docker build -t cass-build-debs -f docker/jessie-image.docker docker/
docker build -t cass-build-rpms -f docker/centos7-image.docker docker/The image will contain a clone of the Apache git repository by default. Using a different repository is possible by adding the
--build-arg CASSANDRA_GIT_URL=https://github.com/myuser/cassandra.gitparameter. All successive builds will be executed based on the repository cloned during docker image creation.
docker run --rm -v `pwd`/dist:/dist `docker images -f label=org.cassandra.buildenv=jessie -q` /home/build/build-debs.sh <branch/tag>
docker run --rm -v `pwd`/dist:/dist `docker images -f label=org.cassandra.buildenv=centos -q` /home/build/build-rpms.sh <branch/tag>
You should find newly created Debian and RPM packages in the
Packages for official releases can only be build from tags. In this case, the tag must match the known versioning scheme. A number of sanity checks will be run to make sure the version matches any version defined in
debian/changes. But you'll have to manually keep these values in sync for every release.
Builds based on any branch will use the version defined in either
build.xml (RPM) or
debian/changes (deb). Afterwards a snapshot indicator will be appended.
Signatures can be used for both yum repository integrity protection and end-to-end package verification.
Individual package files can also contain a signature in the RPM header. This can be done either during the build process (
rpmbuild --sign) or afterwards on the final artifact. As the RPMs should be build using docker without any user intervention, we have to go with the later option here. One solution for this is to use the rpmsign wrapper (
yum install rpm-sign) and use it on the package, e.g.:
rpmsign -D '%_gpg_name MyAlias' --addsign cassandra-3.0.13-1.noarch.rpm
Verifying package signatures requires to import the public keys first:
rpm --import https://www.apache.org/dist/cassandra/KEYS
Afterwards the following command should report “OK” for included hashes and gpg signatures:
rpm -K cassandra-3.0.13-1.noarch.rpm
Once the RPM is signed, both the import key and verification steps should take place automatically during installation from the yum repo (see
See use of
Artifacts for RPM and Debian package repositories, as well as tar archives, are keept in a single SVN repository. You need to have your own local copy for adding new packages:
svn co --config-option 'config:miscellany:use-commit-times=yes' https://dist.apache.org/repos/dist/release/cassandra
(you may also want to set
use-commit-times = yes in your local svn config)
We'll further refer to the local directory created by the svn command as
Required build tools:
Adding new packages to the official repository starts by copying the RPMs to
$artifacts_svn_dir/redhat/<version>. Afterwards, recreate the metadata by executing
createrepo -v . in that directory. Finally, sign the generated meta data files in the
for i in `ls *.bz2 *.gz *.xml`; do gpg -sba --local-user MyAlias $i; done;