User:Maffblaster/Drafts/Gentoo Primers/The Gentoo Developer Primer

This document should not be considered a replacement for the old Developer Handbook. Eventually this article may get merged into the Developer Handbook. Right now it is simply to be used as a draft space of steps necessary for developers to become connected and productive in the Gentoo sphere. New developers should travel down through the list.

Developer init
New developers have quite a few things to setup before they're 'fully integrated' into the Gentoo ecosystem. For developers that are unfamiliar with processes and job duties of system administration (perhaps more code-savvy and less infrastructure oriented developers), configuring these things can be a confusing and difficult. Because of the sheer amount of tasks, it's also easy to

SSH
SSH keys will need to be generated so that woodpecker, and potentially Gentoo development machine, can be accessed. The recruiter(s) will assist in this process, but essentially generate a 4096-bit RSA key pair:

Be sure to enter a strong passphrase. Do not leave the passphase blank!

After generation, the keys will be located in directory. The public key (typically found at ) will be added to Woodpecker for you by your recruiter. The private key (found at ) should never leave the machine and should only be readable by your user:

See the SSH article for more information.

Configuration file
Those working with multiple SSH keys can setup an SSH configuration file in order to conveniently associate SSH keys with remote hosts. For example, if a developer suppose Larry, our favorite cow, has three separate SSH keys: one for personal use, one for work, and one for Gentoo work. He can make SSH aware of such a setup by creating a file in  directory:

Many more configuration options are possible. Investigate in.

Create a backup
Those without existing GPG keys should skip this section. Creating a backup is best practice for those who have existing GPG keys from other projects:

If anything in the following steps goes foul the backup is now located at.

Master keys
It is best practice for developers to generate a master key pair, then generate subkeys from the master key pair for signing. Generated keys are to follow the specifications outlined in GLEP 63. In short, Gentoo developers are to use a master key type of RSA at 4096 bits (RSAv4 or later). Developers who have already generated a master key that does not meet this minimum standard will need to generate a new set of keys (sorry!).

After emerging, issue the following commands:

Copy and paste the following GLEP 63 approved configuration template into :

Generate the master key pair by running the following command, then entering the values found in the numbered section below:

At the dialog:


 * 1) Choose the "" option (should be the default).
 * 2) For key length, be sure to enter.
 * 3) Enter the GLEP 63 recommended value of   for the key expiration.
 * 4) Enter a name, the email address, and a comment (if desired) to be associated with this key. The comment is simply for your reference. Those with multiple master keys may enter a descriptor describing the purpose of this key in this field.
 * 5) Visually inspect the data is correct, then confirm the entries by pressing the  key (O as in Oscar) and.
 * 6) Enter a strong passphrase (be sure include at least one integer number in the passphrase or GPG will provide a warning).

GPG should now be generating a master key pair! This will take some time and will benefit from system resource usage. Updating some software, playing a game, or reviewing bugs is a nice way to pass the time. When finished, the keys will be present in the directory!

Subkeys
According to GLEP 63 signing subkeys are optional. If the developer would like to use subkeys instead of the master key pair for signing, this section will provide instructions on how to do so. GLEP 63 recommends a 1 year maximum expiration on subkeys with a renewal every 6 months.

Get the master key's ID:

In this example  is master key's ID; this is what is needed in the next command:

This will make enter into an interactive mode:


 * 1) Select "" (typically  ).
 * 2) On the next prompt be sure to enter a value of   for the bit size.
 * 3) Set the expiration to a value of   and confirm.
 * 4) Enter the passphrase of the master key.

After some time the signing subkey will be generated.

In order to set this subkey to be the default for signing the configuration file will need to be adjusted. Use the  option again to determine the newly generated subkey's ID:

The subkey should be displayed at the bottom of the list. The subkey ID in this example is.

Open the file and uncomment the line referencing :

Remember, this subkey will be expired in one year from the generation date. When it is expired a generate a new subkey by following the steps above.

Sending keys
Once all keys have been created, it is necessary to send them to keyserver pools:

Pinentry
pinentry should be configured based on developer preference. There are a few visual interfaces to : Qt, GTK, and ncurses. Adjust the USE flags for the program as necessary. If the KDE or GNOME desktop environments are being used, it is likely either the  (or perhaps  ) or the   USE flags have respectively been set.

After adjusting USE flags and recompiling as necessary, be sure to use to select the appropriate user interface. In the example below the Qt 5 interface has been selected:

Next configure the developers file to prompt for a password via :

Woodpecker
Woodpecker is primary used to setup a developer's LDAP information and add developer mail addresses to email alaises. These changes are actioned using the script.

Each change will require you to enter a password.

LDAP
Lightweight directory access protocol is used by Gentoo infrastructure in order to maintain an internal database of information about Gentoo developers. This rehashes the basics of setting developer information in LDAP. See Infrastructure's LDAP Guide for the latest updates.

If Larry were to add himself to some roles for Gentoo, he would execute the following command:

Although you can name them whatever you'd like, your roles should match your project affiliations defined on by your actual project involvement. Ideally your involvement will line up with your Developer infobox here on the wiki.

Set longitude and latitude information (find it on a per-city basis here):

Setting longitude and latitude in LDAP will enable your location marker to show up on the developer map.

GPG key
expects the GPG signing key to be passed in fingerprint format. The following command will show the fingerprint format for subkeys (and no, the double  is not a typo):

In the above example  is the signing key in the fingerprint format.

Wiki
Visit the Developer Central page and click the "Getting started" link in order to connect your LDAP information to the wiki.

GitHub
Until a better, self-hosted system can be implemented, Gentoo is using GitHub to accept community contributions. Gentoo developers should create a GitHub account and add the following:


 * Add your public GPG key to your GitHub profile.
 * Add your public SSH key to your GitHub profile.
 * Developer can alternatively use SSH forwarding instead of adding their public key to GitHub's server (requires more time/effort).
 * Two-factor authentication (optional, but recommended for developers with a phone).
 * Personal access tokens (if two-factor authentication is enabled). Enable the following scopes for Gentoo related access tokens:
 * repo
 * admin:org
 * read:public_key
 * admin:repo_hook
 * gist
 * read:user
 * user:email
 * delete_repo
 * read:gpg_key
 * Add the Gentoo development token to the file.
 * Use SSH URLs (alternative to access tokens).

make.conf
All Gentoo developers should have GPG (PGP) and SSH keys (generated in the Keys section above). Git needs to interface with both keys. This is done in order to verify and validate identity.

In this example  is the part that would be added a value to the PORTAGE_GPG_KEY variable inside :

Configuration file
The options can be added via by running the following commands:

When the above commands have been entered, the developer's git configuration file should look something like the following:

IRC
Most developers stay connected 24/7 to IRC in order to catch any mentions of their nickname. There are various strategies of staying connected. Some developers leave their main workstation connected to the internet, others might pay for an IRC cloud service.

For those wishing to host IRC themselves, the IRC guide is a great place to start.

Forums

 * Create a forums account (optional).

Blog
Many Gentoo developers have blogs. This section will present a few options for Gentoo developers.

The first option is creating a Developer website on Woodpecker, which can be used to host any kind of file. Simply make it a website by adding an file.

The second option for Gentoo developer is to use the Wordpress site, via https://blogs.gentoo.org.

If none of these options work, you can always host the blog somewhere else. As long as it has an tag-generated RSS feed, the Gentoo Planet blog aggregation site can pull in the Gentoo related postings.

Portage configuration
Package maintainers will need to provide Portage with their GPG signing (denoted by the ) key information in 0xlong format. This is a different format than expects on Woodpecker. Use the following command to display keys in the proper format:

In this example  is the part that would be added a value to the PORTAGE_GPG_KEY variable inside :

Tooling
When attempting to preform fine work, having sharp, precise tools is a must. This section of the developer primer will hopefully provide aid in helping developers streamline their workflow. The goal is an increase in productivity.

Email clients
Depending on the selected email client, getting setting configured properly to filter incoming messages into nicely organized directories and remove nasty spam can take some time and effort. It is important that every developer take the time to properly configure the email client of choice for developer related duties for a few reasons. A well thought out configuration at the beginning will:


 * Save time.
 * For most every developer, checking mail is only one of the streams of communication that will need checked on a regular basis. The less time spent checking mail the more time can be invested into checking other communication streams such as IRC, comments on GitHub, or other Gentoo project sites. Ideally Gentoo developers will be spending the majority of their time on coding, ebuild maintenance, hacking on infrastructure, or other Developer/SysOp duties.


 * Gain efficiency.
 * An efficient person is a productive person. Having the mail client sort and prioritize messages offloads cycles to a CPU rather than a human brain, which allows the human brain to concentrate on what is important.

Thunderbird
Useful link for spam filtering:


 * https://support.mozilla.org/en-US/kb/thunderbird-and-junk-spam-messages

Remember that Mozilla's spam filter needs training, so it may take some time (a week or two) for it to learn what is spam what is not. Be sure to check whatever folder is dedicated to Junk every once in a while to be sure important messages are not being marked as Junk!