How to prepare buildbot for major release
These are collected notes of the steps we've done during preparation of buildbot infrastructure for 21.02 release.
Generate usign key
usign -G -c "Public usign key for 22.03 release builds" -s secret.key -p public.key
Add usign public key to keyring
usign -F -p public.key 2f8b0b98e08306bf mv public.key openwrt/keyring.git/usign/2f8b0b98e08306bf
Add usign secret.key to ansible/inventories/openwrt-secrets.yml:
vault_buildbot_usign_key_openwrt_22_03:
Add GPG/usign keys to keyring.git repo
Update package/system/openwrt-keyring/Makefile package
- openwrt-keyring: make opkg use 22.03 usign key (NOTE: this needs to be done only in the release branch)
Add new GPG key information to the release signatures page
- Add new key info to signatures page
Prepare buildbot infra and assign buildworkers
Apply new build infra 21.02
ansible-playbook --diff -i inventories/prod buildworker.yml --tags cfg,recreate-slave --limit fsf-02,fsf-04,osuosl-vm-03,osuosl-vm-04,truecz-01,truecz-02,buildmaster