== Dev Week -- Getting set up for Ubuntu development -- dholbach -- Tue, Aug 28th, 2012 == {{{#!irc [16:01] Excellent - welcome back to session number two at https://wiki.ubuntu.com/UbuntuDeveloperWeek :) [16:01] for those of you who joined in late, please also make sure you're in #ubuntu-classroom-chat so you can ask your questions there [16:02] and please prefix them with QUESTION: so the bot will pick them up [16:02] In this session we will set up our development environment, configure the tools and everything, so you're ready for the upcoming sessions and for getting involved [16:03] if we get through everything quick enough we can even have a look at a package and what to do with it [16:03] this session will be practical, so you might want to open a terminal already [16:03] There are a number of things you need to do to get started developing for Ubuntu. [16:03] We'll get your computer set up so that you can start working with packages, and upload your packages to Ubuntu's hosting platform, Launchpad. [16:03] Here's what we'll do: [16:04] - Installing packaging-related software. This includes: Ubuntu-specific packaging utilities, Encryption software so your work can be verified as being done by you, Additional encryption software so you can securely transfer files. [16:04] - Cover the creation and configuring of your account on Launchpad [16:04] - Setting up your development environment to help you do local builds of packages, interact with other developers, and propose your changes on Launchpad. === qwerty is now known as Guest18258 [16:04] It is advisable to do packaging work using the current development version of Ubuntu. Doing so will allow you to test changes in the same environment where those changes will actually be applied and used. [16:05] This means that you will need to run Ubuntu Quantal (12.10) in some form. [16:05] Don't despair - you can run it in a chroot or virtual machine if that suits you for testing, or in a separate partition, or something along those lines. [16:05] Still it's very important to test your fixes in a live environment. [16:05] https://wiki.ubuntu.com/UsingDevelopmentReleases explains how to do it safely. [16:06] If you are now on 12.04, you're fine - you can still go through the instructions and repeat them later on. [16:06] There are a number of tools that will make your life as an Ubuntu developer much easier. You will encounter these tools later on. To install most of the tools you will need run this command: [16:06] sudo apt-get install packaging-dev [16:07] This will take a while, so just keep it running. [16:07] This command will install the following software: [16:07] - gnupg – GNU Privacy Guard contains tools you will need to create a cryptographic key with which you will sign files you want to upload to Launchpad. [16:07] - pbuilder – a tool to do a reproducible builds of a package in a clean and isolated environment. [16:07] - ubuntu-dev-tools (and devscripts, a direct dependency) – a collection of tools that make many packaging tasks easier. [16:07] - bzr-builddeb (and bzr, a dependency) – distributed version control with Bazaar, a new way of working with packages for Ubuntu that will make it easy for many developers to collaborate and work on the same code while keeping it trivial to merge each others work. [16:07] - apt-file provides an easy way to find the binary package that contains a given file. [16:08] ... and obviously many many many other good things we won't cover in this tutorial. :) [16:08] Any questions so far? [16:08] NickE asked: What VM does TestDrive use? [16:09] NickE, I think it uses kvm. [16:09] nja asked: Is it usual to get "apt-file update needed" after installing those packages? [16:09] nja, not for now, I don't think [16:09] conner_bw asked: Is bzr etched in stone? Will git be supported someday? [16:10] conner_bw, I don't know - you could try to ask in #launchpad though [16:10] personally I love bzr because it's quite easy to learn, but I know others prefer git or some other version control system [16:10] the good thing is that Launchpad can import git branches and others as well, so you can work on them natively with bzr [16:11] Ok, let's crack on. [16:11] The Debian/Ubuntu packaging tools need to learn about you . So please simply open your ~/.bashrc in a text editor and add something like this to the bottom of it: [16:11] export DEBFULLNAME="Bob Dobbs" [16:12] export DEBEMAIL="subgenius@example.com" [16:12] Please use YOUR email address and YOUR name. :) [16:12] Now save the file and either restart your terminal or run: [16:13] source ~/.bashrc [16:13] (If you do not use the default shell, which is bash, please edit the configuration file for that shell accordingly.) [16:13] Now that this is done, the packaging tools will always use your name and email address by default. [16:14] nja asked: Is bash the shell integrated in Lernid? [16:14] nja, yes, lernid uses whatever shell you normally use - the default is bash [16:14] Now that this is done, let's create GPG key. [16:14] If you have a key already, you're fine - you don't need another. [16:15] GPG stands for GNU Privacy Guard and it implements the OpenPGP standard which allows you to sign and encrypt messages and files. This is useful for a number of purposes. [16:15] In our case it is important that you can sign files with your key so they can be identified as something that you worked on. If you upload a source package to Launchpad, it will only accept the package if it can absolutely determine who uploaded the package. [16:15] To generate a new GPG key, run: [16:15] gpg --gen-key [16:15] GPG will first ask you which kind of key you want to generate. Choosing the default (RSA and DSA) is fine. Next it will ask you about the keysize. The default (currently 2048) is fine, but 4096 is more secure. [16:15] Afterwards, it will ask you if you want it to expire the key at some stage. It is safe to say “0”, which means the key will never expire. === patrick is now known as Guest90143 [16:16] The last questions will be about your name and email address. Just pick the ones you are going to use for Ubuntu development here, you can add additional email addresses later on. [16:16] Adding a comment is not necessary. Then you will have to set a passphrase, choose a safe one (a passphrase is just a password which is allowed to include spaces). [16:16] Now GPG will create a key for you, which can take a little bit of time; it needs random bytes, so if you give the system some work to do it will be just fine. === raiden is now known as Guest47874 [16:16] Maybe we will just let it sit there for a bit and do its thing, while we take care of other business. [16:17] Let's create our SSH key next. [16:17] SSH stands for Secure Shell, and it is a protocol that allows you to exchange data in a secure way over a network. It is common to use SSH to access and open a shell on another computer, and to use it to securely transfer files. For our purposes, we will mainly be using SSH to securely push changes to Launchpad. [16:17] To generate an SSH key, enter: [16:17] ssh-keygen -t rsa [16:18] The default file name usually makes sense, so you can just leave it as it is. For security purposes, it is recommended that you use a passphrase. [16:19] nja asked: Can the passphrase be changed later? [16:19] nja, yes [16:19] Next, let's set up pbuilder. [16:19] pbuilder allows you to build packages locally on your machine. It serves a couple of purposes: [16:19] - The build will be done in a minimal and clean environment. This helps you make sure your builds succeed in a reproducible way, but without modifying your local system. [16:20] - There is no need to install all necessary build dependencies locally [16:20] - You can set up multiple instances for various Ubuntu and Debian releases. [16:20] Setting pbuilder up is very easy, simply run: [16:20] pbuilder-dist create [16:20] So for quantal, you'd run: [16:20] pbuilder-dist quantal create [16:21] You can install multiple pbuilders, for each release of Ubuntu, or in the case of Debian maybe sid. This will take a while as it will download all the necessary packages for a “minimal installation”. These will be cached though. [16:21] Are there any questions up until now? [16:22] jsjgruber-l82-p asked: Why might you need a .pbuilderrc file? [16:22] in .pbuilderrc you could specify a lot of things: for example using additional mirrors, installing packages into the chroots by default, etc. [16:22] pbuilder's manpage should give you a good idea of what you might want to use. In the most cases you don't need it though. [16:23] exodus asked: Lets say I'm building a complicated package, which depends on various packages which are not already in a pbuilder slate. PackageA depends on PackageB & PackageC. After I build B & C, does pbuilder know B & C as a dependency for A. Is there a special set-up for the packages installed in pbuilder environment? [16:24] exodus, Good questions. Sometimes you might want to build a couple of packages in a certain sequence, for instance you want to transition 10 packages from libsomething1 to libsomething 2 [16:25] in this case you can teach pbuilder to re-use packages you already built and to add them to its sources [16:25] lengau asked: Why does pbuilder require root permissions? [16:25] lengau, because it uses chroot internally to create a completely separate minimal system in which it performs the build [16:26] TheLordOfTime asked: How do you teach pbuilder to use the already-built packages, in the hypothetical exodus presented? [16:26] TheLordOfTime, https://wiki.ubuntu.com/PbuilderHowto is one I know about. [16:27] If it's outdated, I'd recommend to ask in #ubuntu-motu [16:27] Ok. I assume GPG finished creating the key for you already. Let's move on with the key then. :) [16:27] You might have gotten a message similar to this one: [16:27] pub 4096R/43CDE61D 2010-12-06 [16:27] Key fingerprint = 5C28 0144 FB08 91C0 2CF3 37AC 6F0B F90F 43CD E61D [16:27] uid Daniel Holbach [16:27] sub 4096R/51FBE68C 2010-12-06 [16:27] In this case 43CDE61D is the key ID. [16:28] Next, you need to upload the public part of your key to a keyserver so the world can identify messages and files as yours. To do so, enter: [16:28] gpg --send-keys [16:28] This will send your key to one keyserver, but a network of keyservers will automatically sync the key between themselves. Once this syncing is complete, your signed public key will be ready to verify your contributions around the world. [16:28] nja asked: What are all these generated keys for? [16:29] nja, if you upload a package to Launchpad (for instance to your personal package archive), it will check if the package was really done by you [16:29] the GPG key is used to sign a package and make sure it wasn't tampered with and that it originates from you [16:30] the SSH key is used for Bazaar, which I'll talk a bit more in a minute - it basically pushes your changes to LP using a secure connection [16:30] With a basic local configuration in place, your next step will be to configure your system to work with Launchpad. [16:30] Launchpad is the central piece of infrastructure we use in Ubuntu. It not only stores our packages and our code, but also things like translations, bug reports, and information about the people who work on Ubuntu and their team memberships. You will also use Launchpad to publish your proposed fixes, and get other Ubuntu developers to review and sponsor them. [16:31] Sponsoring basically means "upload a package for somebody else". This is what needs to be done if you want to get a fix into Ubuntu and you don't have upload rights yet. [16:31] You will need to register with Launchpad and provide a minimal amount of information. This will allow you to download and upload code, submit bug reports, and more. [16:32] Besides hosting Ubuntu, Launchpad can host any Free Software project. https://help.launchpad.net/ has more information if you should generally get stuck somewhere. [16:32] If you don't already have a Launchpad account, you can easily create one (https://launchpad.net/+login). If you have a Launchpad account but cannot remember your Launchpad id, you can find this out by going to https://launchpad.net/~ and looking for the part after the ~ in the URL. [16:32] TheLordOfTime asked: I've seen this thing about the Ubuntu Code of Conduct. Do I need to sign that to develop for Ubuntu? [16:33] TheLordOfTime, yes - if you want to become part of the team, become an Ubuntu member (get voting rights, an @ubuntu.com address and be generally recognised for your work), you will have to sign it [16:33] there's no hidden clauses or anything crazy in there - you won't sign up for a washing machine you'll have to pay [16:33] the code of conduct basically says to us all: be excellent to each other [16:34] and that's generally a good thing to comply with :) [16:34] man_let asked: can less intelligent people contribute? [16:34] man_let, We have enough tasks for everyone in Ubuntu. No matter what your interest, ability or preference might be. [16:35] nja asked: HELP! My LaunchPad password reset won't arrive! [16:35] nja, I think somebody mentioned it in the chat window already, but you can ask in #launchpad for help. [16:35] and you can follow the instructions from the log or the documentation later on [16:36] Launchpad's registration process will ask you to choose a display name. It is encouraged for you to use your real name here so that your Ubuntu developer colleagues will be able to get to know you better. [16:36] When you register a new account, Launchpad will send you an email with a link you need to open in your browser in order to verify your email address. If you don't receive it, check in your spam folder. [16:36] The new account help page (https://help.launchpad.net/YourAccount/NewAccount) on Launchpad has more information about the process and additional settings you can change. [16:37] You need to tell Launchpad about GPG key, so to find about your GPG fingerprint, please run: [16:37] gpg --fingerprint [16:37] and it will print out something like: [16:37] pub 4096R/43CDE61D 2010-12-06 [16:37] Key fingerprint = 5C28 0144 FB08 91C0 2CF3 37AC 6F0B F90F 43CD E61D [16:37] uid Daniel Holbach [16:37] sub 4096R/51FBE68C 2010-12-06 [16:37] Head to https://launchpad.net/~/+editpgpkeys and copy the “Key fingerprint” into the text box. In the case above this would be 5C28 0144 FB08 91C0 2CF3 37AC 6F0B F90F 43CD E61D. Now click on “Import Key”. [16:37] Launchpad will use the fingerprint to check the Ubuntu key server for your key and, if successful, send you an encrypted email asking you to confirm the key import. Check your email account and read the email that Launchpad sent you. [16:37] If your email client supports OpenPGP encryption, it will prompt you for the password you chose for the key when GPG generated it. Enter the password, then click the link to confirm that the key is yours. [16:38] Back on the Launchpad website, use the Confirm button and Launchpad will complete the import of your OpenPGP key. [16:38] Find more information at https://help.launchpad.net/YourAccount/ImportingYourPGPKey [16:38] And then you can do the same with your SSH key. [16:38] Open https://launchpad.net/~/+editsshkeys in a web browser, also open ~/.ssh/id_rsa.pub in a text editor. [16:39] Make sure it's ~/.ssh/id_rsa.pub (public part) and not ~/.ssh/id_rsa (secret part) [16:39] :) [16:39] This is the public part of your SSH key, so it is safe to share it with Launchpad. Copy the contents of the file and paste them into the text box on the web page that says “Add an SSH key”. Now click “Import Public Key”. [16:39] For more information on this process, visit the creating an SSH keypair page on Launchpad: https://help.launchpad.net/YourAccount/CreatingAnSSHKeyPair [16:39] thotp asked: might the GPG key changes when i re-install the operating system? [16:40] thotp: it might be worth backing up the ~/.gnupg directory [16:40] you should be able to just copy it back [16:40] The last thing I wanted to mention briefly - I know we rushed through a lot, so I want to make some time for more questions - is setting up Bazaar, which should be pretty quick. [16:40] Bazaar is the tool we use to store code changes in a logical way, to exchange proposed changes and merge them, even if development is done concurrently. It is used for the new Ubuntu Distributed Development method of working with Ubuntu packages. [16:41] o tell Bazaar who you are, simply run: [16:41] bzr whoami "Bob Dobbs " [16:41] bzr launchpad-login subgenius [16:41] whoami will tell Bazaar which name and email address it should use for your commit messages. With launchpad-login you set your Launchpad ID. This way code that you publish in Launchpad will be associated with you. [16:41] Again: If you can not remember the ID, go to https://launchpad.net/~ and see where it redirects you. The part after the “~” in the URL is your Launchpad ID.) [16:42] And that should be pretty much it. [16:42] One thing you also might want to do is open the "software properties" and make sure the "Sources" part is checked. This will let you download sources from all packages in Ubuntu easily. [16:43] or just make sure you have deb-src lines in /etc/apt/sources.list [16:43] eklok asked: what keeps you motivated to programm/debug? isnt it exhausting to deal with this every day. I want to motivate myself but i always fail [16:43] eklok, the people and the feeling that if a bug is fixed, it's not just fixed for me but for many millions of users out there [16:43] also do I learn something new all the time, which is great [16:44] of course it can be hard to solve a problem, but you can always ask for help [16:44] man_let asked: what if 2 ppl have the same public key? [16:44] man_let, there have been collisions of gpg keys already, but they are very rare - can somebody dig out a link about this? [16:44] nja asked: What can I do if I have 2 subkeys. How do I know which one to delete? [16:45] I hope http://www.gnupg.org/gph/en/manual.html#AEN282 can help you with it [16:45] Any more questions? :) [16:46] nja asked: Can I not see what one was created most recently? [16:46] If you mean GPG, I'm afraid I don't have the answer right now. Maybe somebody in #ubuntu-classroom-chat or #ubuntu-motu can help. [16:46] Sorry [16:47] If you followed all the instructions, the following example should work: [16:47] Please run: [16:47] bzr branch ubuntu:hello [16:47] This will give you a Bazaar branch of the "hello world" package in Ubuntu and all its revisions in Ubuntu. [16:47] then please: [16:47] cd hello [16:48] bzr bd -- -S [16:48] which will build a source package from the branch - so it will recreate what the original source was and what we need to modify to make it build the "Debian or Ubuntu way" [16:49] if you type ls .. it should show you something like this: [16:49] hello_2.8-2.debian.tar.gz hello_2.8-2_source.changes [16:49] hello_2.8-2.dsc hello_2.8.orig.tar.gz [16:49] now please run: [16:50] pbuilder-dist quantal build ../hello_2.8-2.dsc [16:50] This will build the package from the source in our shiny new pbuilder instance. [16:50] It will first download relevant build-dependencies (so packages required to build the package), then perform the build. [16:50] There are 10 minutes remaining in the current session. [16:51] The resulting package then should be available in ~/pbuilder/quantal_result/ [16:51] nja asked: When running bzr bd -- -s: Help - http://paste.ubuntu.com/1172150/ [16:51] Yes, that's a warning which is safe to ignore: [16:51] gpg: skipped "Santiago Vila ": secret key not available [16:51] gpg: /tmp/debsign.16cckC0A/hello_2.8-2.dsc: clearsign failed: secret key not available [16:52] It merely means that the last person who worked on the package (cf debian/changelog) was Santiago Vila, whose GPG key you obviously don't have. [16:52] We could have added "-us -uc" to the "bzr bd -- -S" command which would have avoided this === prashanth92 is now known as prashanth [16:52] but it's safe to ignore. [16:53] In this small examples (just 3-4 commands) we went from source branch (all revisions in Ubuntu are stored in there), to source package (just the latest source revision as tarball and additional modifications - this is what we use to upload to Launchpad for builds) then then the resulting binary (.deb) packages [16:54] This is obviously just a taster, so I hope you will find many interesting things in the next sessions which will take you further on your way to joining the Ubuntu Developers. [16:54] Just do me one favour: bookmark http://developer.ubuntu.com/packaging/html/ [16:55] and stay up to date by following @ubuntudev on identi.ca/twitter.com/facebook.com/gplus.to [16:55] marcosb asked: -us -uc is not for pubilder? or really is for bzr? [16:55] There are 5 minutes remaining in the current session. [16:55] marcosb, yes, not for pbuilder, but for bzr bd (everything behind the '--' is passed to debuild/dpkg-buildpackage internally) [16:56] I hope you give Ubuntu development a go, learn a lot, make the world a better place and make a bunch of friends. :) [16:57] Any last 2-3 questions before Oliver "ogra" Grawert takes over to talk about ARM? [16:57] nja asked: After running "bzr bd -- -S -us -uc" now what? I'm really behind now. [16:57] nja, pbuilder-dist quantal build ../hello_2.8-2.dsc [16:58] but you should be able to find this in the docs (http://developer.ubuntu.com/packaging/html/) as well [16:58] and in the logs which will go up on https://wiki.ubuntu.com/UbuntuDeveloperWeek later on [16:58] marcosb asked: another session to create patches for hello package? :) [16:58] marcosb, yes it would have been too much to squeeze into 2 hours :) [16:58] alucardni asked: how can I tell to bzr bd to use pbuilder to build a binary package? [16:59] alucardni, it's two separate commands - a pbuilder plugin for bzr might be a good idea :) [16:59] but I don't know if it exists :) [17:00] All the best everyone! Hope to see more of you soon! [17:00] ogra_, your stage :) }}}