This is an automated email from the ASF dual-hosted git repository. wave pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/bval-site.git
commit c55390881ceba133c3b1cb5634e51772f8e603e0 Author: Dave Fisher <[email protected]> AuthorDate: Tue Jun 1 12:11:39 2021 -0700 fix permalink styles, fix codeblocks and lists --- content/automated-builds.md | 2 + content/beanvalidation-tck.md | 36 +-- content/release-management.md | 3 +- content/release-process.md | 464 +++++++++++++++++++------------------- content/release-setup.md | 222 +++++++++--------- theme/apache/templates/base.html | 3 +- theme/apache/templates/styles.css | 6 + 7 files changed, 371 insertions(+), 365 deletions(-) diff --git a/content/automated-builds.md b/content/automated-builds.md index 85a7fbc..2a3f36f 100644 --- a/content/automated-builds.md +++ b/content/automated-builds.md @@ -1,5 +1,7 @@ Title: Automated Builds +We're using the Apache Jenkins build server for continuous builds. + <a name="AutomatedBuilds-JenkinsJobs"></a> ### Jenkins Jobs diff --git a/content/beanvalidation-tck.md b/content/beanvalidation-tck.md index d8f4d23..7f62017 100644 --- a/content/beanvalidation-tck.md +++ b/content/beanvalidation-tck.md @@ -21,36 +21,36 @@ For the below build and TCK runs, it is assumed that you have the latest Sun 1. Build the project and run the [JUnit][] tests: -```sh - cd bval/trunk - mvn clean install -``` + ```sh + cd bval/trunk + mvn clean install + ``` 1. Run the JBoss provided TCK in standalone mode - -```sh - cd bval/trunk/bval-tck11 - mvn -Ptck -``` + ```sh + cd bval/trunk/bval-tck11 + mvn -Ptck + ``` #### In-container 1. Build the project and run the [JUnit][] tests: -```sh - cd bval/trunk - mvn clean install -``` + ```sh + cd bval/trunk + mvn clean install + ``` 1. Install [JBoss Application Server](http://www.jboss.org/jbossas); version - 5.1.0 or later. + 5.1.0 or later. 1. Run the JBoss provided TCK in the in-container mode, against your JBoss AS - installation (where `$jbosshome` denotes the installation path): + installation (where `$jbosshome` denotes the installation path): -```sh - cd bval/trunk/bval-tck - mvn -Ptck,incontainer -Djboss.home=$jbosshome -``` + ```sh + cd bval/trunk/bval-tck + mvn -Ptck,incontainer -Djboss.home=$jbosshome + ``` ### Certification against the JCP provided TCK diff --git a/content/release-management.md b/content/release-management.md index c614333..8863b56 100644 --- a/content/release-management.md +++ b/content/release-management.md @@ -1,6 +1,7 @@ Title: Release Management -We'll be using the [Apache Nexus repository](http://repository.apache.org) for +We'll be using the [Apache Nexus repository](http://repository.apache.org) for +releasing `SNAPSHOT` and release artifacts, which uses the same LDAP groups as SVN to control who can publish artifacts using `groupId=org.apache.bval`. To familiarize yourself with the notions and requirements for releasing diff --git a/content/release-process.md b/content/release-process.md index 6cdb98b..dbd47be 100644 --- a/content/release-process.md +++ b/content/release-process.md @@ -8,306 +8,304 @@ artifacts and using Nexus can be found on the Maven website at <a name="ReleaseProcess-ReleaseSteps"></a> ### Release Steps -1. Environment setup for releasing artifacts (same for `SNAPSHOT`s and -releases) - 1. Use the latest Oracle 8 JDK (with javafx, it's required by the TCK!) - 1. Use Maven 3.2.1 or later - 1. Make sure the [Release Setup][] steps have been performed. +1. Environment setup for releasing artifacts (same for `SNAPSHOT`s and releases) + 1. Use the latest Oracle 8 JDK (with javafx, it's required by the TCK!) + 1. Use Maven 3.2.1 or later + 1. Make sure the [Release Setup][] steps have been performed. 1. Prepare the source for release: - 1. Clean up JIRA so the **Fix Version** in issues resolved since the last - release includes this release version correctly. Also, transition any - **Resolved** issues to the **Closed** state. - 1. Update the text files in a working copy of the project root: - 1. Update the `CHANGES.txt` based on the Text release reports from JIRA. - 1. Review and update `README.txt` if needed. - 1. Commit any changes back to GIT: - -```sh - git commit -a -m "updating files for release" & git push -``` - - 1. Stage any Roadmap or Release landing pages on the wiki. - 1. Use `mvn apache-rat:check` to verify the source has the required headers before - trying to release. - 1. Perform a full build and deploy the SNAPSHOT artifacts: - -```sh - mvn -Papache-release clean deploy -``` - - 1. Inspect the files in your local target directories to ensure: - 1. All jars and zips include `LICENSE` and `NOTICE` files - 1. The NOTICE files cover all third-party included files (like XSD -schemas) - 1. The `LICENSE` files include any third-party licenses (none at this time) - 1. All jars/zips/poms have `.asc` (PGP signature) files + 1. Clean up JIRA so the **Fix Version** in issues resolved since the last + release includes this release version correctly. Also, transition any + **Resolved** issues to the **Closed** state. + 1. Update the text files in a working copy of the project root: + 1. Update the `CHANGES.txt` based on the Text release reports from JIRA. + 1. Review and update `README.txt` if needed. + 1. Commit any changes back to GIT: + + ```sh + git commit -a -m "updating files for release" & git push + ``` + + 1. Stage any Roadmap or Release landing pages on the wiki. + 1. Use `mvn apache-rat:check` to verify the source has the required headers before + trying to release. + 1. Perform a full build and deploy the SNAPSHOT artifacts: + + ```sh + mvn -Papache-release clean deploy + ``` + + 1. Inspect the files in your local target directories to ensure: + 1. All jars and zips include `LICENSE` and `NOTICE` files + 1. The NOTICE files cover all third-party included files (like XSD schemas) + 1. The `LICENSE` files include any third-party licenses (none at this time) + 1. All jars/zips/poms have `.asc` (PGP signature) files 1. Do a dry run of the release:prepare step. - The dry run will not commit any changes back to GIT and gives you the -opportunity to verify that the release process will complete as expected. -You will be prompted for the following information : - 1. Release version - take the default - (default 1.0) - 1. SCM release tag - take the default - (default 1.0) - 1. New development version - take the default - (default 1.0.1-SNAPSHOT) - 1. *optional* if you have not specified a GPG passphrase in settings.xml -you will be prompted for it: - -```sh - mvn -Papache-release release:prepare -DdryRun=true -``` - - Sample output: - -```text - [INFO] Working directory: /Users/drwoods/bval/1.0-rc1 - [INFO] Checking dependencies and plugins for snapshots ... - What is the release version for "Apache BVal :: bval-parent (Parent POM)"? (org.apache.bval:bval-parent) 1.0: : - What is SCM release tag or label for "Apache BVal :: bval-parent (Parent POM)"? (org.apache.bval:bval-parent) bval-parent-1.0: : 1.0 - What is the new development version for "Apache BVal :: bval-parent (Parent POM)"? (org.apache.bval:bval-parent) 1.0.1-SNAPSHOT: : - [INFO] Transforming 'Apache BVal :: bval-parent (Parent POM)'... -``` - - *If you cancel a release:prepare before it updates the pom.xml versions, - then use the `release:clean` goal to just remove the extra files that were - created.* + The dry run will not commit any changes back to GIT and gives you the + opportunity to verify that the release process will complete as expected. + You will be prompted for the following information : + 1. Release version - take the default - (default 1.0) + 1. SCM release tag - take the default - (default 1.0) + 1. New development version - take the default - (default 1.0.1-SNAPSHOT) + 1. *optional* if you have not specified a GPG passphrase in settings.xml + you will be prompted for it: + + ```sh + mvn -Papache-release release:prepare -DdryRun=true + ``` + + Sample output: + + ```text + [INFO] Working directory: /Users/drwoods/bval/1.0-rc1 + [INFO] Checking dependencies and plugins for snapshots ... + What is the release version for "Apache BVal :: bval-parent (Parent POM)"? (org.apache.bval:bval-parent) 1.0: : + What is SCM release tag or label for "Apache BVal :: bval-parent (Parent POM)"? (org.apache.bval:bval-parent) bval-parent-1.0: : 1.0 + What is the new development version for "Apache BVal :: bval-parent (Parent POM)"? (org.apache.bval:bval-parent) 1.0.1-SNAPSHOT: : + [INFO] Transforming 'Apache BVal :: bval-parent (Parent POM)'... + ``` + + *If you cancel a release:prepare before it updates the pom.xml versions, + then use the `release:clean` goal to just remove the extra files that were + created.* 1. Verify that the release process completed as expected: - 1. The release plugin will create `pom.xml.tag` files which contain the - changes that would have been committed to GIT. The only differences between - `pom.xml.tag` and its corresponding `pom.xml` file should be the version - number. - 1. If other formatting changes have been made you should review the changes -and then commit them: - -```sh - git commit -a -m "fixing formatting for release" & git push -``` - - 1. Assuming the `.tag` files look OK you may proceed and do any other -validation you feel necessary. The following list may be helpful: - 1. Check release.properties and make sure that the scm properties have the -right version. Sometimes the scm location can be the previous version not -the next version. - 1. [Verify signatures](#ReleaseProcess-Verifyingreleasesignatures) - 1. Once any failures or required updates have been committed to GIT, -rollback the release prepare files: - -```sh - mvn -Papache-release release:rollback -``` + 1. The release plugin will create `pom.xml.tag` files which contain the + changes that would have been committed to GIT. The only differences between + `pom.xml.tag` and its corresponding `pom.xml` file should be the version + number. + 1. If other formatting changes have been made you should review the changes + and then commit them: + + ```sh + git commit -a -m "fixing formatting for release" & git push + ``` + + 1. Assuming the `.tag` files look OK you may proceed and do any other + validation you feel necessary. The following list may be helpful: + 1. Check release.properties and make sure that the scm properties have the + right version. Sometimes the scm location can be the previous version not + the next version. + 1. [Verify signatures](#ReleaseProcess-Verifyingreleasesignatures) + 1. Once any failures or required updates have been committed to GIT, + rollback the release prepare files: + + ```sh + mvn -Papache-release release:rollback + ``` 1. Prepare the release - Run the `release:prepare` step for real this time. You'll be prompted -for the same version information and optionally your GPG passphrase again. + Run the `release:prepare` step for real this time. You'll be prompted + for the same version information and optionally your GPG passphrase again. - **Different arguments and steps are required as there are problems with -the maven-jar-plugin and maven-release-plugin when using the test-jar goal. -See [http://jira.codehaus.org/browse/MJAR-68](http://jira.codehaus.org/browse/MJAR-68) -and [http://jira.codehaus.org/browse/MRELEASE-285](http://jira.codehaus.org/browse/MRELEASE-285).** + **Different arguments and steps are required as there are problems with + the maven-jar-plugin and maven-release-plugin when using the test-jar goal. + See [http://jira.codehaus.org/browse/MJAR-68](http://jira.codehaus.org/browse/MJAR-68) + and [http://jira.codehaus.org/browse/MRELEASE-285](http://jira.codehaus.org/browse/MRELEASE-285).** -```sh - mvn -Papache-release release:prepare -``` + ```sh + mvn -Papache-release release:prepare + ``` 1. Backup (zip or tar) your local release candidate directory in case you -need to rollback the release after the next step is performed. + need to rollback the release after the next step is performed. -```sh - cd .. - tar -czf 1.0-rc1.tar.gz 1.0-rc1/ - cd 1.0-rc1 -``` + ```sh + cd .. + tar -czf 1.0-rc1.tar.gz 1.0-rc1/ + cd 1.0-rc1 + ``` 1. Perform the release: - 1. This step will create a maven staging repository and site for use in - testing and voting. You will be prompted for your **repository.apache.org** - and **people.apache.org** password several times if you have not added - server profiles to your `settings.xml`. - See [Release Setup](/release-setup.html) for more information. + 1. This step will create a maven staging repository and site for use in + testing and voting. You will be prompted for your **repository.apache.org** + and **people.apache.org** password several times if you have not added + server profiles to your `settings.xml`. + See [Release Setup](/release-setup.html) for more information. -```sh - mvn -Papache-release release:perform [-Duser.name=<your_apache_uid>] -``` + ```sh + mvn -Papache-release release:perform [-Duser.name=<your_apache_uid>] + ``` 1. Verify the release artifacts: - 1. Verify the staged artifacts in the nexus repo: - 1. [https://repository.apache.org/index.html](https://repository.apache.org/index.html) - 1. **Build Promotion --> Staging Repositories** - 1. Navigate through the artifact tree and make sure that all binary, `javadoc`, + 1. Verify the staged artifacts in the nexus repo: + 1. [https://repository.apache.org/index.html](https://repository.apache.org/index.html) + 1. **Build Promotion --> Staging Repositories** + 1. Navigate through the artifact tree and make sure that all binary, `javadoc`, `sources`, and `tests` jars, as well as `pom`s, ... have `.asc` (GPG signature) and `.md5` - files (see [Repository FAQ][] and [Detached Signatures][]). The `source-release.zip` of `bval-parent` + files (see [Repository FAQ][] and [Detached Signatures][]). The `source-release.zip` of `bval-parent` should likewise have signature and checksum files. - 1. Upload the source artifacts to the dev dist area via SVN at - `https://dist.apache.org/repos/dist/dev/bval/<version>/source` - (./target/bval-parent-<version>-source-release.zip and the .asc + .sha512 file) - 1. Check out the newly created tag and build the site using `mvn post-site`. - 1. Verify the HTML links in `target/staging/index.html` are correct - 1. Commit the contents of `target/staging` to `https://dist.apache.org/repos/dist/dev/bval/<version>/site/` - 1. Close the nexus staging repo: - 1. [https://repository.apache.org/index.html](https://repository.apache.org/index.html) - 1. **Build Promotion --> Staging Repositories** - 1. Click the checkbox to select the open `org.apache.bval-XXX` staging repo, + 1. Upload the source artifacts to the dev dist area via SVN at + `https://dist.apache.org/repos/dist/dev/bval/<version>/source` + (./target/bval-parent-<version>-source-release.zip and the .asc + .sha512 file) + 1. Check out the newly created tag and build the site using `mvn post-site`. + 1. Verify the HTML links in `target/staging/index.html` are correct + 1. Commit the contents of `target/staging` to `https://dist.apache.org/repos/dist/dev/bval/<version>/site/` + 1. Close the nexus staging repo: + 1. [https://repository.apache.org/index.html](https://repository.apache.org/index.html) + 1. **Build Promotion --> Staging Repositories** + 1. Click the checkbox to select the open `org.apache.bval-XXX` staging repo, then click the **Close** button on the toolbar above. 1. Put the release candidate up for a vote: - 1. Create a `VOTE` email thread on [bval-dev](mailto:[email protected]) to record votes as replies, e.g.: + 1. Create a `VOTE` email thread on [bval-dev](mailto:[email protected]) to record votes as replies, e.g.: -```text - To: [email protected] - Subject: [VOTE] Apache BVal <version> Release Candidate + ```text + To: [email protected] + Subject: [VOTE] Apache BVal <version> Release Candidate - I've created a <version> release candidate, with the following artifacts up for a vote: + I've created a <version> release candidate, with the following artifacts up for a vote: - Git source tag: - https://gitbox.apache.org/repos/asf?p=bval.git;a=tags + Git source tag: + https://gitbox.apache.org/repos/asf?p=bval.git;a=tags - Maven staging repo: - https://repository.apache.org/content/repositories/orgapachebval-020/ + Maven staging repo: + https://repository.apache.org/content/repositories/orgapachebval-020/ - Source release: - https://dist.apache.org/repos/dist/dev/bval/2.0.0-RC1 (r9999) + Source release: + https://dist.apache.org/repos/dist/dev/bval/2.0.0-RC1 (r9999) - Generated site: - https://dist.apache.org/repos/dist/dev/bval/2.0.0-RC1/site/index.html + Generated site: + https://dist.apache.org/repos/dist/dev/bval/2.0.0-RC1/site/index.html - PGP release keys: - http://www.apache.org/dist/bval/KEYS + PGP release keys: + http://www.apache.org/dist/bval/KEYS - The vote will be open for at least 72 hours. + The vote will be open for at least 72 hours. - [ ] +1 approve - [ ] +0 no opinion - [ ] -1 disapprove (and reason why) -``` + [ ] +1 approve + [ ] +0 no opinion + [ ] -1 disapprove (and reason why) + ``` - 1. Create a DISCUSS email thread on bval-dev@ for any vote questions, e.g.: + 1. Create a DISCUSS email thread on bval-dev@ for any vote questions, e.g.: -```text - To: [email protected] - Subject: [DISCUSS] Apache BVal <version> Release Candidate + ```text + To: [email protected] + Subject: [DISCUSS] Apache BVal <version> Release Candidate - Discussion thread for vote on <version> release candidate, with GIT source tag (r9999999). + Discussion thread for vote on <version> release candidate, with GIT source tag (r9999999). - For more information on the release process, check out http://www.apache.org/dev/release.html . + For more information on the release process, check out http://www.apache.org/dev/release.html . - Some of the things to check before voting are: - - does "mvn apache-rat:check" pass on the source - - can you build the contents of source-release.zip and GIT tag - - do all of the staged jars/zips contain the required LICENSE and NOTICE files - - are all of the staged jars signed and the signature verifiable - - is the signing key in the project's KEYS file and on a public server (i.e. http://www.apache.org/dist/bval/) - - does the release pass the TCK -``` + Some of the things to check before voting are: + - does "mvn apache-rat:check" pass on the source + - can you build the contents of source-release.zip and GIT tag + - do all of the staged jars/zips contain the required LICENSE and NOTICE files + - are all of the staged jars signed and the signature verifiable + - is the signing key in the project's KEYS file and on a public server (i.e. http://www.apache.org/dist/bval/) + - does the release pass the TCK + ``` - 1. Perform a review of the release and cast your vote. For more details - on Apache releases see - [http://www.apache.org/dev/release.html](http://www.apache.org/dev/release.html). - 1. A -1 vote does not necessarily mean that the vote must be redone, -however it is usually a good idea to rollback the release if a -1 vote is -received (see [Recovering from a vetoed release](#ReleaseProcess-RecoveringFromAVetoedRelease). - 1. After the vote has been open for at least 72 hours, has at least three -+1 PMC votes and no -1 votes, then post the results to the vote thread: - 1. Reply to the initial email prepending `[RESULT]` to the original subject - 1. Include a list of every binding +1, 0 or -1 vote. - 1. Example: - - The vote has passed with the following results: + 1. Perform a review of the release and cast your vote. For more details + on Apache releases see + [http://www.apache.org/dev/release.html](http://www.apache.org/dev/release.html). + 1. A -1 vote does not necessarily mean that the vote must be redone, + however it is usually a good idea to rollback the release if a -1 vote is + received (see [Recovering from a vetoed release](#ReleaseProcess-RecoveringFromAVetoedRelease). + 1. After the vote has been open for at least 72 hours, has at least three + +1 PMC votes and no -1 votes, then post the results to the vote thread: + 1. Reply to the initial email prepending `[RESULT]` to the original subject + 1. Include a list of every binding +1, 0 or -1 vote. + 1. Example: + + The vote has passed with the following results: - +1 - name1 (binding) - name2 (binding) - name3 (binding) - name4 (non-binding) + +1 + name1 (binding) + name2 (binding) + name3 (binding) + name4 (non-binding) - I will proceed with the next steps. + I will proceed with the next steps. - Best regards, - name + Best regards, + name 1. Finalizing a release - 1. Promote the staged nexus artifacts: - 1. [https://repository.apache.org/index.html](https://repository.apache.org/index.html) - 1. **Build Promotion --> Staging Repositories** - 1. Right click on the closed `org.apache.bval-XXX` staging repo and select **Release**. + 1. Promote the staged nexus artifacts: + 1. [https://repository.apache.org/index.html](https://repository.apache.org/index.html) + 1. **Build Promotion --> Staging Repositories** + 1. Right click on the closed `org.apache.bval-XXX` staging repo and select **Release**. - 1. Update the generated portion of the website: - 1. `mvn site-deploy` from the tag checkout - 1. Remove staged site from https://dist.apache.org/repos/dist/dev/bval . + 1. Update the generated portion of the website: + 1. `mvn site-deploy` from the tag checkout + 1. Remove staged site from https://dist.apache.org/repos/dist/dev/bval . - 1. Add the distribution artifacts to the distribution area: - Move source archives staged to https://dist.apache.org/repos/dist/dev/bval/source to - https://dist.apache.org/repos/dist/release/bval . Commit changes in both locations. + 1. Add the distribution artifacts to the distribution area: + Move source archives staged to https://dist.apache.org/repos/dist/dev/bval/source to + https://dist.apache.org/repos/dist/release/bval . Commit changes in both locations. - 1. Update the *Downloads* page of the website via the CMS to point to the new release artifacts: + 1. Update the *Downloads* page of the website via the CMS to point to the new release artifacts: -```text - http://www.apache.org/dyn/closer.cgi/bval/$ {project.version}/ - http://repo1.maven.org/maven2/org/apache/bval/$ {artifactId}/${project.version}/ -``` + ```text + http://www.apache.org/dyn/closer.cgi/bval/$ {project.version}/ + http://repo1.maven.org/maven2/org/apache/bval/$ {artifactId}/${project.version}/ + ``` - 1. Update the [JIRA versions](https://issues.apache.org/jira/plugins/servlet/project-config/BVAL/versions) - page to mark the version as **Released**, and set the date to the date that - the release was approved. You may also need to make a new release entry for - the next release. + 1. Update the [JIRA versions](https://issues.apache.org/jira/plugins/servlet/project-config/BVAL/versions) + page to mark the version as **Released**, and set the date to the date that + the release was approved. You may also need to make a new release entry for + the next release. 1. Announcing the release - 1. After the mirrors have had time to update (24 hours to be on the safe - side) update the wiki with pointers to the new release. - 1. Make an announcement about the release on the - [bval-user](mailto:[email protected]), - [bval-dev](mailto:[email protected]), and - [[email protected]](mailto:[email protected]) lists as per - [the Apache Announcement Mailing Lists page](http://www.apache.org/foundation/mailinglists.html#foundation-announce]) + 1. After the mirrors have had time to update (24 hours to be on the safe + side) update the wiki with pointers to the new release. + 1. Make an announcement about the release on the + [bval-user](mailto:[email protected]), + [bval-dev](mailto:[email protected]), and + [[email protected]](mailto:[email protected]) lists as per + [the Apache Announcement Mailing Lists page](http://www.apache.org/foundation/mailinglists.html#foundation-announce]) -```text - To: [email protected], [email protected], [email protected] - Subject: [ANNOUNCEMENT] Apache BVal <version> Released + ```text + To: [email protected], [email protected], [email protected] + Subject: [ANNOUNCEMENT] Apache BVal <version> Released - The Apache BVal team is pleased to announce the release of: + The Apache BVal team is pleased to announce the release of: - Apache BVal <version> + Apache BVal <version> - Apache BVal delivers an implementation of the Java Bean Validation - specification 2.0. The following changes are included in this release: + Apache BVal delivers an implementation of the Java Bean Validation + specification 2.0. The following changes are included in this release: - <changelist> + <changelist> - Distribution packages can be downloaded from: - http://bval.apache.org/downloads.html + Distribution packages can be downloaded from: + http://bval.apache.org/downloads.html - When downloading, please verify signatures using the KEYS file available at: - http://www.apache.org/dist/bval/ + When downloading, please verify signatures using the KEYS file available at: + http://www.apache.org/dist/bval/ - The release is also available in the central Maven repository: - http://repo1.maven.org/maven2/org/apache/bval/ + The release is also available in the central Maven repository: + http://repo1.maven.org/maven2/org/apache/bval/ - The Apache BVal Team -``` + The Apache BVal Team + ``` <a name="ReleaseProcess-RecoveringFromAVetoedRelease"></a> ### Recovering from a vetoed release 1. Reply to the initial vote email prepending `[CANCELED]` to the original subject. 1. Rollback the version upgrades in trunk by *either*: - 1. Restore the 0.1-rc1.tar.gz and run + 1. Restore the 0.1-rc1.tar.gz and run -```sh - mvn -Papache-release release:rollback -``` + ```sh + mvn -Papache-release release:rollback + ``` - , *or*: + , *or*: - 1. Manually revert the versions in trunk to the prior version and commit + 1. Manually revert the versions in trunk to the prior version and commit 1. Delete the git tag created by the `release:perform` step. 1. Drop the nexus staging repo: - 1. [https://repository.apache.org/index.html](https://repository.apache.org/index.html) - 1. **Enterprise --> Staging** - 1. **Staging tab --> Name column --> org.apache.bval** - 1. Right click on the closed `org.apache.bval-XXX` staging repo and select **Drop**. + 1. [https://repository.apache.org/index.html](https://repository.apache.org/index.html) + 1. **Enterprise --> Staging** + 1. **Staging tab --> Name column --> org.apache.bval** + 1. Right click on the closed `org.apache.bval-XXX` staging repo and select **Drop**. 1. Remove the staged site from the dev dist repo. 1. Make the required updates that caused the vote to be canceled. 1. Spin another release candidate! @@ -318,17 +316,17 @@ received (see [Recovering from a vetoed release](#ReleaseProcess-RecoveringFromA On unix platforms the following command can be executed: ```sh - for file in `find . -type f -iname '*.asc'` - do - gpg --verify $ {file} - done +for file in `find . -type f -iname '*.asc'` +do + gpg --verify $ {file} +done ``` You'll need to look at the output to ensure it contains only good signatures: ```text - gpg: Good signature from ... - gpg: Signature made ... +gpg: Good signature from ... +gpg: Signature made ... ``` [Release Setup]: /release-setup.html diff --git a/content/release-setup.md b/content/release-setup.md index e6f0e48..d4aabc6 100644 --- a/content/release-setup.md +++ b/content/release-setup.md @@ -10,121 +10,119 @@ These setup steps only need to be performed on a particular machine once. 1. Open a shell window. If using Windows, open a cygwin window. 1. Use `ssh-keygen` to create an SSH key. - *Note*: Follow the latest steps and guides on the ASF website at - <http://www.apache.org/dev/openpgp.html#generate-key> - as you need to disable using SHA1 and new keys should be 4096 bits. + *Note*: Follow the latest steps and guides on the ASF website at + <http://www.apache.org/dev/openpgp.html#generate-key> + as you need to disable using SHA1 and new keys should be 4096 bits. -```sh - ssh-keygen -t dsa -b 4096 -``` + ```sh + ssh-keygen -t dsa -b 4096 + ``` - Program defaults should be fine. No passphrase is required for the `ssh` - key generation. The keys will be saved in `~/.ssh/id_dsa` (private) and - `~/.ssh/id_dsa.pub` (public). + Program defaults should be fine. No passphrase is required for the `ssh` + key generation. The keys will be saved in `~/.ssh/id_dsa` (private) and + `~/.ssh/id_dsa.pub` (public). - *See [Authenticating By Public Key (OpenSSH)](http://www.networknewz.com/networknewz-10-20030707AuthenticatingbyPublicKeyOpenSSH.html) - for a good description on why and how to perform this task.* + *See [Authenticating By Public Key (OpenSSH)](http://www.networknewz.com/networknewz-10-20030707AuthenticatingbyPublicKeyOpenSSH.html) + for a good description on why and how to perform this task.* 1. `scpl` your SSH public key `~/.ssh/id_dsa.pub` created in last step to - `~/id_dsa.pub` on `people.apache.org`: + `~/id_dsa.pub` on `people.apache.org`: -```sh - cd ~/.ssh - scp id_dsa.pub <your userid>@people.apache.org:id_dsa.pub -``` + ```sh + cd ~/.ssh + scp id_dsa.pub <your userid>@people.apache.org:id_dsa.pub + ``` - You will be prompted for your password. + You will be prompted for your password. 1. Use `ssh` to log into `people.apache.org`: -```sh - cd ~ - ssh <your userid>@people.apache.org -``` + ```sh + cd ~ + ssh <your userid>@people.apache.org + ``` - At this point, you will still be prompted for your password. + At this point, you will still be prompted for your password. 1. Create a `.ssh` folder in your home directory (`~`) on `people.apache.org` and - change its file mode to `700` - (owner read/write/execute, no permissions granted to anyone else): + change its file mode to `700` + (owner read/write/execute, no permissions granted to anyone else): -```sh - mkdir ~/.ssh - chmod 700 ~/.ssh -``` + ```sh + mkdir ~/.ssh + chmod 700 ~/.ssh + ``` 1. Move or append `~/id_dsa.pub` to `~/.ssh/authorized_keys` and change its file -mode to `600` (owner read/write, no permissions granted to anyone else): + mode to `600` (owner read/write, no permissions granted to anyone else): -```sh - mv ~/id_dsa.pub ~/.ssh/authorized_keys - chmod 600 ~/.ssh/authorized_keys -``` + ```sh + mv ~/id_dsa.pub ~/.ssh/authorized_keys + chmod 600 ~/.ssh/authorized_keys + ``` - Each public key in the `authorized_keys` file spans only one line, e.g.: + Each public key in the `authorized_keys` file spans only one line, e.g.: -```text - ssh-dss AAAAB3NzaC1kc3MAAA ..... agBmmfZ9uAbSqA==dsa-key-20071107 -``` + ```text + ssh-dss AAAAB3NzaC1kc3MAAA ..... agBmmfZ9uAbSqA==dsa-key-20071107 + ``` - (any line with `'#'` in the first column is a comment line) + (any line with `'#'` in the first column is a comment line) 1. Exit out of this `ssh` session. 1. Start a new `ssh` session. No login should be required this time due to - the private key on your local box matching up with the public key - in your home directory (`~/.ssh`): + the private key on your local box matching up with the public key + in your home directory (`~/.ssh`): -```sh - ssh $ {USER}@people.apache.org -``` + ```sh + ssh $ {USER}@people.apache.org + ``` - If you are still prompted for a password, then you have not set up the - keys properly. Review the steps above and ensure that all of the steps - were followed properly. Or, maybe the instructions are still not quite - right and they still need some adjusting. In that case, please update the - instructions accordingly. :-) + If you are still prompted for a password, then you have not set up the + keys properly. Review the steps above and ensure that all of the steps + were followed properly. Or, maybe the instructions are still not quite + right and they still need some adjusting. In that case, please update the + instructions accordingly. :-) <a name="ReleaseSetup-CreateaGPGkey"></a> ### Create a GPG key 1. Open a shell window. If using Windows, open a cygwin window. 1. Generate a key-pair with `gpg`, using default key kind ("DSA and Elgamal") -and ELG-E keys size (2048). + and ELG-E keys size (2048). -```sh - gpg --gen-key -``` + ```sh + gpg --gen-key + ``` - The program's default values should be fine. For the "Real Name" enter - your full name (ie. Stan Programmer). For the "e-mail address" enter your - apache address (ie. [email protected]). You will also be required to - enter a "passphrase" for the GPG key generation. Keep track of this as you - will need this for the Release processing. + The program's default values should be fine. For the "Real Name" enter + your full name (ie. Stan Programmer). For the "e-mail address" enter your + apache address (ie. [email protected]). You will also be required to + enter a "passphrase" for the GPG key generation. Keep track of this as you + will need this for the Release processing. - *The generated keys are stored in `$HOME/.gnupg` or `%HOME%\Application -Data\gnupg` directory.* - *Save the content in this directory to a safe medium. This contains your -private key used to sign all the BVal release materials.* + *The generated keys are stored in `$HOME/.gnupg` or `%HOME%\Application Data\gnupg` directory.* + *Save the content in this directory to a safe medium. This contains your private key used to sign all the BVal release materials.* 1. Back up your cygwin home directory to some other medium. 1. Add your public key to <https://svn.apache.org/repos/asf/bval/KEYS> - and <http://www.apache.org/dist/bval/KEYS>. See the commands -described at the beginning of this KEYS file to perform this task. The gpg -key-pair is used to sign the published artifacts for the BVAL releases. + and <http://www.apache.org/dist/bval/KEYS>. See the commands + described at the beginning of this KEYS file to perform this task. The gpg + key-pair is used to sign the published artifacts for the BVAL releases. -```sh - gpg --list-sigs <Real Name> && gpg --armor -- export <Real Name> -``` + ```sh + gpg --list-sigs <Real Name> && gpg --armor -- export <Real Name> + ``` - *The <https://svn.apache.org/repos/asf/bval/KEYS> - file is updated via normal svn commit procedures. The one at - <http://www.apache.org/dist/bval/KEYS> must be manually updated from svn.* + *The <https://svn.apache.org/repos/asf/bval/KEYS> + file is updated via normal svn commit procedures. The one at + <http://www.apache.org/dist/bval/KEYS> must be manually updated from svn.* 1. Submit your public key to a key server, e.g. <http://pgp.surfnet.nl:11371/> - or <http://pgp.mit.edu/>. + or <http://pgp.mit.edu/>. 1. Following the instructions in <http://people.apache.org/~henkp/trust/> and - ask multiple (at least 3) current Apache committers to sign your public key. + ask multiple (at least 3) current Apache committers to sign your public key. <a name="ReleaseSetup-UpdateMavensettingsforourservers"></a> ### Update Maven settings for our servers @@ -132,40 +130,40 @@ key-pair is used to sign the published artifacts for the BVAL releases. Create a `settings.xml` under `.m2`: ```xml - <settings xmlns="http://maven.apache.org/POM/4.0.0"; - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; - xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/settings-1.0.0.xsd";> - <servers> - <!-- SCP settings for people.apache.org --> - <server> - <id>people.apache.org</id> - <username>$USERNAME</username> - <privateKey>$PATH_TO_PRIVATE_KEY</privateKey> - <passphrase>$SSH_PASSPHRASE</passphrase> - <directoryPermissions>775</directoryPermissions> - <filePermissions>644</filePermissions> - <!-- following is only for Windows only - <configuration> - <sshExecutable>plink</sshExecutable> - <scpExecutable>pscp</scpExecutable> - <scpArgs>-2Bp</scpArgs> - <sshArgs>-2</sshArgs> - </configuration> - --> - </server> - <!-- ASF Nexus settings --> - <server> - <id>apache.snapshots.https</id> - <username>$USERNAME</username> - <password>$APACHE_LDAP_PWD</password> - </server> - <server> - <id>apache.releases.https</id> - <username>$USERNAME</username> - <password>$APACHE_LDAP_PWD</password> - </server> - </servers> - </settings> +<settings xmlns="http://maven.apache.org/POM/4.0.0"; + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/settings-1.0.0.xsd";> + <servers> + <!-- SCP settings for people.apache.org --> + <server> + <id>people.apache.org</id> + <username>$USERNAME</username> + <privateKey>$PATH_TO_PRIVATE_KEY</privateKey> + <passphrase>$SSH_PASSPHRASE</passphrase> + <directoryPermissions>775</directoryPermissions> + <filePermissions>644</filePermissions> + <!-- following is only for Windows only + <configuration> + <sshExecutable>plink</sshExecutable> + <scpExecutable>pscp</scpExecutable> + <scpArgs>-2Bp</scpArgs> + <sshArgs>-2</sshArgs> + </configuration> + --> + </server> + <!-- ASF Nexus settings --> + <server> + <id>apache.snapshots.https</id> + <username>$USERNAME</username> + <password>$APACHE_LDAP_PWD</password> + </server> + <server> + <id>apache.releases.https</id> + <username>$USERNAME</username> + <password>$APACHE_LDAP_PWD</password> + </server> + </servers> +</settings> ``` Notes: @@ -173,13 +171,13 @@ Notes: * *`$USERNAME` is the remote username on `people.apache.org`, not necessarily your local userid.* * *`$PATH_TO_PRIVATE_KEY` is the path to the private `ssh` key generated, e.g. -`/home/yourLocalUserId/.ssh/id_dsa`. For cygwin users, -you will need to enter the full cygwin path: -`/cygdrive/c/cygwin/home/yourLocalUserId/.ssh/id_dsa`.* + `/home/yourLocalUserId/.ssh/id_dsa`. For cygwin users, + you will need to enter the full cygwin path: + `/cygdrive/c/cygwin/home/yourLocalUserId/.ssh/id_dsa`.* * *`$SSH_PASSPHRASE` for the supplied `$PATH_TO_PRIVATE_KEY`. If you -don't use this in your `settings.xml` file, then you will be prompted for it -during the Release processing.* + don't use this in your `settings.xml` file, then you will be prompted for it + during the Release processing.* * *`$APACHE_LDAP_PWD` is your Apache LDAP password, which is shared -between SVN and password login for `people.apache.org`.* + between SVN and password login for `people.apache.org`.* [cygwin]: http://www.cygwin.com/ diff --git a/theme/apache/templates/base.html b/theme/apache/templates/base.html index 0726dc5..fa82182 100644 --- a/theme/apache/templates/base.html +++ b/theme/apache/templates/base.html @@ -40,6 +40,7 @@ under the License. padding-top: 60px; padding-bottom: 40px; } + {% include "styles.css" %} </style> <link href="{{base}}resources/css/bootstrap-responsive.css" rel="stylesheet"> <link href="{{base}}resources/css/bval.css" rel="stylesheet"> @@ -130,7 +131,7 @@ under the License. <div class="container"> <footer> - <p>Copyright © 2010-2020 The Apache Software Foundation. Licensed under <a href="https://www.apache.org/licenses/LICENSE-2.0";>Apache License 2.0</a>. + <p>Copyright © 2010-{{CURRENTYEAR}} The Apache Software Foundation. Licensed under <a href="https://www.apache.org/licenses/LICENSE-2.0";>Apache License 2.0</a>. View our <a href="{{base}}privacy-policy.html">privacy policy</a>. </p> <p>Apache and the Apache feather logo are trademarks of The Apache Software Foundation. Other names may be trademarks of their respective owners. diff --git a/theme/apache/templates/styles.css b/theme/apache/templates/styles.css new file mode 100644 index 0000000..7cc7771 --- /dev/null +++ b/theme/apache/templates/styles.css @@ -0,0 +1,6 @@ +.headerlink { + visibility: hidden; +} +dt:hover > .headerlink, p:hover > .headerlink, td:hover > .headerlink, h1:hover > .headerlink, h2:hover > .headerlink, h3:hover > .headerlink, h4:hover > .headerlink, h5:hover > .headerlink, h6:hover > .headerlink { + visibility: visible +}
