Project releasing

Introduction

Projects release allows you to share projects with specific users or teams within the factory. This release will contain all the project applications, all architectures, and for the moment, only one distribution per release.

WebUI

To release a project you need at least one built application. In order to make the release follow these steps:

  • Go on “Projects” tab
  • Click on the project you want to release
  • Go on under “ACTIONS” tab
  • Expand “Release project” (at the bottom)
  • Choose a distribution and a release version (e.g. 1.0)
  • Click on the “RELEASE PROJECT” button

Once the project is released you need to choose the audience (the users or teams you will share it with). You can also choose Release to all people using this factory.

  • Go on “Projects” tab
  • Click on RELEASED PROJECTS
  • Choose the released project you want to share
  • Go to the “AUDIENCE” tabs
  • Select one or multiples users/teams at the left
  • Click the » (move-to-the-right) button to select them
  • Click on “UPDATE AUDIENCE”

Finally, in order to use the released project outside the WebUI you need the token that was created during the release. The Repository URL and Repository access token are found in the release Overview (Projects > RELEASED PROJECTS > selected project). With them you will be able to use the download server that turns within the factory.

redpesk-cli

It is also possible to release a project from redpesk command line, alias rp-cli. In order to do that you have to specify the slug of the project you want to release, the distribution targeted by the release, and the release version. Additionally, you can specify a name for the “released project” that will be created.

The other flags are here if you want to set-up a specific audience for the released project:

  • One or several user(s): flag --user
  • One or several team(s): flag --team
  • All users of the factory: flag --all-users

In order to get the slug of your project, you can use the rp-cli projects list as below.

$ rp-cli projects list
ID                                        Slug                        Name                        Version        Type
73027643-f827-40c4-ad13-86748c0b99b6      iot-project                 IOT Project                 [Not set]      standard
1fd09a37-cf76-4ce0-9833-b7c346381aa6      my-new-project              New project                 [Not set]      standard
b1a06375-0d28-4091-b9d6-4603cebe85dd      redpesk-ci                  Redpesk CI                  [Not set]      standard
77a6df2a-918a-4fff-a108-8c5f0ab4dc80      redpesk-industrial          Redpesk Industrial          [Not set]      standard
74c88f7a-3f5a-4072-bb29-2291fa8bc05a      redpesk-industrial-image    Redpesk Industrial Image    [Not set]      standard

In order to save time do not forget that rp-cli has a completion system, for example once you wrote the --distribution flag you can press TAB and rp-cli will give you the available distributions! It is the same for users or teams.

Then, run the following command (adapt the distribution, the version and eventually the audience flags to your needs):

$ rp-cli projects release redpesk-banano-ci-0 -d "Release 1.0 of the industrial project" --distribution redpesk-lts-batz-2.0-update -v 1.0
-- Project release requested by user --
Checking distribution validity...					[OK]
Requesting the factory to release the project "redpesk-industrial"...[OK]
Waiting for the project "redpesk-industrial" to be released...[OK]

After that, you will be able to get the list of released projects using:

$ rp-cli projects releases list
ID                                       Slug                        Version  Reference
57e78801-1edc-4c98-af2d-96ae02ab194e     redpesk-industrial-1.0      1.0      redpesk-industrial

Here below the whole release project process using rp-cli.

Enable GPG signature checking on board

Redpesk supports a basic GPG signature model. Every package in a released project is signed with the same GPG key by the factory it was released in. When enabled, the update tools (dnf) will verify the authenticity of the packages by verifying those GPG signatures and refuse to install any package that is not signed or has an incorrect signature.

The configuration file for dnf is located in /etc/yum.repos.d/redpesk-update.repo. To enable the signature checking on board, we need to set the gpgcheck option to 1 in the [redpesk] and [redpesk-middleware] sections of the configuration file (gpgcheck=1). The gpgkey option specifies the location of the GPG key.

To do so, we can use the following command dnf config-manager --setopt=<repoid>.gpgcheck=1 --save as shown below :

dnf config-manager --setopt=redpesk-update.gpgcheck=1 --save
dnf config-manager --setopt=redpesk-middleware-update.gpgcheck=1 --save