Fix NEWS.txt link in prepare template and use full urls in finish
2 files changed
tree: 2689b9be1e11387c3bba51ec7c075326287edf7e
  1. .gitignore
  2. ASF-slaves.txt
  5. build-scripts/
  6. cassandra-release/
  7. dist/
  8. docker/
  9. jenkins-dsl/

Apache Cassandra Build Tools

  • Jenkins Job DSL scripts to create CI jobs:
    • jenkins-dsl/
  • Jenkins Job build/test runtime scripts:
    • build-scripts/
  • Apache Cassandra packaging utilities:
    • cassandra-release/
    • docker/

Building packages

  1. Create build images containing the build tool-chain, Java and an Apache Cassandra git working directory
    • Debian: docker build -t cass-build-debs -f docker/jessie-image.docker docker/
    • RPM: docker build -t cass-build-rpms -f docker/centos7-image.docker docker/ The image will contain a clone of the Apache git repository by default. Using a different repository is possible by adding the --build-arg CASSANDRA_GIT_URL= parameter. All successive builds will be executed based on the repository cloned during docker image creation.
  2. Run build script through docker (specify branch, e.g. cassandra-3.0 and version, e.g. 3.0.11):
    • Debian: docker run --rm -v `pwd`/dist:/dist `docker images -f label=org.cassandra.buildenv=jessie -q` /home/build/ <branch/tag>
    • RPM: docker run --rm -v `pwd`/dist:/dist `docker images -f label=org.cassandra.buildenv=centos -q` /home/build/ <branch/tag>

You should find newly created Debian and RPM packages in the dist directory.

Note about versioning

Packages for official releases can only be build from tags. In this case, the tag must match the known versioning scheme. A number of sanity checks will be run to make sure the version matches any version defined in build.xml and debian/changes. But you'll have to manually keep these values in sync for every release.

Builds based on any branch will use the version defined in either build.xml (RPM) or debian/changes (deb). Afterwards a snapshot indicator will be appended.

Signing packages


Signatures can be used for both yum repository integrity protection and end-to-end package verification.

Providing a signature (repomd.xml.asc) for repomd.xml allows clients to verify the repository's meta-data, as enabled by repo_gpgcheck=1 in the yum config.

Individual package files can also contain a signature in the RPM header. This can be done either during the build process (rpmbuild --sign) or afterwards on the final artifact. As the RPMs should be build using docker without any user intervention, we have to go with the later option here. One solution for this is to use the rpmsign wrapper (yum install rpm-sign) and use it on the package, e.g.: rpmsign -D '%_gpg_name MyAlias' --addsign cassandra-3.0.13-1.noarch.rpm

Verifying package signatures requires to import the public keys first:

rpm --import

Afterwards the following command should report “OK” for included hashes and gpg signatures:

rpm -K cassandra-3.0.13-1.noarch.rpm

Once the RPM is signed, both the import key and verification steps should take place automatically during installation from the yum repo (see gpgcheck=1).


See use of debsign in cassandra-release/

Updating package repositories


Artifacts for RPM and Debian package repositories, as well as tar archives, are keept in a single SVN repository. You need to have your own local copy for adding new packages:

svn co --config-option 'config:miscellany:use-commit-times=yes'

(you may also want to set use-commit-times = yes in your local svn config)

We'll further refer to the local directory created by the svn command as $artifacts_svn_dir.

Required build tools:


Adding new packages to the official repository starts by copying the RPMs to $artifacts_svn_dir/redhat/<version>. Afterwards, recreate the metadata by executing createrepo -v . in that directory. Finally, sign the generated meta data files in the repodata sub-directory:

for i in `ls *.bz2 *.gz *.xml`; do gpg -sba --local-user MyAlias $i; done;