey [14:12] Is there any software to help on this? We also use some scripts that doesn't always work =P [14:18] dpasqualin_: only cjwatson can give you a complete response, but mybe this can guide you: http://askubuntu.com/questions/95190/what-is-an-ubuntu-localized-image-and-how-do-i-create-one (look at the ubuntu-defaults-builder package and the in particular at ubuntu-defaults-image(1)) [14:19] (I said maybe) [14:20] "bzr branch lp:ubuntu-cdimage" plus the bits in the resulting configs/devel, and they use Launchpad to do the live image builds that form a major part of it [14:21] Great, thanks! === Fudge is now known as Guest2520 === elijah_ is now known as elijah === DalekSec_ is now known as DalekSec === Laney is now known as Guest37661 === DalekSec_ is now known as DalekSec === lan3y is now known as Laney [15:24] dpasqualin_: I was reading the manpage of reprepro (for my stuff) and I saw a Uploaders field that could definitely help you handling permissions (I wasn't aware of it) === Ursinha-afk is now known as Ursinha === Saviq_ is now known as Saviq === debfx_ is now known as debfx === jpds is now known as Guest26752 [15:54] mapreri: thanks! === Purefan_ is now known as slackner === rocketni1e is now known as rocketnine