This is an automated email from the ASF dual-hosted git repository. danhaywood pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/isis.git
commit 5d0b748034ebd7a11e64a6860562780434b87484 Author: Dan Haywood <[email protected]> AuthorDate: Mon Sep 26 10:05:22 2022 +0100 ISIS-2965: improve release docs --- .../modules/ROOT/pages/cutting-a-release.adoc | 79 ++++++++++++++++++++-- 1 file changed, 75 insertions(+), 4 deletions(-) diff --git a/antora/components/comguide/modules/ROOT/pages/cutting-a-release.adoc b/antora/components/comguide/modules/ROOT/pages/cutting-a-release.adoc index ad7ff9e9d4..f7ae847a3d 100644 --- a/antora/components/comguide/modules/ROOT/pages/cutting-a-release.adoc +++ b/antora/components/comguide/modules/ROOT/pages/cutting-a-release.adoc @@ -332,14 +332,85 @@ git clean -dfx .. Since the `<version>` has already been updated, we just use `mvn deploy` to upload the artifacts. We activate the (inherited) `apache-release` profile to bring in the `gpg` plugin for code signing. +==== Prerequisites + [WARNING] ==== -make sure that the version of `gpg` on the `$PATH` is correct. +Make sure that the version of `gpg` on the `$PATH` is correct, because the configuration in the `pom.xml` assumes `gpg` v2.0, rather than v2.1+. + +The older version of `gpg` picks up the secret keys from `pubring.gpg` and `secring.gpg` (and does not use an agent); the newer version uses rather than `pubring.pbx`. + +For myself, I hit issues running on Windows under git-bash, because it picked up git's version of `gpg` in `/usr/bin`, which is `gpg` v2.1. -I hit issues running on Windows under git-bash, as I was picking up git's version of gpg in `/usr/bin/gpg`. -I sorted the issue eventually by running under Powershell, to pick up my gpg4Win. ==== +If on Windows, we recommend you build under Powershell rather than git-bash, which means there are some prerequisites: + +* install the correct version of choco: ++ +[source,powershell] +---- +choco install gnupg -version 2.3.7 +---- ++ +so that ++ +[source,powershell] +---- +gpg --version +---- ++ +returns: ++ +[source,powershell] +---- +gpg (GnuPG) 2.0.30 (Gpg4win 2.3.4) +... +Home: C:/Users/xxx/AppData/Roaming/gnupg +... +Compression: Uncompressed, ZIP, ZLIB, BZIP2 +---- + +* ensure your public key is installed in `pubring.gpg`: ++ +[source,powershell] +---- +gpg --list-keys +---- ++ +returns: ++ +[source,powershell] +---- +C:/Users/dan/AppData/Roaming/gnupg/pubring.gpg +---------------------------------------------- +... +pub 4096R/77AD2E23 2011-02-01 +uid [ultimate] Dan Haywood (CODE SIGNING KEY) <[email protected]> +... +---- + +* ensure your secret key is installed in `secring.gpg`: ++ +[source,powershell] +---- +gpg --list-secret-keys +---- ++ +returns: ++ +[source,powershell] +---- +C:/Users/dan/AppData/Roaming/gnupg/secring.gpg +---------------------------------------------- +... +sec 4096R/77AD2E23 2011-02-01 +uid Dan Haywood (CODE SIGNING KEY) <[email protected]> +... +---- + +==== Perform the deploy + The build creates a zip of the directory, so before executing the release we remove any other files. Still in the `bom` directory, we deploy (upload the artifacts) using: @@ -366,7 +437,7 @@ git tag $ISISART-$ISISREL-$ISISRC === Check/Close Staging Repo -The `mvn deploy` commands will have uploaded all of the release artifacts into a newly created staging repository on the ASF Nexus repository server. +The `mvn deploy` commands will have uploaded all the release artifacts into a newly created staging repository on the ASF Nexus repository server. Log onto https://repository.apache.org[repository.apache.org] (using your ASF LDAP account):
