Koha Packaging

This describes creating and deploying packages to http://debian.koha-community.org. These instructions are intended for advanced Debian users, and having some experience with building packages probably wouldn't hurt.

This is something of a mind-dump of unstructured information. This other URL might be more useful to start with: https://wiki.koha-community.org/wiki/Building_Debian_Packages_-_The_Easy_Way

Build The Packages

I have a VM (that I call debmaker32) specially set up for building packages on. Setting that up is left as an exercise for the reader, and using SSH keys will make things a lot easier. It should have GPG agent configured if you want to sign the packages, along with all the Debian packaging-related tools.

The debian.koha-community.org packages are based on the main branch of the Koha repository (at git.koha-community.org.)

I have a script that carries out the entire process of building the packages to a local repository. It'll need to change to suit your environment, but the principles should remain the same. In this, I have /home/robin/catalyst (which is also ., where I run the script from) NFS-mounted as /mnt/catalyst in the VM.

$ cat make-kc-packages 
#!/bin/bash
[ -e koha-build ] && ( 
    mv koha-build koha-build-delete ;
    rm -rf koha-build-delete 
) &
sleep 1
cp -r koha koha-build
rm -rf koha-to-deploy
mkdir koha-to-deploy
cd koha-build
git clean -f -x -d
rm -rf blib
ssh -t debmaker32 <<'EOH'
cd /mnt/catalyst/koha-build
rm -rf /tmp/kohabuild
mkdir /tmp/kohabuild
DEBEMAIL=robin@catalyst.net.nz debian/build-git-snapshot /tmp/kohabuild
cp -v /tmp/kohabuild/* /mnt/catalyst/koha-to-deploy
EOH
# Necessary to not use GPG_AGENT because of 
# http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=579784 - also, this has to be on 
# its own command or you get strange TTY-related errors with GPG. Debsign seems
# to be sorta broken really.
ssh -t debmaker32 "GPG_AGENT= debsign -kA99CEB6D /mnt/catalyst/koha-to-deploy/*.changes" 
cd ..
dput koha koha-to-deploy/*.changes

The config file for dput, which is on the local machine:

$ cat ~/.dput.cf 
[koha]
method = local
incoming = /home/robin/catalyst/repos/koha/incoming
run_dinstall = 0
post_upload_command = reprepro -b /home/robin/catalyst/repos/koha processincoming default

You'll need to enter your GPG password a few times during this process due to annoying bugs with debsign and it not supporting gpg-agent.

It expects to be run from a directory that has a koha subdirectory which contains the checked out version that will be turned into packages. It will create a cleaned copy of that and build it. In the end, the packages will be added to the repository, which in my case lives at ~/catalyst/repos/koha.

build-git-snapshot uses pdebuild to make the packages. To account for the dependencies that are currently not in Debian, creating the pbuilder environment is a bit complex.

Configuring Pbuilder

$ gpg --import /usr/share/keyrings/debian-archive-keyring.gpg
gpg: key F42584E6: public key "Lenny Stable Release Key <debian-release@lists.debian.org>" imported
gpg: key 55BE302B: public key "Debian Archive Automatic Signing Key (5.0/lenny) <ftpmaster@debian.org>" imported
gpg: key 6D849617: public key "Debian-Volatile Archive Automatic Signing Key (5.0/lenny)" imported
gpg: key B98321F9: public key "Squeeze Stable Release Key <debian-release@lists.debian.org>" imported
gpg: key 473041FA: public key "Debian Archive Automatic Signing Key (6.0/squeeze) <ftpmaster@debian.org>" imported
gpg: key 46925553: public key "Debian Archive Automatic Signing Key (7.0/wheezy) <ftpmaster@debian.org>" imported
gpg: key 65FFB764: public key "Wheezy Stable Release Key <debian-release@lists.debian.org>" imported
gpg: Total number processed: 7
gpg:               imported: 7  (RSA: 6)

$ gpg --recv-key A2E41F10
gpg: requesting key A2E41F10 from hkp server pgp.mit.edu
gpg: key A2E41F10: "Koha Debian Package Signing Key <koha-devel@lists.koha-community.org>" imported
gpg: Total number processed: 1
gpg:               imported: 1
$ gpg --recv-key A99CEB6D
gpg: requesting key A99CEB6D from hkp server pgp.mit.edu
gpg: key A99CEB6D: "Robin Sheat <robin@kallisti.net.nz>" imported
gpg: Total number processed: 1
gpg:               imported: 1

# Following list of key IDs is the Debian archive + the koha-community packages
$ gpg --export F42584E6 55BE302B 6D849617 B98321F9 473041FA 46925553 65FFB764 A2E41F10 A99CEB6D > /tmp/debian.gpg

Now create the pbuilder environment, and import the keyring created:

sudo pbuilder create --othermirror 'deb http://debian.koha-community.org/koha squeeze-dev main' --mirror http://ftp.debian.org/debian --distribution squeeze --debootstrapopts "--keyring=/tmp/debian.gpg"

Deploy the Packages

The local repository should then be synced to the debian.koha-community.org repository using a script along these lines (which, if you add -P to when running will tell you how it's going.) This will need to change to work with your repository location. Note: you probably can't do this unless you're the maintainer, but you may want to adapt it to your local environment.)

$ cat publish-koha-apt-repo 
#!/bin/sh
set -e
rsync -a --partial --delete-after "$@" \
    "$HOME/catalyst/repos/koha/." \
    debian.koha-community.org:koha-apt-repository/koha/.

More about Debian packaging

• Introduction to Debian Packaging by Lars Wirzenius
• Debian Packaging Tutorial by Lucas Nussbaum
• Debian New Maintainers' Guide by Josip Rodin and Osamu Aoki (official Debian manual)
• Setting up an APT repository with reprepro is a good introduction to setting up an apt repository --jcamins